www.group-ib.com Open in urlscan Pro
3.72.181.255 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.group-ib.com/blog/api-security-best-practices/
Submission: On May 30 via api (May 30th 2023, 9:58:11 am UTC) from US — Scanned from DE

Summary HTTP 135 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 33 IPs in 2 countries across 26 domains to perform 135 HTTP transactions. The main IP is 3.72.181.255, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.group-ib.com. The Cisco Umbrella rank of the primary domain is 872749.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 28th 2022. Valid for: a year.

This is the only time www.group-ib.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	3.72.181.255 3.72.181.255	16509 (AMAZON-02) (AMAZON-02)
2	3.72.191.153 3.72.191.153	16509 (AMAZON-02) (AMAZON-02)
33	2600:9000:225... 2600:9000:225b:1800:9:7af6:1700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	172.65.255.172 172.65.255.172	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.208.22 172.65.208.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
7	172.65.232.43 172.65.232.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.219.229 172.65.219.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.65.192.122 172.65.192.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.202.201 172.65.202.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.238.60 172.65.238.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
5 13	2a02:6b8::1:119 2a02:6b8::1:119	() ()
1	2606:4700::68... 2606:4700::6811:d5f3	() ()
6 6	2620:1ec:21::14 2620:1ec:21::14	() ()
2	13.107.42.14 13.107.42.14	() ()
8	2.16.187.155 2.16.187.155	() ()
1	146.75.120.157 146.75.120.157	() ()
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	() ()
1	13.225.78.65 13.225.78.65	() ()
1	2606:4700::68... 2606:4700::6810:a852	() ()
1	2a06:98c1:320... 2a06:98c1:3200::90:0	() ()
3	2a00:1450:400... 2a00:1450:400c:c0d::9b	() ()
3	107.21.40.231 107.21.40.231	() ()
3	2a00:1450:400... 2a00:1450:4001:808::2004	() ()
4	2a00:1450:400... 2a00:1450:4001:829::2003	() ()
1	2a02:26f0:480... 2a02:26f0:480:23::1726:62a7	() ()
1	104.244.42.5 104.244.42.5	() ()
1	104.244.42.131 104.244.42.131	() ()
1	2001:4860:480... 2001:4860:4802:32::36	() ()
4	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	() ()
1	2a00:1450:400... 2a00:1450:4001:80b::2002	() ()
7	172.65.240.166 172.65.240.166	() ()
135	33

20 3.72.181.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

www.group-ib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.72.191.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-191-153.eu-central-1.compute.amazonaws.com

fhp-aws-antibot-back.group-ib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2600:9000:225b:1800:9:7af6:1700:93a1 (United States)

ASN16509 (AMAZON-02, US)

website.cdn.group-ib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.255.172 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.65.232.43 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-eu1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.219.229 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.192.122 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:6b8::1:119 (None, ) 5 redirects

ASN- ()

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d5f3 (None, )

ASN- ()

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (None, ) 6 redirects

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.107.42.14 (None, )

ASN- ()

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.16.187.155 (None, )

ASN- ()

j.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (None, )

ASN- ()

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (None, )

ASN- ()

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.65 (None, )

ASN- ()

cdn.neverbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (None, )

ASN- ()

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3200::90:0 (None, )

ASN- ()

api-eu1.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0d::9b (None, )

ASN- ()

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.21.40.231 (None, )

ASN- ()

api.neverbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2004 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (None, )

ASN- ()

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:23::1726:62a7 (None, )

ASN- ()

ipv6.6sc.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (None, )

ASN- ()

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (None, )

ASN- ()

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (None, )

ASN- ()

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:181:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.65.240.166 (None, )

ASN- ()

track-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	group-ib.com www.group-ib.com — Cisco Umbrella Rank: 872749 fhp-aws-antibot-back.group-ib.com website.cdn.group-ib.com	1 MB
10	yandex.com 3 redirects mc.yandex.com	3 KB
9	6sc.co j.6sc.co c.6sc.co ipv6.6sc.co b.6sc.co	14 KB
8	linkedin.com 6 redirects px.ads.linkedin.com px4.ads.linkedin.com www.linkedin.com	5 KB
8	hsforms.com forms-eu1.hsforms.com — Cisco Umbrella Rank: 30748 forms.hsforms.com	35 KB
7	hubspot.com track-eu1.hubspot.com	6 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	367 KB
4	facebook.com www.facebook.com	291 B
4	google.de www.google.de	642 B
4	google.com www.google.com region1.analytics.google.com	834 B
4	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
4	neverbounce.com cdn.neverbounce.com api.neverbounce.com	30 KB
3	facebook.net connect.facebook.net	222 KB
3	yandex.ru 2 redirects mc.yandex.ru	74 KB
2	hscollectedforms.net js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 28595 forms-eu1.hscollectedforms.net	26 KB
1	twitter.com analytics.twitter.com	395 B
1	t.co t.co	376 B
1	hubapi.com api-eu1.hubapi.com	1 KB
1	zoominfo.com ws.zoominfo.com	2 KB
1	ads-twitter.com static.ads-twitter.com	15 KB
1	hs-analytics.net js-eu1.hs-analytics.net — Cisco Umbrella Rank: 17431	21 KB
1	hs-banner.com js-eu1.hs-banner.com — Cisco Umbrella Rank: 17181	64 KB
1	hsadspixel.net js-eu1.hsadspixel.net — Cisco Umbrella Rank: 28894	3 KB
1	hs-scripts.com js-eu1.hs-scripts.com — Cisco Umbrella Rank: 16053	1 KB
1	hsforms.net js-eu1.hsforms.net — Cisco Umbrella Rank: 67273	165 KB
135	26

	Domain	Requested by
33	website.cdn.group-ib.com	www.group-ib.com website.cdn.group-ib.com
20	www.group-ib.com	fhp-aws-antibot-back.group-ib.com www.group-ib.com website.cdn.group-ib.com
10	mc.yandex.com	3 redirects www.group-ib.com fhp-aws-antibot-back.group-ib.com
7	track-eu1.hubspot.com
7	forms-eu1.hsforms.com	fhp-aws-antibot-back.group-ib.com www.group-ib.com js-eu1.hscollectedforms.net
6	b.6sc.co	www.group-ib.com
5	px.ads.linkedin.com	5 redirects
5	www.google-analytics.com	www.googletagmanager.com fhp-aws-antibot-back.group-ib.com www.group-ib.com
5	www.googletagmanager.com	www.group-ib.com www.googletagmanager.com js-eu1.hsadspixel.net
4	www.facebook.com	www.group-ib.com
4	www.google.de	www.group-ib.com
3	www.google.com	www.group-ib.com
3	api.neverbounce.com	cdn.neverbounce.com
3	stats.g.doubleclick.net	fhp-aws-antibot-back.group-ib.com
3	connect.facebook.net	www.group-ib.com connect.facebook.net
3	mc.yandex.ru	2 redirects website.cdn.group-ib.com
2	px4.ads.linkedin.com	www.group-ib.com
2	fhp-aws-antibot-back.group-ib.com	www.group-ib.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	fhp-aws-antibot-back.group-ib.com
1	analytics.twitter.com	www.group-ib.com
1	t.co	www.group-ib.com
1	ipv6.6sc.co	fhp-aws-antibot-back.group-ib.com
1	c.6sc.co	fhp-aws-antibot-back.group-ib.com
1	api-eu1.hubapi.com	fhp-aws-antibot-back.group-ib.com
1	forms-eu1.hscollectedforms.net	fhp-aws-antibot-back.group-ib.com
1	www.linkedin.com	1 redirects
1	ws.zoominfo.com	www.group-ib.com
1	cdn.neverbounce.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	j.6sc.co	www.group-ib.com
1	forms.hsforms.com	www.group-ib.com
1	js-eu1.hs-analytics.net	js-eu1.hs-scripts.com
1	js-eu1.hs-banner.com	js-eu1.hs-scripts.com
1	js-eu1.hscollectedforms.net	js-eu1.hs-scripts.com
1	js-eu1.hsadspixel.net	js-eu1.hs-scripts.com
1	js-eu1.hs-scripts.com	www.group-ib.com
1	js-eu1.hsforms.net	www.group-ib.com
135	38

This site contains links to these domains. Also see Links.

Domain
trebuchet.gibthf.com
github.com
sso.group-ib.com
twitter.com
www.linkedin.com
t.me
blog.cloudflare.com
www.gartner.com
www.imperva.com
attack.mitre.org
cheatsheetseries.owasp.org
owasp.org
snyk.io
instagram.com
www.facebook.com
medium.com

Subject Issuer	Validity	Valid
www.group-ib.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-28` - `2023-06-28`	a year	crt.sh
*.group-ib.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-29` - `2023-07-04`	a year	crt.sh
website.cdn.group-ib.com Amazon RSA 2048 M01	`2023-02-22` - `2023-09-29`	7 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-03-17` - `2023-08-27`	5 months	crt.sh
6sc.co R3	`2023-05-25` - `2023-08-23`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-08` - `2023-06-06`	3 months	crt.sh
neverbounce.com Amazon RSA 2048 M02	`2023-02-13` - `2024-03-12`	a year	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2023-04-04` - `2024-04-03`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.group-ib.com/blog/api-security-best-practices/
Frame ID: 02F5148C41AE38A6AAD34B446E2D0EF5
Requests: 140 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 7BD0DB5FA212E3ED240341FC768B17DB
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E1AB7E8BA922BD9DE13DB967540E8583
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bridging the gap: How to leverage API security best practices to combat top 3 vulnerability types | Group-IB Blog

Page URL History Show full URLs

https://www.group-ib.com/blog/api-security-best-practices/ Page URL
https://www.group-ib.com/blog/api-security-best-practices/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

135
Requests

96 %
HTTPS

48 %
IPv6

26
Domains

38
Subdomains

33
IPs

2
Countries

2290 kB
Transfer

5711 kB
Size

49
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://trebuchet.gibthf.com/?tab=email&__hstc=84897990.80f4e8e38c75ff3450789a2356a539b8.1685440686111.1685440686111.1685440686111.1&__hssc=84897990.1.1685440686111&__hsfp=1944070336
Title: Email Security Assessment

Search URL Search Domain Scan URL

URL: https://trebuchet.gibthf.com/?tab=network&__hstc=84897990.80f4e8e38c75ff3450789a2356a539b8.1685440686111.1685440686111.1685440686111.1&__hssc=84897990.1.1685440686111&__hsfp=1944070336
Title: Network Protection Assessment

Search URL Search Domain Scan URL

URL: https://github.com/Group-IB/cloud_sherlock
Title: Cloud Recon Tool

Search URL Search Domain Scan URL

URL: https://sso.group-ib.com/
Title: Sign in

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Bridging%20the%20gap%3A%20How%20to%20leverage%20API%20security%20best%20practices%20to%20combat%20top%203%20vulnerability%20types%20%7C%20Group-IB%20Blog&url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&utm_source=share2
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&title=Bridging%20the%20gap%3A%20How%20to%20leverage%20API%20security%20best%20practices%20to%20combat%20top%203%20vulnerability%20types%20%7C%20Group-IB%20Blog&utm_source=share2
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://t.me/share/url?url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&text=Bridging%20the%20gap%3A%20How%20to%20leverage%20API%20security%20best%20practices%20to%20combat%20top%203%20vulnerability%20types%20%7C%20Group-IB%20Blog&utm_source=share2
Title: Telegram

Search URL Search Domain Scan URL

URL: https://blog.cloudflare.com/landscape-of-api-traffic/
Title: Cloudflare

Search URL Search Domain Scan URL

URL: https://www.gartner.com/en/webinars/4002323/api-security-protect-your-apis-from-attacks-and-data-breaches#:~:text=Gartner%20predicts%20that%20by%202022,a%20wide%20range%20of%20organizations
Title: Gartner

Search URL Search Domain Scan URL

URL: https://www.imperva.com/resources/reports/Imperva-Marsh-McLennan-Report-2022.pdf
Title: Marsh McLennan and Imperva

Search URL Search Domain Scan URL

URL: https://github.com/OWASP/API-Security/tree/master/2023/en/src
Title: Open Web Application Security Project

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1110/
Title: brute forcing

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1110/003/
Title: password spraying

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/techniques/T1110/004/
Title: credential stuffing

Search URL Search Domain Scan URL

URL: https://cheatsheetseries.owasp.org/cheatsheets/Authentication_Cheat_Sheet.html
Title: authentication cheat sheet

Search URL Search Domain Scan URL

URL: https://github.com/OWASP/API-Security/blob/master/2019/en/src/0xa1-broken-object-level-authorization.md
Title: object

Search URL Search Domain Scan URL

URL: https://github.com/OWASP/API-Security/blob/master/2019/en/src/0xa5-broken-function-level-authorization.md
Title: function

Search URL Search Domain Scan URL

URL: https://owasp.org/www-project-web-security-testing-guide/stable/4-Web_Application_Security_Testing/10-Business_Logic_Testing/00-Introduction_to_Business_Logic
Title: OWASP Testing Guide Business Logic

Search URL Search Domain Scan URL

URL: https://snyk.io/learn/secure-sdlc/
Title: Software Security Development Life Cycle

Search URL Search Domain Scan URL

URL: https://twitter.com/GroupIB

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/organization/1382013/

Search URL Search Domain Scan URL

URL: https://instagram.com/groupibhq

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groupibHQ

Search URL Search Domain Scan URL

URL: https://t.me/Group_IB

Search URL Search Domain Scan URL

URL: https://medium.com/@groupibgib

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.group-ib.com/blog/api-security-best-practices/ Page URL
https://www.group-ib.com/blog/api-security-best-practices/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4443393&time=1685440684505&url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4443393&time=1685440684505&url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&cookiesTest=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4443393&time=1685440684505&url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&cookiesTest=true&e_ipv6=AQJ5EYt9C2s_mgAAAYhsF-T4J4e_saZ_7K2URWisuyq4e1GPaJqNjN33rGGMQy0-eQG2l0BRf8Xtkin0qlpD1F4Xa2pm1Q

Request Chain 78

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601%2C4443393&time=1685440684535&url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601%2C4443393&time=1685440684535&url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4496601%252C4443393%26time%3D1685440684535%26url%3Dhttps%253A%252F%252Fwww.group-ib.com%252Fblog%252Fapi-security-best-practices%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601%2C4443393&time=1685440684535&url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601%2C4443393&time=1685440684535&url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJlAGiVbu_eJQAAAYhsF-Yo-tquuvMRqL77j7dVr3GjgDsKDN7HwdqkbK_dEmQSQVqFQXz3d1bVL28_7OsLBYI09AHenw

Request Chain 87

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10019.scT8iraSQccebNXav3fdJnaxJMJzupHwfV22C0SA11c3R8dh1bvLNj8qvhS5fBG2.BtKZWZbpMKxcU6UDol-_TLhP2fQ%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10019.dVsHQOKi16CgjM7b-04h7JexqhLPh09MIlvhg5ZwL_fxKBFc40Vo06zQlj9j9S43a4vyzpi6OCV6WZ6eqp60utE0S5sevGhuB0DgO97uVT8%2C.fM2CSetBEcTBA7b1RJiVf1WnuPE%2C

Request Chain 113

https://mc.yandex.com/watch/26812653?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22d%2Fn%2Fq%2Fr%2Fs%2Ft%22%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A651%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1051%3Acn%3A1%3Adp%3A0%3Als%3A716715038822%3Ahid%3A720523766%3Az%3A0%3Ai%3A20230530095805%3Aet%3A1685440685%3Ac%3A1%3Arn%3A395251845%3Arqn%3A1%3Au%3A1685440685847244095%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C30%2C9%2C1%2C0%2C%2C699%2C107%2C%2C%2C%2C815%3Aco%3A0%3Acpf%3A1%3Ans%3A1685440683567%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1685440686%3At%3ABridging%20the%20gap%3A%20How%20to%20leverage%20API%20security%20best%20practices%20to%20combat%20top%203%20vulnerability%20types%20%7C%20Group-IB%20Blog&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22d%2Fn%2Fq%2Fr%2Fs%2Ft%22%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A651%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1051%3Acn%3A1%3Adp%3A0%3Als%3A716715038822%3Ahid%3A720523766%3Az%3A0%3Ai%3A20230530095805%3Aet%3A1685440685%3Ac%3A1%3Arn%3A395251845%3Arqn%3A1%3Au%3A1685440685847244095%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C30%2C9%2C1%2C0%2C%2C699%2C107%2C%2C%2C%2C815%3Aco%3A0%3Acpf%3A1%3Ans%3A1685440683567%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1685440686%3At%3ABridging%20the%20gap%3A%20How%20to%20leverage%20API%20security%20best%20practices%20to%20combat%20top%203%20vulnerability%20types%20%7C%20Group-IB%20Blog&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 114

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10019.WvUND37lCmktffl10kH6ZmemcyenrpXJlA_-7GbMzJ35N1RGxJkzbS9VG_hPRl5F.lUrr7yRCznHVPgn8LOxaKVCRtW8%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10019.fwvlD58hNfhta1u3CU1-fJYe44bxyybL8Ok_deQZLgRUOaqkGzinsHlDhmug4g0zjkLLzrzfEnipVAjZDZ6QBn_IZX8uVEJOUh1BM0MNVc8%2C.5Sk_Akk1z4vyiBCw7v3TDuKKluw%2C

135 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 403 / Show response
www.group-ib.com/blog/api-security-best-practices/ 7 KB
7 KB 88ms
8ms Document
text/html 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/blog/api-security-best-practices/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 641a4b99adf6ec3e67a303f16f4fe9b2caac7cc87bbe539e09d630be29214ffe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-type: text/html
date: Tue, 30 May 2023 09:58:01 GMT

GET
H2 200 bt-autoinject.js Show response
fhp-aws-antibot-back.group-ib.com/d/ 347 KB
145 KB 153ms
47ms Script
text/javascript 3.72.191.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.72.191.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-191-153.eu-central-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 8963e927914bfbfe29e6f6b59578b01a28b8a91ef74c138f66927408fa67820b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:02 GMT
content-encoding: gzip
x-envoy-upstream-service-time: 2
server: istio-envoy
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8

GET
DATA 200
OK truncated
/ 487 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce617f3004d6588dfcee166d50f43c41a8f8732205b2d8e9ddf55e9851177d12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 185a823544af79a6a21e702268c4b09c171b2fc6670653dffac2fcb96e7aa396

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 idgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Show response
www.group-ib.com/api/fl/ 205 B
693 B 17ms
17ms XHR
application/json 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/api/fl/idgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Requested by: Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 723de2ff7ec62357a8866addfd0a81a94edc5e06cee2ea2cb3c6a6950b1ce7d1

Request headers

Referer: https://www.group-ib.com/blog/api-security-best-practices/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
x-cfids: -

Response headers

date: Tue, 30 May 2023 09:58:02 GMT
content-encoding: gzip
server: istio-envoy
etag: W/"l1d+eL0Wor+qtLu1gBSSUj5riVfMkvQZvFwaguVFRm228QqlMyQCVTiBoLKGiLMmE9qZgzdGWoyi+pnimqq5h3Ffy7rzmAHkCJSe53QpvtSMNrR/CHN8Kv18we+j3JFKjymLTuCqYs/Zc6pfHeUj9VkF"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache
x-envoy-upstream-service-time: 3

POST
H2 200 fl
www.group-ib.com/api/ 665 B
834 B 28ms
24ms XHR
application/json 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/api/fl?u=69270af0-fe18-11ed-b99a-d752889094b4&cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24=l1d%2BeL0Wor%2BqtLu1gBSSUj5riVfMkvQZvFwaguVFRm228QqlMyQCVTiBoLKGiLMmE9qZgzdGWoyi%2Bpnimqq5h3Ffy7rzmAHkCJSe53QpvtSMNrR%2FCHN8Kv18we%2Bj3JFKjymLTuCqYs%2FZc6pfHeUj9VkF
Requested by: Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://www.group-ib.com/blog/api-security-best-practices/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 30 May 2023 09:58:03 GMT
content-encoding: gzip
server: istio-envoy
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.group-ib.com
cache-control: no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3

POST
H2 200 fl
www.group-ib.com/api/ 665 B
698 B 13ms
12ms Ping
application/json 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/api/fl?u=69270af0-fe18-11ed-b99a-d752889094b4&cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24=nfd9CbFbC8yZu%2BxxgYjSpdJfSxWXu8%2BLDl6aSjhBC9iWi1G%2FA%2FSkkaj2u8hh2ojthgT%2BIhrcjDMAs15XYu%2BUiad7niuFzOYjHGM0EueqDlNC%2BV5%2F7wVjliVTWOr8huobVsZZljATjSWpSZ0qWFiXCRDxD99M5CFicbyi
Requested by: Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://www.group-ib.com/blog/api-security-best-practices/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 30 May 2023 09:58:03 GMT
content-encoding: gzip
server: istio-envoy
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.group-ib.com
cache-control: no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2

GET
H2 200 Primary Request / Show response
www.group-ib.com/blog/api-security-best-practices/ 89 KB
21 KB 31ms
30ms Document
text/html 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.group-ib.com/blog/api-security-best-practices/

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

b750d3ae64e7f11817434daaa6d4688dd028b01d7b3565f35a79db71fd2fbe57

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/api-security-best-practices/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: https://www.group-ib.com
cache-control: private, max-age=3600
content-encoding: gzip
content-length: 21045
content-security-policy: frame-ancestors 'self';
content-type: text/html; charset=UTF-8
date: Tue, 30 May 2023 09:58:03 GMT
etag: "519e-5fce63ac3fe8f"
last-modified: Tue, 30 May 2023 09:57:22 GMT
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: X-Forwarded-Proto,Accept-Encoding,Cookie
x-content-type-options: nosniff
x-frame-options: sameorigin
x-xss-protection: 1; mode=block

GET
H2 200 bt-autoinject.js Show response
fhp-aws-antibot-back.group-ib.com/d/ 347 KB
145 KB 56ms
53ms Script
text/javascript 3.72.191.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.72.191.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-191-153.eu-central-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 8963e927914bfbfe29e6f6b59578b01a28b8a91ef74c138f66927408fa67820b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:03 GMT
content-encoding: gzip
x-envoy-upstream-service-time: 0
server: istio-envoy
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8

GET
H2 200 lazyload.min.js Show response
www.group-ib.com/wp-content/plugins/w3-total-cache/pub/js/ 6 KB
2 KB 50ms
45ms Script
application/x-javascript 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.group-ib.com/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/blog/api-security-best-practices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 2356
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 May 2023 12:06:50 GMT
server: nginx
etag: "1883-5fbce6804f8ae-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
x-frame-options: sameorigin
content-type: application/x-javascript
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Tue, 30 May 2023 10:28:03 GMT

GET
H2 200 swiper-bundle.min.js Show response
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/js/ 140 KB
39 KB 242ms
114ms Script
application/x-javascript 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/js/swiper-bundle.min.js

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

b624e1e378abe009ef0de69a698b0a3e734af47efcdbd6816d5fcb8fc64c8bfe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:03 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 39504
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 05 Sep 2022 07:41:14 GMT
server: nginx
etag: "22ede-5e7e9344df9f2-gzip"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: kbwovN5XslVW93iNouYJUd6p6Yzq2fjVIr1HNQhE_XLym6hrzlwkQw==
expires: Tue, 30 May 2023 10:28:03 GMT

GET
H2 200 classic-themes.min.css
website.cdn.group-ib.com/wp-includes/css/ 217 B
1007 B 231ms
102ms Stylesheet
text/css 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://website.cdn.group-ib.com/wp-includes/css/classic-themes.min.css

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:03 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 189
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 11 Nov 2022 11:58:50 GMT
server: nginx
etag: "d9-5ed309cf15c82-gzip"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: 0wiPFRzN-2J7YwRvQtgxxJZBlLAhzFOb6nEH135tZUesEO0PfSp_Fg==
expires: Tue, 30 May 2023 10:28:03 GMT

GET
H2 200 dashicons.min.css
website.cdn.group-ib.com/wp-includes/css/ 58 KB
36 KB 248ms
120ms Stylesheet
text/css 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://website.cdn.group-ib.com/wp-includes/css/dashicons.min.css

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:03 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 35730
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 10 Jun 2022 07:03:36 GMT
server: nginx
etag: "e688-5e112897ec200-gzip"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: 9AjsbyoGC5M10bPH1DlM2u0xPSHZVCvZbMHekPY1bqhx8jtYLcBsMA==
expires: Tue, 30 May 2023 10:28:03 GMT

GET
H2 200 frontend.min.css
www.group-ib.com/wp-content/plugins/post-views-counter/css/ 215 B
310 B 48ms
44ms Stylesheet
text/css 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.group-ib.com/wp-content/plugins/post-views-counter/css/frontend.min.css

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

ed70c2cf61d0f24d03299ffc5896c7abd86bb858501987dc10e3afec086c01df

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/blog/api-security-best-practices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 160
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 26 Apr 2023 07:26:40 GMT
server: nginx
etag: "d7-5fa38293ec798-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Tue, 30 May 2023 10:28:03 GMT

GET
H2 200 jquery.min.js Show response
website.cdn.group-ib.com/wp-includes/js/jquery/ 88 KB
31 KB 253ms
125ms Script
application/x-javascript 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://website.cdn.group-ib.com/wp-includes/js/jquery/jquery.min.js

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:03 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 30995
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 11 Nov 2022 11:58:50 GMT
server: nginx
etag: "15e54-5ed309cf21802-gzip"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: _k6XVM3uXi3H1nM62RPeO8acw8o63LP_42m4w2iSnduYWBtwjWfOMw==
expires: Tue, 30 May 2023 10:28:03 GMT

GET
H2 200 single-blog-post.css
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/ 267 KB
39 KB 217ms
89ms Stylesheet
text/css 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

49d4fa2983f6350de2f63d55cc153050def7d66f9a92a61bccbe0de881512003

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:03 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 38645
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 May 2023 09:58:00 GMT
server: nginx
etag: "42a2a-5fce63d118b71-gzip"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: _9oMOh2ZkRBZFeAOsAte1bByC82OOnGbUAcPkgILGsu9s1lY5mBaOA==
expires: Tue, 30 May 2023 10:28:03 GMT

GET
H2 200 v2.js Show response
js-eu1.hsforms.net/forms/ 526 KB
165 KB 97ms
37ms Script
application/javascript 172.65.255.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hsforms.net/forms/v2.js

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.255.172 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6068122af5aaf3871c283132bb19ddafc391f4cb78126882ca18a7c5f4c03611

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-encoding: br
age: 514
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3243/bundles/project-v2.js&cfRay=7cf6114016f46922-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"a5301b6f08ed64649a3390f949aa4175"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.3243/bundles/project-v2.js
date: Tue, 30 May 2023 09:58:03 GMT
x-amz-version-id: l7bHRIBQ6TE8MnbN5jsE1ccMSwu0_dqN
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P2
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 268ca2f3-e243-48bf-8b1e-a381975567c5
last-modified: Tue, 23 May 2023 10:19:29 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NM2kZGjNc%2F0umjMoX00hu4qlnuE7xmCiQcZadv7mpcS%2BWrPkPFU8d10aMNjDDZwUSmPWUW026RL05U9ruKe5K%2F8H81WADOa75A7UhJgPWIFOI9KlhNOT8MW0lkXw3ztO5Lcf%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-5b45bc9bc5-nqkr5
cf-ray: 7cf61dd0fb0e5c92-FRA
x-amz-cf-id: uqOr07paaIoJjFgiVKRTZmk5dmGndZR8NK27rGjy0Knk8s-gYylqWA==

GET
H2 200 main.js Show response
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/js/ 210 KB
46 KB 38ms
37ms Script
application/x-javascript 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/js/main.js

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6ef1f43c331150d23e01b41927542d8dc5e0d363422a2909e5343bcd6f2082e9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:03 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 45725
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 05 May 2023 14:00:53 GMT
server: nginx
etag: "34848-5faf2b7a83925-gzip"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: vUpOeBfKkjALdZlLFBf6P9suh4xRHo4WmCLHSaPRojIQj7SPqOV3xg==
expires: Tue, 30 May 2023 10:28:03 GMT

GET
H2 200 fancybox.umd.js Show response
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/libs/fancybox/ 103 KB
30 KB 236ms
109ms Script
application/x-javascript 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/libs/fancybox/fancybox.umd.js

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

942e02acf640c0308f65e057a8afaed63dfaf995034cda9cfc75532a1009ec72

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:03 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 29634
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 05 Sep 2022 07:24:28 GMT
server: nginx
etag: "19ca6-5e7e8f85cb376-gzip"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: IYPh7HnOOrgWbvepgcIy4dBxPmL2xB516qhXqT_uqZUCwF9V9e4ByQ==
expires: Tue, 30 May 2023 10:28:03 GMT

GET
H2 200 frontend.min.js Show response
www.group-ib.com/wp-content/plugins/post-views-counter/js/ 1 KB
691 B 49ms
45ms Script
application/x-javascript 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.group-ib.com/wp-content/plugins/post-views-counter/js/frontend.min.js

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

12475fdd5d48640d7ad60670a2342f02cf560b8cd977cf8e7e624e6a22576f82

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/blog/api-security-best-practices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 628
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 26 Apr 2023 07:26:40 GMT
server: nginx
etag: "484-5fa38293ec798-gzip"
vary: X-Forwarded-Proto,Accept-Encoding
x-frame-options: sameorigin
content-type: application/x-javascript
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Tue, 30 May 2023 10:28:03 GMT

GET
H2 200 25755956.js Show response
js-eu1.hs-scripts.com/ 2 KB
1 KB 53ms
31ms Script
application/javascript 172.65.208.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-scripts.com/25755956.js
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cba6543c7061f9dc95e6f9b1e2eb96cdbb555cfbf059de21bf9dc463afe234f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:04 GMT
content-encoding: br
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 1a9a0142-2af0-4b35-8931-31507aeafc6d
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 5
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 279e8092-29d1-4438-a8ed-e91bd6afd615
last-modified: Tue, 30 May 2023 09:52:13 GMT
server: cloudflare
x-trace: 2B4D142E383DD703B5B37B473CFAB58BDA87E114F4000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.group-ib.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=30
access-control-allow-credentials: true
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-6568b767df-7qmjc
cf-ray: 7cf61dd2f9ac5c74-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 118 KB
46 KB 47ms
19ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-25492706-2

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

808606f159b3d4b670c89affc995cc23342154d4350dfb2cf1014952cdee7662

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46864
x-xss-protection: 0
last-modified: Tue, 30 May 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 May 2023 09:58:04 GMT

GET
DATA 200
OK truncated
/ 487 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6e8e462ee6646b1101c16693d8becdfe06c50c68f5d22350e211e157067c11da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9349b5f4fe9aed919fc635af8fef55eb49baaa591f5686edd82f993fb0484167

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 idgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Show response
www.group-ib.com/api/fl/ 217 B
627 B 18ms
18ms XHR
application/json 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/api/fl/idgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Requested by: Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: d26d890ca5e32d97c4e51c70567c618bf315e27d2ec2850052169bfd14007c16

Request headers

X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24: 5D5A7S1EXopEKVThtgV0kDg/7K5S1QHqsneHvFy2WlFaBZYhxLAuxMD1/pp9E2z2b26aAv6SAbEHtYEJWILB2u+cAjzIOTE1mzZ5h8h3ChmX8ErKGpN8moipVE4gPsgk+yUVGto0PwFl68KPfe8XK4sIqRt3PUFkrLDlW8ETz9ksYsS65w+xsrPw6eQrXiT9xoV4mA6mvNV5GI1F2SlCm3HylYFxq0pXNOMdpD9mx+R9dlCJhgipuQuJeFYReg==
Referer: https://www.group-ib.com/blog/api-security-best-practices/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24: DIeN8d4da0f9c7fa9beadf4d7693f829aa00940a
x-cfids: nfd9CbFbC8yZu+xxgYjSpdJfSxWXu8+LDl6aSjhBC9iWi1G/A/Skkaj2u8hh2ojthgT+IhrcjDMAs15XYu+Uiad7niuFzOYjHGM0EueqDlNC+V5/7wVjliVTWOr8huobVsZZljATjSWpSZ0qWFiXCRDxD99M5CFicbyi

Response headers

date: Tue, 30 May 2023 09:58:03 GMT
content-encoding: gzip
server: istio-envoy
etag: W/"WhmWFpLwwsskKzpHhQKYZCeuufyCBDSH6Wux5BF6zK3/0jQB2iAWbKZj26ajWHLARmGAJLlD/EEkEY3YB1eULgiOEN+FngoV93b8LvZGHJMUrsVLC2GzGcVb4LkR71+yDd7tLmmkmqlCTwkfzLeVXjsqsNupY+Om0sL9"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache
x-envoy-upstream-service-time: 1

GET
H2 200 G-font-Medium.otf
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/fonts/G-font/ 60 KB
35 KB 136ms
75ms Font
application/x-font-otf 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/fonts/G-font/G-font-Medium.otf

Requested by

Host: website.cdn.group-ib.com
URL: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1efe16c9efbadde5e242d88a315eca3906a55669fcd4882a904fbc723306a4e4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css
Origin: https://www.group-ib.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:04 GMT
via: 1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 35382
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Jun 2022 07:55:26 GMT
server: nginx
etag: "eed4-5e27d5c025780-gzip"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/x-font-otf
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: d2juBVcHYTjex-D-Lvyw2c-KVJb9yRRy0yEcWEy3xwzPQwzH26qieg==
expires: Tue, 30 May 2023 10:28:04 GMT

GET
H2 200 G-font-Regular.otf
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/fonts/G-font/ 47 KB
31 KB 98ms
37ms Font
application/x-font-otf 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/fonts/G-font/G-font-Regular.otf

Requested by

Host: website.cdn.group-ib.com
URL: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6cee0fb06339ba13e1f15d044e0e4904bbeeb7fbe4351e3f102b6d80b2465061

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css
Origin: https://www.group-ib.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:04 GMT
via: 1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 30798
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Jun 2022 07:55:26 GMT
server: nginx
etag: "bbf8-5e27d5c025780-gzip"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/x-font-otf
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: mjeXzSl2DdVxDMG2OfuzXdzzzpXT5HycUpvgEe1uftvxEe_lnWj-gg==
expires: Tue, 30 May 2023 10:28:04 GMT

GET
H2 200 json Show response
forms-eu1.hsforms.com/embed/v3/form/25755956/044e7558-8073-478a-ad3c-5807dd76840f/ 9 KB
2 KB 62ms
42ms XHR
application/json 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-eu1.hsforms.com/embed/v3/form/25755956/044e7558-8073-478a-ad3c-5807dd76840f/json?hs_static_app=forms-embed&hs_static_app_version=1.3243&X-HubSpot-Static-App-Info=forms-embed-1.3243

Requested by

Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4aebf09e541acbdec678608c672bc670484930f2a4aba43dc3bea8ab323a76bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.group-ib.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-origin-hublet: eu1
date: Tue, 30 May 2023 09:58:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: ffa7a7a8-9cf3-4bf4-a4ca-4ce0e0fda70c
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 8
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3a912c58-b95f-4ff6-9d42-159901cc5e68
server: cloudflare
x-trace: 2B556F0430E2D88EACDA54D8F2F72F8C55E5A579CA000000000000000000
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.group-ib.com
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7cf61dd3995e2c5f-FRA
x-evy-trace-served-by-pod: fra04/star-hubspot-td/envoy-proxy-79bb87d888-p4pw9

GET
H2 200 cross.svg
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ 342 B
1 KB 29ms
28ms Image
image/svg+xml 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/cross.svg

Requested by

Host: website.cdn.group-ib.com
URL: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dfb059f8aa219769088fd6c85d85aae789f1e72bfe3d314748f1f3ccfffffb1c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:04 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 207
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Jun 2022 07:55:26 GMT
server: nginx
etag: "156-5e27d5c025780-gzip"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: 3g5Gu2TWIFJ-c1tifw_l2nPOnJzX1nYKsH2wOgUnwIw6Qke0icU0mw==
expires: Tue, 30 May 2023 10:28:04 GMT

GET
H2 200 json Show response
forms-eu1.hsforms.com/embed/v3/form/25755956/4dbceae1-75ae-423a-9c12-dee8f1ca3345/ 112 KB
29 KB 49ms
43ms XHR
application/json 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-eu1.hsforms.com/embed/v3/form/25755956/4dbceae1-75ae-423a-9c12-dee8f1ca3345/json?hs_static_app=forms-embed&hs_static_app_version=1.3243&X-HubSpot-Static-App-Info=forms-embed-1.3243

Requested by

Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1a8452daeb01fc562d4710059386b2073d549de6b356a957063a2e8198d0e96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.group-ib.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-origin-hublet: eu1
date: Tue, 30 May 2023 09:58:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 8a44ad8a-c70d-48b0-99c9-5b876c26136d
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 20
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 38824ab0-8500-4bc5-ba74-01fbb61a5eff
server: cloudflare
x-trace: 2B7951E113811B423CAFD0DE80C5BD664C1FF81724000000000000000000
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.group-ib.com
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7cf61dd3b9892c5f-FRA
x-evy-trace-served-by-pod: fra04/star-hubspot-td/envoy-proxy-79bb87d888-m76dn

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 092345c20e95a1a5aa797aa64efdcad7f15737c4c360d09d44c7411329dec089

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f242ac36450a10fbf5934d1d554fc8d6d1796f1832b3c40915d41b65fab5846c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 dropdown_before.svg
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ 154 B
974 B 56ms
55ms Image
image/svg+xml 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/dropdown_before.svg

Requested by

Host: website.cdn.group-ib.com
URL: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

574ab1a3d7b47add5d43a927f62c87698264f63572acd70b42081dd4a1dc5ced

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:04 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 150
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Jun 2022 07:55:26 GMT
server: nginx
etag: "9a-5e27d5c025780-gzip"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: X03AORTxMfuFEWZA6oKxyrp50rrjH3TNYVDPsyVV1S_K2CdN76mLxA==
expires: Tue, 30 May 2023 10:28:04 GMT

GET
H2 200 link-arrow.svg
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/ 409 B
1 KB 69ms
68ms Image
image/svg+xml 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/link-arrow.svg

Requested by

Host: website.cdn.group-ib.com
URL: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e91c5731358570d3e4cd684118251d243fc799059648b152403dcd775ceba632

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:04 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 267
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Jun 2022 07:55:26 GMT
server: nginx
etag: "199-5e27d5c025780-gzip"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: 9i1_m1IrxhoWPY1C2RCmlhxzpGckCwOhHE6i3mQA9h0jDyPzcSNtiQ==
expires: Tue, 30 May 2023 10:28:04 GMT

GET
H2 200 Close.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 227 B
338 B 45ms
44ms Image
image/svg+xml 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/Close.svg

Requested by

Host: website.cdn.group-ib.com
URL: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

31d1c5bd0cd38e6e6b8eb944944df273044e826c7d3daacbe602caead3068c7a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website.cdn.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 180
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 29 Nov 2022 12:14:21 GMT
server: nginx
etag: "e3-5ee9aed8bc981-gzip"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Tue, 30 May 2023 10:28:04 GMT

GET
H2 200 file_copy.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 668 B
438 B 45ms
44ms Image
image/svg+xml 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/file_copy.svg

Requested by

Host: website.cdn.group-ib.com
URL: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f367bbc4429fc9fb0a93045245aef519a000ab275549645cddecb3f953e0a05f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website.cdn.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 352
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 28 Nov 2022 13:01:55 GMT
server: nginx
etag: "29c-5ee8779d1a6cb-gzip"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Tue, 30 May 2023 10:28:04 GMT

GET
H2 200 success.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 386 B
359 B 46ms
45ms Image
image/svg+xml 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/success.svg

Requested by

Host: website.cdn.group-ib.com
URL: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

fa4859289ded4c674dcee233811758743116b1d7ce4e9f0c0e7e259391504c43

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website.cdn.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 254
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 29 Nov 2022 11:07:05 GMT
server: nginx
etag: "182-5ee99fd05f106-gzip"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Tue, 30 May 2023 10:28:04 GMT

GET
H2 200 list-dot.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 313 B
290 B 45ms
45ms Image
image/svg+xml 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/list-dot.svg

Requested by

Host: website.cdn.group-ib.com
URL: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6b0775723ccade5ca3170fcc6a321c5b4768a5dc2b7c83b8b8b595407a2f0018

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website.cdn.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 205
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 08 Sep 2022 12:02:57 GMT
server: nginx
etag: "139-5e82935d2238c-gzip"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Tue, 30 May 2023 10:28:04 GMT

GET
H2 200 G-font-Bold.otf
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/fonts/G-font/ 49 KB
32 KB 74ms
73ms Font
application/x-font-otf 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/fonts/G-font/G-font-Bold.otf

Requested by

Host: website.cdn.group-ib.com
URL: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

8d15a221986226efe4f742f390f46f9d5ae8b2008a6edd40e10ff121ef9cca9b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css
Origin: https://www.group-ib.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:04 GMT
via: 1.1 af1bbc213b3a9ee2f125be77ca3609a0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 31918
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Jun 2022 07:55:26 GMT
server: nginx
etag: "c320-5e27d5c025780-gzip"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/x-font-otf
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: LH_LuGGDUYhEiaxLlOU2Z6kJtUc8Foenegt1AHSBMwBM93wORaxseQ==
expires: Tue, 30 May 2023 10:28:04 GMT

GET
H2 200 json Show response
forms-eu1.hsforms.com/embed/v3/form/25755956/55a22738-d5a5-43f9-9c1c-fa4c1a6eb349/ 8 KB
2 KB 40ms
40ms XHR
application/json 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-eu1.hsforms.com/embed/v3/form/25755956/55a22738-d5a5-43f9-9c1c-fa4c1a6eb349/json?hs_static_app=forms-embed&hs_static_app_version=1.3243&X-HubSpot-Static-App-Info=forms-embed-1.3243

Requested by

Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38b5c33193edba07b1e5a7c080034199c2f58ea32f9d880787c51c687d6bd304

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.group-ib.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-origin-hublet: eu1
date: Tue, 30 May 2023 09:58:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 5583ec9b-90a8-4449-852c-4b7cd422853b
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 8
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3b23c5f4-acb0-4261-a06e-ed266a87e384
server: cloudflare
x-trace: 2B4A37B92ACAD348D80DDEABB2D3DA8BEDCF9F8C0F000000000000000000
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.group-ib.com
x-evy-trace-virtual-host: all
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7cf61dd429fa2c5f-FRA
x-evy-trace-served-by-pod: fra04/star-hubspot-td/envoy-proxy-79bb87d888-p4pw9

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 270 KB
88 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PW7265

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cdc00b662dca5366eb3a59484a640ae532619e00126e537bd29f7e86f400be01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89620
x-xss-protection: 0
last-modified: Tue, 30 May 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 May 2023 09:58:04 GMT

GET
H2 200 insight.min.js Show response
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/js/ 8 KB
4 KB 31ms
31ms Script
application/x-javascript 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/js/insight.min.js

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:04 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 3085
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 15 Jul 2022 14:12:57 GMT
server: nginx
etag: "1e5a-5e3d89d6a8c40-gzip"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: 23QtXcBuL82aNzFYI11wA38S_jYTwt79Z7JViqmi1XxrJ1bjDVwhSg==
expires: Tue, 30 May 2023 10:28:04 GMT

GET
H2 200 fb.js Show response
js-eu1.hsadspixel.net/ 6 KB
3 KB 117ms
16ms Script
application/javascript 172.65.219.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hsadspixel.net/fb.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25755956.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.219.229 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 483ec486a8c947a82da6462397dbe386bebab6b2921f517c35e2b9cb53498c89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:04 GMT
x-amz-version-id: UWz6VDoRBzzIc_vph_dNl5MbrO6eX90N
via: 1.1 cb4c4a25e4ef534686959996782c8476.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-P2
age: 359
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.377/bundles/pixels-release.js&cfRay=7cf615126afa3835-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 50cc8b57-f44e-4cb6-9699-d9c96764402b
last-modified: Mon, 22 May 2023 03:15:08 UTC
server: cloudflare
etag: W/"862fe95a42e7a27927f5d04635cd29ab"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-5b45bc9bc5-nqkr5
cf-ray: 7cf61dd4ef26382a-FRA
x-amz-cf-id: qhKqgD5t-jeDwd06pomgrlvWv7AhUvK-FAw8XlXYOKbuHYKJxO8hOg==
x-hs-target-asset: adsscriptloaderstatic/static-1.377/bundles/pixels-release.js

GET
H2 200 collectedforms.js Show response
js-eu1.hscollectedforms.net/ 69 KB
25 KB 68ms
43ms Script
application/javascript 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hscollectedforms.net/collectedforms.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25755956.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e1bce508370a6994bd3e0e67c257f06875e16ca2038c27f498616a0f0d55687

Request headers

Referer: https://www.group-ib.com/
Origin: https://www.group-ib.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:04 GMT
x-amz-version-id: SGo7xq5b6d1kUu6c8SU5YR.mobmUICUY
via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-amz-cf-pop: FRA56-P2
age: 120
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.370/bundles/project.js&cfRay=7cf61ae6eba392ad-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5f683643-4067-4ef7-a44f-733549cbec4f
last-modified: Tue, 09 May 2023 08:44:18 UTC
server: cloudflare
etag: W/"d1b16df440198d59c993c4956b7fded6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-5b45bc9bc5-p7df5
cf-ray: 7cf61dd47dc81c1c-FRA
x-amz-cf-id: TXQBtrekkwZ39dJAqt6mzimVxOU5tR72lvnkpLZdt3ZOvXcn4n2j-w==
x-hs-target-asset: collected-forms-embed-js/static-1.370/bundles/project.js

GET
H2 200 banner.js Show response
js-eu1.hs-banner.com/v2/25755956/ 208 KB
64 KB 84ms
43ms Script
text/javascript 172.65.202.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-banner.com/v2/25755956/banner.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25755956.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b505661e730cee3a577f971defb04a68e5882846ca94bca825f3c7c210849e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:04 GMT
x-amz-version-id: 2rLrOlFzlyHeenwmL2TxNVl4OQM9W_gC
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YM436JN29XHKPMP8
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
age: 282
x-envoy-upstream-service-time: 69
x-amz-id-2: zTMY2UW0ufpbikrhUGC1iDd84solVrPgv5BLWkyIOttDeHukNZcZ0NZWEp7qD/N6FLI3/MEHi5g=
x-evy-trace-listener: listener_https
x-request-id: 06470bd0-1c51-4e1c-99a9-ea7054612404
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 15 May 2023 07:10:06 GMT
server: cloudflare
etag: W/"7ea966efc161a8e41f870e6b8ea867a1"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://blog.group-ib.ru
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-699b4f88b6-9vfl9
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7cf61dd4af14920b-FRA
expires: Tue, 30 May 2023 09:58:22 GMT

GET
H2 200 25755956.js Show response
js-eu1.hs-analytics.net/analytics/1685440500000/ 65 KB
21 KB 112ms
73ms Script
text/javascript 172.65.238.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-analytics.net/analytics/1685440500000/25755956.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/25755956.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6d8b2d60702ecc04d9622f888d014a3efc6742c7c109dcbff7efe0c2a9a01b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:04 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: SB8NV0QB6WD8NW80
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-envoy-upstream-service-time: 17
x-amz-id-2: hZsvY8qNETIQo8vg3anajxJCa0b2fJOveQtUuiLnCuLXUYqGEdcH/KckZ30tsv516ieHMtFB+w4=
x-evy-trace-listener: listener_https
x-request-id: a712c530-fdfb-4967-ba98-fd6b1e69eccb
x-evy-trace-route-configuration: listener_https/all
last-modified: Mon, 15 May 2023 07:55:55 GMT
server: cloudflare
etag: W/"a35ed32b033314a238d48c009a09fdc0"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-85d65fb994-5xgrz
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7cf61dd4ac3b364a-FRA
expires: Tue, 30 May 2023 10:03:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 43ms
10ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-25492706-2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 08:35:34 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4950
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 30 May 2023 10:35:34 GMT

GET
H2 200 main-logo.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 3 KB
2 KB 60ms
53ms Image
image/svg+xml 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/main-logo.svg

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

589c9a6a159cf2ecc8555bc4457827f21002eaec9a24e3bc54401ed0b4d30ac8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/blog/api-security-best-practices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1527
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 30 Jan 2023 11:16:06 GMT
server: nginx
etag: "d82-5f379576be685-gzip"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Tue, 30 May 2023 10:28:04 GMT

GET
H2 200 ti.png
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ 6 KB
7 KB 73ms
66ms Image
image/png 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ti.png

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f0e3a799744c0c67782742af2c13b85f769b58abd04800a04853d26f60cf7314

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
date: Tue, 30 May 2023 09:58:04 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 5919
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Jun 2022 07:55:26 GMT
server: nginx
etag: "171f-5e27d5c025780"
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: GF85Fq2ZtekNYxDmy6qV9ACVO7jdDIQ6SmIOtGc2rSIv6aXIrw4mrA==
expires: Tue, 30 May 2023 09:58:03 GMT

GET
H2 200 asm.png
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ 6 KB
7 KB 46ms
39ms Image
image/png 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/asm.png

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

997d49d316b533985208f14602a1ff15a76bf6a567afbb6b6980629ca8d78bab

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
date: Tue, 30 May 2023 09:58:04 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 5941
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Jun 2022 07:55:26 GMT
server: nginx
etag: "1735-5e27d5c025780"
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: 2QVRdO1OHDQW7k8QXHlOqQP9GhioiYeDbWDmIH4LaeGDxUl-3zCEFg==
expires: Tue, 30 May 2023 09:58:03 GMT

GET
H2 200 fp.png
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ 8 KB
8 KB 71ms
64ms Image
image/png 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/fp.png

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

15534f98c260c3c3caaedf53335d912010b2de1731477a9fd4dbea89fb4995d9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
date: Tue, 30 May 2023 09:58:04 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 7844
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Jun 2022 07:55:26 GMT
server: nginx
etag: "1ea4-5e27d5c025780"
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: oS505nT1ZoXWj6EQ7LHgXq0N1YVaggQeDPKjMcXb2G9sWLOCroCHjA==
expires: Tue, 30 May 2023 09:58:03 GMT

GET
H2 200 drp.png
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ 5 KB
6 KB 88ms
81ms Image
image/png 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/drp.png

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a300a894e169169882504968fae71958a87e0a4322e2aee1b6b0bbd63fd9621f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
date: Tue, 30 May 2023 09:58:04 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 5398
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Jun 2022 07:55:26 GMT
server: nginx
etag: "1516-5e27d5c025780"
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: VEtYLPIjqQQvK4p1VN4uO_9udzRkVlN3DPLZn7YTWQXJret9Tz5zzg==
expires: Tue, 30 May 2023 09:58:03 GMT

GET
H2 200 mxdr.png
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ 6 KB
7 KB 46ms
39ms Image
image/png 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/mxdr.png

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2be8ce2b065360537771ed230d5d72cbd84758ec127ffa035e6d260ed14af5b0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
date: Tue, 30 May 2023 09:58:04 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 6506
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Jun 2022 07:55:26 GMT
server: nginx
etag: "196a-5e27d5c025780"
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: KtoB68y0rTSL72PU-q4Ixjkfq9XZvSmVyhEvpS9fR4hhnioqJbB6vA==
expires: Tue, 30 May 2023 09:58:03 GMT

GET
H2 200 bep.png
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/ 6 KB
7 KB 64ms
58ms Image
image/png 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/main-nav/bep.png

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7574ba97d4ee7e81bd60873a52a31ff13359f246d0ac492ef2dabf96233a99e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
date: Tue, 30 May 2023 09:58:04 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 6362
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 28 Jun 2022 07:55:26 GMT
server: nginx
etag: "18da-5e27d5c025780"
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: DIoxDvRbB_8tmtL_qgO0X3UBxp8zB73oACUbLekBAN_J9-Ird00YdQ==
expires: Tue, 30 May 2023 09:58:03 GMT

GET
H2 200 share-black.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 1 KB
584 B 66ms
60ms Image
image/svg+xml 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/share-black.svg

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3689e488f5478e26f0347353ad608ccd66e4d62992021c51d9db93f89d43c880

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/blog/api-security-best-practices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 500
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 22 Nov 2022 11:16:45 GMT
server: nginx
etag: "468-5ee0d4eb0feca-gzip"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Tue, 30 May 2023 10:28:04 GMT

GET
H2 200 wb_sunny-black.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 724 B
505 B 69ms
63ms Image
image/svg+xml 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/wb_sunny-black.svg

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cc5dcea4d483d798630d7fe0846a1b784618aa3d4f86bdfa655083d81750322a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/blog/api-security-best-practices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 385
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 22 Nov 2022 11:16:45 GMT
server: nginx
etag: "2d4-5ee0d4eb0feca-gzip"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Tue, 30 May 2023 10:28:04 GMT

GET
H2 200 moon.svg
www.group-ib.com/wp-content/themes/gib-theme/assets/images/ 627 B
447 B 59ms
53ms Image
image/svg+xml 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.group-ib.com/wp-content/themes/gib-theme/assets/images/moon.svg

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dedf6c9294a8b9e4b13b1575641071e45c8e61235bd154d19103fd2893ccd708

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/blog/api-security-best-practices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 361
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 24 Nov 2022 12:37:03 GMT
server: nginx
etag: "273-5ee36a9860213-gzip"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
expires: Tue, 30 May 2023 10:28:04 GMT

GET
H2 200 yla-25-1-e1685436493924.jpg
website.cdn.group-ib.com/wp-content/uploads/ 134 KB
135 KB 74ms
68ms Image
image/jpeg 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://website.cdn.group-ib.com/wp-content/uploads/yla-25-1-e1685436493924.jpg

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

520bbd5b67e96f1b1aeb551a189dd2c680502b5383a3d4cbb4958b405e8551df

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
date: Tue, 30 May 2023 09:58:04 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 137231
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 30 May 2023 08:48:13 GMT
server: nginx
etag: "2180f-5fce54382f646"
x-frame-options: sameorigin
content-type: image/jpeg
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: fl2fNgQ_DpAayHHIti0l8HKFgqSfQob-FuZRFUI0utBo9P68b3IugQ==
expires: Tue, 30 May 2023 09:58:03 GMT

GET
H2 200 GIB-round-white.png
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/ 3 KB
4 KB 92ms
87ms Image
image/png 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/GIB-round-white.png

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3b63b449bde0f2c40eb23801ac24bd82666bd3a766c77b953ff75e6f3e257460

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
date: Tue, 30 May 2023 09:58:04 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 2866
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 08 Dec 2022 15:23:27 GMT
server: nginx
etag: "b32-5ef529e6e43ce"
x-frame-options: sameorigin
content-type: image/png
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: w0IhSE_T4aHhyL-59BG6_eq6L19DXxKr8HXWsCaF-IETQgzbWhdVHw==
expires: Tue, 30 May 2023 09:58:03 GMT

GET
H2 200 sidewinder-apt-small.jpg
website.cdn.group-ib.com/wp-content/uploads/ 166 KB
167 KB 85ms
80ms Image
image/jpeg 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://website.cdn.group-ib.com/wp-content/uploads/sidewinder-apt-small.jpg

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e96c06c45385abd38f348861a2c08f10ea357237609e0df2f05a3e03486d95d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
date: Tue, 30 May 2023 09:58:04 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 169888
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 18 May 2023 11:13:17 GMT
server: nginx
etag: "297a0-5fbf5e42b0cd9"
x-frame-options: sameorigin
content-type: image/jpeg
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: ullEd5P05FWi5xiux2tqp2ieT5K8Sm6STa4usorO9i325uRZk9AxQw==
expires: Tue, 30 May 2023 09:58:03 GMT

GET
H2 200 qilin.jpg
website.cdn.group-ib.com/wp-content/uploads/ 60 KB
60 KB 57ms
52ms Image
image/jpeg 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://website.cdn.group-ib.com/wp-content/uploads/qilin.jpg

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

bb17e3665ddcbbc687deb5cc1d91294ea5eccbb1dc8c429868e8980826a7ed23

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
date: Tue, 30 May 2023 09:58:04 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 61025
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 May 2023 11:26:55 GMT
server: nginx
etag: "ee61-5fbcdd942779b"
x-frame-options: sameorigin
content-type: image/jpeg
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: hVsZaGpxpH6WRP9fGtIlP5YIM3eIwqeTeVQMNI_8jgV-x5jhOoxpsw==
expires: Tue, 30 May 2023 09:58:03 GMT

GET
H2 200 mxdr-blog-1.jpg
website.cdn.group-ib.com/wp-content/uploads/ 139 KB
140 KB 90ms
86ms Image
image/jpeg 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://website.cdn.group-ib.com/wp-content/uploads/mxdr-blog-1.jpg

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

45f4735fee499346d3bf9d23dfaa3025aaba8db1819516871aab49867b6e32d6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
date: Tue, 30 May 2023 09:58:04 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 142607
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 16 May 2023 11:27:38 GMT
server: nginx
etag: "22d0f-5fbcddbd8a69a"
x-frame-options: sameorigin
content-type: image/jpeg
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: OutMP_Qrrnfr_miG1NSVYfZYx77K5fOYbwP7G2wavzZYh863HVys-w==
expires: Tue, 30 May 2023 09:58:03 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 214 KB
74 KB 190ms
66ms Script
application/javascript 2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: website.cdn.group-ib.com
URL: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/js/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

5f4ad169d92e6672202eb340ddc857e11802d10ba2722b80ebe1b5d31371c2ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 30 May 2023 06:12:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64756982-12485"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 74885
expires: Tue, 30 May 2023 10:58:04 GMT

POST
H2 200 admin-ajax.php
www.group-ib.com/wp-admin/ 264 B
800 B 3426ms
3425ms Fetch
text/html 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.group-ib.com/wp-admin/admin-ajax.php

Requested by

Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-72-181-255.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/blog/api-security-best-practices/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

content-security-policy: frame-ancestors 'self';
date: Tue, 30 May 2023 09:58:07 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff, nosniff
content-length: 216
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx
vary: X-Forwarded-Proto,Accept-Encoding
x-frame-options: SAMEORIGIN, sameorigin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.group-ib.com, https://www.group-ib.com
cache-control: no-cache, must-revalidate, max-age=0, private, max-age=3600
access-control-allow-credentials: true
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
667 B 518ms
256ms Image
image/gif 2606:4700::6811:d5f3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d5f3 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: fdeafa1a-18ac-4777-bfad-f22ec8065a24
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0f1a54d2-972f-4525-a767-26bc730aa2c9
server: cloudflare
x-trace: 2BBF3D4C232B5408001CE06F62317861D8FF307D73000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-j4dtm
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7cf61dd768259963-FRA

GET
H2 200 twitter-64.svg
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/ 1 KB
1 KB 820ms
819ms Image
image/svg+xml 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/twitter-64.svg

Requested by

Host: website.cdn.group-ib.com
URL: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ae9dad69229703dfa3b6d226c4c7d692e2f2809bf2475f22612824c2f7602efc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:04 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 554
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 29 Nov 2022 07:39:21 GMT
server: nginx
etag: "426-5ee9716179e8a-gzip"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: CQ3AA6KTlvIjEK05BmGpmJfLMKV9mK_J5TCEaT9dMA2ne1hAQAJdOw==
expires: Tue, 30 May 2023 10:28:04 GMT

GET
H2 200 twitter-lbg.svg
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/ 2 KB
2 KB 819ms
818ms Image
image/svg+xml 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/twitter-lbg.svg

Requested by

Host: website.cdn.group-ib.com
URL: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

294fdc878aa8c42b19edc18d385880ad886397846aca640c305f3eb53a965e13

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:04 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 742
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 29 Nov 2022 07:39:21 GMT
server: nginx
etag: "8f2-5ee9716179e8a-gzip"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: DJg85EHCuhU10nnLGWxwl07_MhKZEXbcKOYUyYOr6KhdTjfYB2XsPg==
expires: Tue, 30 May 2023 10:28:04 GMT

GET
H2 200 linkedin-64.svg
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/ 919 B
1 KB 820ms
819ms Image
image/svg+xml 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/linkedin-64.svg

Requested by

Host: website.cdn.group-ib.com
URL: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f4991587d5312981e74087707ed399bd3820d83f773e7773c013ce00d6835f28

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:04 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 470
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 29 Nov 2022 07:39:21 GMT
server: nginx
etag: "397-5ee9716179e8a-gzip"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: t2-OPSN1L5La-Is1FCYQmVn7YCY9EBz3mI6YJuhB2mqyuoL2v1Z9Aw==
expires: Tue, 30 May 2023 10:28:04 GMT

GET
H2 200 linkedin-lbg.svg
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/ 2 KB
1 KB 819ms
818ms Image
image/svg+xml 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/linkedin-lbg.svg

Requested by

Host: website.cdn.group-ib.com
URL: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c33709a20ca4cd516d65b07a79c1d75445892fcb6d8c6f3871a47ab38d85e075

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:04 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 639
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 29 Nov 2022 07:39:21 GMT
server: nginx
etag: "7ca-5ee9716179e8a-gzip"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: xzkvg8ZmBYqrZtX4DnY7i7E7MK2NY99j1m2B_TEUqA9_6Qh0Vshb8Q==
expires: Tue, 30 May 2023 10:28:04 GMT

GET
H2 200 telegram-64.svg
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/ 1 KB
2 KB 47ms
46ms Image
image/svg+xml 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/telegram-64.svg

Requested by

Host: website.cdn.group-ib.com
URL: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cdc4d10b6b74ad79b55333b9882e854f054ee8b9953c6203dc46c68dc74eb0fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:04 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 787
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 29 Nov 2022 07:39:21 GMT
server: nginx
etag: "5fc-5ee9716179e8a-gzip"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: ZjAIpz6KmclycYGS2udGcXU98wucCpfYiAbLaII0o-nblASBqsInUw==
expires: Tue, 30 May 2023 10:28:04 GMT

GET
H2 200 telegram-lbg.svg
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/ 3 KB
2 KB 818ms
817ms Image
image/svg+xml 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/telegram-lbg.svg

Requested by

Host: website.cdn.group-ib.com
URL: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ac57c7130d61697977d2ed1796c27eefed8249083472716e474e5604b20636aa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:04 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 949
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 29 Nov 2022 07:39:21 GMT
server: nginx
etag: "bf1-5ee9716179e8a-gzip"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: w6TjV59eKFSRyDDGPQReOCklI_jQyE8QK-rx6I4ueaSmFtn3HelX8A==
expires: Tue, 30 May 2023 10:28:04 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4443393&time=1685440684505&url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4443393&time=1685440684505&url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&cookiesTest=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4443393&time=1685440684505&url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&cookiesTest=true&e_ipv6=AQJ5EYt9C2s_mgAAAYh...

0
266 B

247ms
191ms

Image
application/javascript

13.107.42.14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4443393&time=1685440684505&url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&cookiesTest=true&e_ipv6=AQJ5EYt9C2s_mgAAAYhsF-T4J4e_saZ_7K2URWisuyq4e1GPaJqNjN33rGGMQy0-eQG2l0BRf8Xtkin0qlpD1F4Xa2pm1Q
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/
Protocol: H2
Server: 13.107.42.14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:05 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 0F25A2525B78449EBEC3D83A77A1E351 Ref B: DUS30EDGE0909 Ref C: 2023-05-30T09:58:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX85j1bsHABemN5xkJP5g==

Redirect headers

date: Tue, 30 May 2023 09:58:05 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9467651444BE4FADB5029534E05E5E23 Ref B: FRAEDGE1908 Ref C: 2023-05-30T09:58:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4443393&time=1685440684505&url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&cookiesTest=true&e_ipv6=AQJ5EYt9C2s_mgAAAYhsF-T4J4e_saZ_7K2URWisuyq4e1GPaJqNjN33rGGMQy0-eQG2l0BRf8Xtkin0qlpD1F4Xa2pm1Q
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX85j1WUKphSFogWQnZNw==

GET
H2 200 6si.min.js Show response
j.6sc.co/ 35 KB
11 KB 114ms
36ms Script
application/javascript 2.16.187.155

General

Check archive.org

Show headers Download Go to

Full URL

https://j.6sc.co/6si.min.js

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.155 -, , ASN (),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

4aec96eddab69454e554bb60664da2e5043c363ebef6921644f619523e7274d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 09:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 May 2023 00:27:16 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "64641f64-8a3f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, no-cache, proxy-revalidate
accept-ranges: bytes
content-length: 11052
expires: Tue, 30 May 2023 09:58:04 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 107ms
30ms Script
application/javascript 146.75.120.157

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PW7265
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:04 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220064-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 150ms
81ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

c5100cd90a95aa459fe237adc409043e20f8fd06caa5cd3b74d66f79387ae0fb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 May 2023 09:58:04 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27498
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: av7i/LU4d3WgDC29CJAiEf53M4u1dp2HbJzGFoBgxop/qCspfcjA9S/GNntSgNuOi//5hDzLgl4CkC/gNcGXUQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 NeverBounce.js Show response
cdn.neverbounce.com/widget/dist/ 96 KB
29 KB 403ms
4ms Script
application/javascript 13.225.78.65

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.neverbounce.com/widget/dist/NeverBounce.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PW7265
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.65 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c99d11cb4960d6e1918ed55d5bcbb316d38b51098e2efc1201904d7274d3273e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 23:55:25 GMT
content-encoding: gzip
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
last-modified: Mon, 02 Mar 2020 18:37:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 36160
etag: W/"c1e06621030dfcba15b88abbcaa546eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: bWk9eEEf7GfJXMQshElKNWYT_-WEHnK1fX9QRd7JWQ4hwjjnsPbXXw==

GET
H2 200 63e267f61a03d71ea3df5fe7 Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 221ms
152ms Script
text/javascript 2606:4700::6810:a852

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/63e267f61a03d71ea3df5fe7

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 -, , ASN (),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b876892af49a0987d964b76a6e6317d79c00ba6471902985fb3db020b93e3e52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/blog/api-security-best-practices/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7cf61dd6c95435f6-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok
alt-svc: h3=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
87 KB 51ms
49ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QMES53K3Y2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PW7265

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

884314ddd17691acdb5c52114ecfd76e4d0894abf7270f1be03683d805c4d168

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:04 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88713
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 30 May 2023 09:58:04 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601%2C4443393&time=1685440684535&url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&tm=gtmv2
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601%2C4443393&time=1685440684535&url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&tm=gtmv2&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4496601%252C4443393%26time%3D1685440684535%26url%3Dhttps%253A%252F%252Fwww.group-...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601%2C4443393&time=1685440684535&url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&tm=gtmv2&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601%2C4443393&time=1685440684535&url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&tm=gtmv2&cookiesTest=true&liSync=...

0
144 B

186ms
186ms

Image
application/javascript

13.107.42.14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601%2C4443393&time=1685440684535&url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJlAGiVbu_eJQAAAYhsF-Yo-tquuvMRqL77j7dVr3GjgDsKDN7HwdqkbK_dEmQSQVqFQXz3d1bVL28_7OsLBYI09AHenw
Requested by: Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/
Protocol: H2
Server: 13.107.42.14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:05 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6D2D8FF7FB794AA3B56968DE3129E012 Ref B: DUS30EDGE0909 Ref C: 2023-05-30T09:58:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX85j1d0BG/1hwf9ocghQ==

Redirect headers

date: Tue, 30 May 2023 09:58:05 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 7378A3AADA50473295B8A0BD0E728DBB Ref B: FRAEDGE1908 Ref C: 2023-05-30T09:58:05Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601%2C4443393&time=1685440684535&url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJlAGiVbu_eJQAAAYhsF-Yo-tquuvMRqL77j7dVr3GjgDsKDN7HwdqkbK_dEmQSQVqFQXz3d1bVL28_7OsLBYI09AHenw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX85j1a5l9HQ3Qp/6VQIw==

GET
H2 200 counters.gif
forms-eu1.hsforms.com/embed/v3/ 35 B
670 B 374ms
30ms Image
image/gif 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 2d10f2d1-32d2-436e-aceb-cd019a9344d4
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f3514545-59db-4ecd-8f8f-2c29cc9940c9
server: cloudflare
x-trace: 2B8E6336C6C7C3031A58659010C36CEEAC11F0AE6F000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/star-hubspot-td/envoy-proxy-79bb87d888-p4pw9
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7cf61ddb3d459101-FRA

GET
H2 200 json Show response
forms-eu1.hscollectedforms.net/collected-forms/v1/config/ 116 B
475 B 45ms
26ms XHR
application/json 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=25755956&utk=
Requested by: Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43f22362329b9705cf8629061fb5b1d1a38f1cc2bc9fd46728f73e5cd9eb77cf

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.group-ib.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 77040f3a-0dd9-459b-9448-eb087d686753
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e76b53a8-1557-47cb-9b81-63a17c331c8f
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.group-ib.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-5b45bc9bc5-nqkr5
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7cf61dd9dce51c1c-FRA

GET
H2 200 json Show response
api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 250 B
1 KB 335ms
44ms XHR
application/json 2a06:98c1:3200::90:0

General

Check archive.org

Show headers Download Go to

Full URL

https://api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=25755956

Requested by

Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3200::90:0 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

fc50d7c745b4b7ad268ab0c4a71b545dab230889a7f171a29e4a6534041f65bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 842ae8ce-6d24-4e26-beda-b5e5fc42a8a7
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 075956cd-587f-4047-bca5-2de854507a31
server: cloudflare
x-trace: 2BBBA5B8A3C695ABA250BBB56BCEC5AFF4EA1D10F6000000000000000000
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.group-ib.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-6568b767df-cx5bl
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b8ZKBew7V3XOkL91%2BSwBX0iUJueUTPQltZLI1KvGLY03KpwZvpLyTvAMYn0cvdexgGPvcEeJNBQosOdSsje%2Fl2Xtx3GUMTB6xutuKWVZvADj2vrI2r5d5a%2BSr4Pz3F86vQxRbYp%2FpQu4pyMi7i5y3A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 7cf61ddb9d459bf2-FRA
access-control-allow-headers: *

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 21ms
20ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=2109449339&t=pageview&_s=1&dl=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&ul=en-us&de=UTF-8&dt=Bridging%20the%20gap%3A%20How%20to%20leverage%20API%20security%20best%20practices%20to%20combat%20top%203%20vulnerability%20types%20%7C%20Group-IB%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1014647611&gjid=1287802137&cid=485761417.1685440685&tid=UA-25492706-2&_gid=1552060836.1685440685&_r=1&gtm=457e35o0&jsscut=1&z=1877629535

Requested by

Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.group-ib.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 May 2023 09:58:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 82ms
24ms XHR
text/plain 2a00:1450:400c:c0d::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-25492706-2&cid=485761417.1685440685&jid=1506431367&gjid=786524230&_gid=1552060836.1685440685&_u=YGDAgUABAAAAAGAEK~&z=1295058548

Requested by

Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9b -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.group-ib.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 30 May 2023 09:58:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
10ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2109449339&t=pageview&_s=1&dl=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&ul=en-us&de=UTF-8&dt=Bridging%20the%20gap%3A%20How%20to%20leverage%20API%20security%20best%20practices%20to%20combat%20top%203%20vulnerability%20types%20%7C%20Group-IB%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgUABAAAAACAEK~&jid=1506431367&gjid=786524230&cid=485761417.1685440685&tid=UA-25492706-2&_gid=1552060836.1685440685&gtm=45He35o0n71PW7265&cg1=COM%3A%20Blog%20and%20Media&cd1=485761417.1685440685&z=843952713

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 04:28:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19772
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 fl Show response
www.group-ib.com/api/ 665 B
853 B 47ms
45ms XHR
application/json 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/api/fl?u=69270af0-fe18-11ed-b99a-d752889094b4&cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24=WhmWFpLwwsskKzpHhQKYZCeuufyCBDSH6Wux5BF6zK3%2F0jQB2iAWbKZj26ajWHLARmGAJLlD%2FEEkEY3YB1eULgiOEN%2BFngoV93b8LvZGHJMUrsVLC2GzGcVb4LkR71%2ByDd7tLmmkmqlCTwkfzLeVXjsqsNupY%2BOm0sL9
Requested by: Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: c40778be7e878f6e71da2853df07c82f1bcbf205300dbcb2a818b77566d3f869

Request headers

X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24: 5D5A7S1EXopEKVThtgV0kDg/7K5S1QHqsneHvFy2WlFaBZYhxLAuxMD1/pp9E2z2b26aAv6SAbEHtYEJWILB2u+cAjzIOTE1mzZ5h8h3ChmX8ErKGpN8moipVE4gPsgk+yUVGto0PwFl68KPfe8XK4sIqRt3PUFkrLDlW8ETz9ksYsS65w+xsrPw6eQrXiT9xoV4mA6mvNV5GI1F2SlCm3HylYFxq0pXNOMdpD9mx+R9dlCJhgipuQuJeFYReg==
Referer: https://www.group-ib.com/blog/api-security-best-practices/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24: OBzAb7420db2e42665d226dda51a94bbf50192c9
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 30 May 2023 09:58:05 GMT
content-encoding: gzip
server: istio-envoy
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.group-ib.com
cache-control: no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 7

GET
H2 200 counters.gif
forms-eu1.hsforms.com/embed/v3/ 35 B
204 B 378ms
73ms Image
image/gif 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=3

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: dfb4afe2-2d75-4e14-8b04-d2d425acd48d
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e139f9ae-d1af-4158-bad3-a66b8bdc8e45
server: cloudflare
x-trace: 2B2E1DBA867C9E257EF8857455E860A9DEBD86AA24000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/star-hubspot-td/envoy-proxy-79bb87d888-p4pw9
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7cf61ddcbf829101-FRA

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10019.scT8iraSQccebNXav3fdJnaxJMJzupHwfV22C0SA11c3R8dh1bvLNj8qvhS5fBG2.BtKZWZbpMKxcU6UDol-_TLhP2fQ%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10019.dVsHQOKi16CgjM7b-04h7JexqhLPh09MIlvhg5ZwL_fxKBFc40Vo06zQlj9j9S43a4vyzpi6OCV6WZ6eqp60utE0S5sevGhuB0DgO97uVT8%2C.fM2CSetBEcTBA7b1RJiVf1WnuPE%2C

43 B
67 B

68ms
68ms

Image
image/gif

2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=10019.dVsHQOKi16CgjM7b-04h7JexqhLPh09MIlvhg5ZwL_fxKBFc40Vo06zQlj9j9S43a4vyzpi6OCV6WZ6eqp60utE0S5sevGhuB0DgO97uVT8%2C.fM2CSetBEcTBA7b1RJiVf1WnuPE%2C

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:05 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=10019.dVsHQOKi16CgjM7b-04h7JexqhLPh09MIlvhg5ZwL_fxKBFc40Vo06zQlj9j9S43a4vyzpi6OCV6WZ6eqp60utE0S5sevGhuB0DgO97uVT8%2C.fM2CSetBEcTBA7b1RJiVf1WnuPE%2C
date: Tue, 30 May 2023 09:58:05 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 notify Show response
api.neverbounce.com/v4/poe/ 62 B
282 B 347ms
107ms Script
application/javascript 107.21.40.231

General

Check archive.org

Show headers Download Go to

Full URL

https://api.neverbounce.com/v4/poe/notify?key=public_feedec8c69cd171b06421bb96273f04d&event=form.load&callback=__neverbounce_183382

Requested by

Host: cdn.neverbounce.com
URL: https://cdn.neverbounce.com/widget/dist/NeverBounce.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.40.231 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

1e1aef19c5615e1e174346af6d5c1e86065b123d8931b9ae559e8900c38734c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private
x-ua-compatible: IE=Edge

GET
H2 200 notify Show response
api.neverbounce.com/v4/poe/ 63 B
282 B 362ms
122ms Script
application/javascript 107.21.40.231

General

Check archive.org

Show headers Download Go to

Full URL

https://api.neverbounce.com/v4/poe/notify?key=public_feedec8c69cd171b06421bb96273f04d&event=form.load&callback=__neverbounce_151709

Requested by

Host: cdn.neverbounce.com
URL: https://cdn.neverbounce.com/widget/dist/NeverBounce.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.40.231 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

83f071f21280a5e64742fcf0f1d633d36470488059ede6ffc4174fb74ff71281

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private
x-ua-compatible: IE=Edge

GET
H2 200 notify Show response
api.neverbounce.com/v4/poe/ 62 B
281 B 347ms
108ms Script
application/javascript 107.21.40.231

General

Check archive.org

Show headers Download Go to

Full URL

https://api.neverbounce.com/v4/poe/notify?key=public_feedec8c69cd171b06421bb96273f04d&event=form.load&callback=__neverbounce_642550

Requested by

Host: cdn.neverbounce.com
URL: https://cdn.neverbounce.com/widget/dist/NeverBounce.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

107.21.40.231 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

87529cdcb37996a86356548eea055805fdfeb0865278efb9f2f3614ebc882e29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache, private
x-ua-compatible: IE=Edge

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 74ms
37ms Image
image/gif 2a00:1450:4001:808::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-25492706-2&cid=485761417.1685440685&jid=1506431367&_u=YGDAgUABAAAAAGAEK~&z=438824180

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 09:58:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 72ms
34ms Image
image/gif 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-25492706-2&cid=485761417.1685440685&jid=1506431367&_u=YGDAgUABAAAAAGAEK~&z=438824180

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 09:58:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
137 B 65ms
64ms Image
image/gif 2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:05 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 30 May 2023 06:12:02 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64756982-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 30 May 2023 10:58:05 GMT

GET
H2 200 / Show response
c.6sc.co/ 7 B
203 B 37ms
35ms XHR
text/html 2.16.187.155

General

Check archive.org

Show headers Download Go to

Full URL: https://c.6sc.co/
Requested by: Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.187.155 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:05 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/html
access-control-allow-origin: https://www.group-ib.com
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 7

GET
H2 200 / Show response
ipv6.6sc.co/ 36 B
339 B 79ms
16ms XHR
text/html 2a02:26f0:480:23::1726:62a7

General

Check archive.org

Show headers Download Go to

Full URL: https://ipv6.6sc.co/
Requested by: Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:23::1726:62a7 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b582fc82cbb62bd258392616702d7e7aa1d4a4a1c4cb23bfec2bc528c8b4a72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 09:58:05 GMT
vary: Origin
content-type: text/html
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=0, no-cache, no-store
6si-ipv6: 2a02:6ea0:c71b:0:1011:5a7c:f71d:a70b
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="468177_388391911_780498721_29_1008_14_0";dur=1
content-length: 36
expires: Tue, 30 May 2023 09:58:05 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 223ms
219ms Image
image/gif 2.16.187.155

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=e84d9c08a990af8592952e7ac9a983ad&svisitor=null&visitor=d5bd26f1-24b6-4689-8a87-9a02b304d1f7&session=2886fa21-6782-4c67-8c1f-fd13a281b877&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Tue%2C%2030%20May%202023%2009%3A58%3A05%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2030%20May%202023%2009%3A58%3A05%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22e84d9c08a990af8592952e7ac9a983ad%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2030%20May%202023%2009%3A58%3A05%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Tue%2C%2030%20May%202023%2009%3A58%3A05%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Security%20misconfiguration%2C%20excessive%20data%20exposure%2C%20and%20injections%20top%20three%20API%20vulnerability%20types%20for%20financial%20and%20tech%20firms.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Bridging%20the%20gap%3A%20How%20to%20leverage%20API%20security%20best%20practices%20to%20combat%20top%203%20vulnerability%20types%20%7C%20Group-IB%20Blog%22%7D&cb=&r=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&pageViewId=12b23399-0164-4a7e-8b39-24442bbc034a

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.155 -, , ASN (),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:05 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
376 B 152ms
112ms Image
image/gif 104.244.42.5

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=6decd830-b026-4e70-b6cf-ec81b6d2eb59&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c0acfb9c-d29a-4c59-84ac-167a5a0fd4cf&tw_document_href=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6fwj&type=javascript&version=2.3.29

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 -, , ASN (),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-response-time: 103
date: Tue, 30 May 2023 09:58:05 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: a141a5b57d1c5144
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: a1f8f337122a01c22150b57d330d30e8d73f6a81aa40b19426a9cbac709b3a99
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 169ms
116ms Image
image/gif 104.244.42.131

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6decd830-b026-4e70-b6cf-ec81b6d2eb59&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c0acfb9c-d29a-4c59-84ac-167a5a0fd4cf&tw_document_href=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6fwj&type=javascript&version=2.3.29

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 -, , ASN (),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-response-time: 104
date: Tue, 30 May 2023 09:58:04 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e2daa1fb44319c8c
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 2f6fc951dc42f9c323d1b99eecaff0b55dce848f16fd4824bb1b3e9ba5741d2d
content-length: 43

GET
H2 200 649324202964935 Show response
connect.facebook.net/signals/config/ 379 KB
108 KB 91ms
88ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/649324202964935?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

12d3f6c46cfa13bd4236130c8388e8722111e88cfc3a53b22f6dd6b499db3633

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 May 2023 09:58:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: X891EHqiF1upORzhNz8HrnHwIBSLiiMrdQKrgtlYaz5p9szwVgsh765JINEmb0O4mIlKc367h91IjSO7vBYScQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 85ms
26ms Ping
text/plain 2001:4860:4802:32::36

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-QMES53K3Y2&gtm=45je35o0&_p=2109449339&_gaz=1&cid=485761417.1685440685&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1685440685&sct=1&seg=0&dl=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&dr=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&dt=Bridging%20the%20gap%3A%20How%20to%20leverage%20API%20security%20best%20practices%20to%20combat%20top%203%20vulnerability%20types%20%7C%20Group-IB%20Blog&en=page_view&_fv=1&_ss=1
Requested by: Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 09:58:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 26ms
22ms Ping
text/plain 2a00:1450:400c:c0d::9b

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QMES53K3Y2&cid=485761417.1685440685&gtm=45je35o0&aip=1
Requested by: Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0d::9b -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 09:58:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 38ms
35ms Image
image/gif 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QMES53K3Y2&cid=485761417.1685440685&gtm=45je35o0&aip=1&z=1441828918

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 09:58:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 47ms
28ms XHR
text/plain 2a00:1450:400c:c0d::9b

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-25492706-2&cid=485761417.1685440685&jid=1014647611&gjid=1287802137&_gid=1552060836.1685440685&_u=YEBAAUAAAAAAACAAI~&z=1315315069

Requested by

Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9b -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.group-ib.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 30 May 2023 09:58:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.group-ib.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
73 KB 41ms
35ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10882981508

Requested by

Host: js-eu1.hsadspixel.net
URL: https://js-eu1.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

720f8d59a77a6a287fbb620d483e91f1e3000e83a4377c3f853726fa7a75b47a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74901
x-xss-protection: 0
last-modified: Tue, 30 May 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 May 2023 09:58:05 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
73 KB 51ms
45ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-10882981508&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-25492706-2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c573b359c9b46db1e7a595e6fe07a09f5050e71cc12368c050cfca225dc3c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74908
x-xss-protection: 0
last-modified: Tue, 30 May 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 30 May 2023 09:58:05 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
494 B 211ms
210ms Image
image/gif 2.16.187.155

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://b.6sc.co/v1/beacon/img.gif?token=e84d9c08a990af8592952e7ac9a983ad&svisitor=null&visitor=d5bd26f1-24b6-4689-8a87-9a02b304d1f7&session=2886fa21-6782-4c67-8c1f-fd13a281b877&event=ipv6&q=%7B%22address%22%3A%222a02%3A6ea0%3Ac71b%3A0%3A1011%3A5a7c%3Af71d%3Aa70b%22%7D&isIframe=false&m=%7B%22description%22%3A%22Security%20misconfiguration%2C%20excessive%20data%20exposure%2C%20and%20injections%20top%20three%20API%20vulnerability%20types%20for%20financial%20and%20tech%20firms.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Bridging%20the%20gap%3A%20How%20to%20leverage%20API%20security%20best%20practices%20to%20combat%20top%203%20vulnerability%20types%20%7C%20Group-IB%20Blog%22%7D&cb=&r=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&pageViewId=12b23399-0164-4a7e-8b39-24442bbc034a

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.155 -, , ASN (),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:05 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 02:04:22 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f03226-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 35ms
33ms Image
image/gif 2a00:1450:4001:808::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-25492706-2&cid=485761417.1685440685&jid=1014647611&_u=YEBAAUAAAAAAACAAI~&z=1414019757

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 09:58:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 37ms
35ms Image
image/gif 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-25492706-2&cid=485761417.1685440685&jid=1014647611&_u=YEBAAUAAAAAAACAAI~&z=1414019757

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 09:58:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 109ms
73ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=649324202964935&ev=PageView&dl=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&rl=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&if=false&ts=1685440685541&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1685440685539.820968305&cs_est=true&it=1685440685367&coo=false&rqm=GET

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 May 2023 09:58:05 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10882981508/ 3 KB
2 KB 71ms
19ms Script
text/javascript 2a00:1450:4001:80b::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10882981508/?random=1685440685600&cv=11&fst=1685440685600&bg=ffffff&guid=ON&async=1&gtm=45be35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&ref=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&hn=www.googleadservices.com&frm=0&tiba=Bridging%20the%20gap%3A%20How%20to%20leverage%20API%20security%20best%20practices%20to%20combat%20top%203%20vulnerability%20types%20%7C%20Group-IB%20Blog&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=1284728584.1685440686&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10882981508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

eb386f9476888fca943822629cb75b5d1addf3f2a2ff6ef8cc3b5647f6c18a91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 09:58:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1412
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/10882981508/ 42 B
64 B 20ms
19ms Image
image/gif 2a00:1450:4001:808::2004

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10882981508/?random=1685440685600&cv=11&fst=1685437200000&bg=ffffff&guid=ON&async=1&gtm=45be35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&ref=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&frm=0&tiba=Bridging%20the%20gap%3A%20How%20to%20leverage%20API%20security%20best%20practices%20to%20combat%20top%203%20vulnerability%20types%20%7C%20Group-IB%20Blog&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=59268667&rmt_tld=0&ipr=y

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 09:58:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10882981508/ 42 B
64 B 35ms
34ms Image
image/gif 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10882981508/?random=1685440685600&cv=11&fst=1685437200000&bg=ffffff&guid=ON&async=1&gtm=45be35o0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&ref=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&frm=0&tiba=Bridging%20the%20gap%3A%20How%20to%20leverage%20API%20security%20best%20practices%20to%20combat%20top%203%20vulnerability%20types%20%7C%20Group-IB%20Blog&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=59268667&rmt_tld=1&ipr=y

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 09:58:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/26812653/
Redirect Chain

https://mc.yandex.com/watch/26812653?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22...
https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%...

435 B
769 B

58ms
57ms

XHR
application/json

2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22d%2Fn%2Fq%2Fr%2Fs%2Ft%22%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A651%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1051%3Acn%3A1%3Adp%3A0%3Als%3A716715038822%3Ahid%3A720523766%3Az%3A0%3Ai%3A20230530095805%3Aet%3A1685440685%3Ac%3A1%3Arn%3A395251845%3Arqn%3A1%3Au%3A1685440685847244095%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C30%2C9%2C1%2C0%2C%2C699%2C107%2C%2C%2C%2C815%3Aco%3A0%3Acpf%3A1%3Ans%3A1685440683567%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1685440686%3At%3ABridging%20the%20gap%3A%20How%20to%20leverage%20API%20security%20best%20practices%20to%20combat%20top%203%20vulnerability%20types%20%7C%20Group-IB%20Blog&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

7742816e25adf971d4d8d64684af3a887faf2950d768debeff5d602153c80912

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 09:58:05 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Tue, 30-May-2023 09:58:05 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.group-ib.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Tue, 30-May-2023 09:58:05 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 May 2023 09:58:05 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 30-May-2023 09:58:05 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/26812653/1?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22d%2Fn%2Fq%2Fr%2Fs%2Ft%22%7D&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afp%3A651%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1051%3Acn%3A1%3Adp%3A0%3Als%3A716715038822%3Ahid%3A720523766%3Az%3A0%3Ai%3A20230530095805%3Aet%3A1685440685%3Ac%3A1%3Arn%3A395251845%3Arqn%3A1%3Au%3A1685440685847244095%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C30%2C9%2C1%2C0%2C%2C699%2C107%2C%2C%2C%2C815%3Aco%3A0%3Acpf%3A1%3Ans%3A1685440683567%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1685440686%3At%3ABridging%20the%20gap%3A%20How%20to%20leverage%20API%20security%20best%20practices%20to%20combat%20top%203%20vulnerability%20types%20%7C%20Group-IB%20Blog&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://www.group-ib.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 30-May-2023 09:58:05 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10019.WvUND37lCmktffl10kH6ZmemcyenrpXJlA_-7GbMzJ35N1RGxJkzbS9VG_hPRl5F.lUrr7yRCznHVPgn8LOxaKVCRtW8%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10019.fwvlD58hNfhta1u3CU1-fJYe44bxyybL8Ok_deQZLgRUOaqkGzinsHlDhmug4g0zjkLLzrzfEnipVAjZDZ6QBn_IZX8uVEJOUh1BM0MNVc8%2C.5Sk_Akk1z4vyiBCw7...

43 B
103 B

73ms
66ms

Image
image/gif

2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10019.fwvlD58hNfhta1u3CU1-fJYe44bxyybL8Ok_deQZLgRUOaqkGzinsHlDhmug4g0zjkLLzrzfEnipVAjZDZ6QBn_IZX8uVEJOUh1BM0MNVc8%2C.5Sk_Akk1z4vyiBCw7v3TDuKKluw%2C

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:06 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10019.fwvlD58hNfhta1u3CU1-fJYe44bxyybL8Ok_deQZLgRUOaqkGzinsHlDhmug4g0zjkLLzrzfEnipVAjZDZ6QBn_IZX8uVEJOUh1BM0MNVc8%2C.5Sk_Akk1z4vyiBCw7v3TDuKKluw%2C
date: Tue, 30 May 2023 09:58:05 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 counters.gif
forms-eu1.hsforms.com/embed/v3/ 35 B
265 B 43ms
30ms Image
image/gif 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 08b98614-7b2c-4c84-a79c-989d0390b4d8
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 27d0ac13-517b-4eda-a780-404f3d70c20c
server: cloudflare
x-trace: 2BF70346A89A391FDB9D5C220E562C4D67F7964DE9000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/star-hubspot-td/envoy-proxy-79bb87d888-m76dn
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7cf61ddfeb8b9101-FRA

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 7BD0 0
73 B 31ms
0ms Document
text/plain 2a03:2880:f176:181:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.group-ib.com
URL: https://www.group-ib.com/blog/api-security-best-practices/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.group-ib.com
Referer: https://www.group-ib.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.group-ib.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 30 May 2023 09:58:06 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 709834390277869 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 72ms
71ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/709834390277869?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 -, , ASN (),

Reverse DNS

Software

Resource Hash

1196f279a6c7440fd6e93fe91c0756ddadf1b5766e02a292da96404e2e6c3ff9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 30 May 2023 09:58:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: FLjAktOsnF6KqZqLSanbJ53KhlaJpQafbrQ+Tq39qVNrge06zklzla+szrea3sDA6pKoOrokxPtTDW+qFL/UCw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 __ptq.gif
track-eu1.hubspot.com/ 45 B
1 KB 61ms
36ms Image
image/gif 172.65.240.166

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1944070336&v=1.1&a=25755956&rcu=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&r=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&pu=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&t=Bridging+the+gap%3A+How+to+leverage+API+security+best+practices+to+combat+top+3+vulnerability+types+%7C+Group-IB+Blog&cts=1685440686122&vi=80f4e8e38c75ff3450789a2356a539b8&nc=true&u=84897990.80f4e8e38c75ff3450789a2356a539b8.1685440686111.1685440686111.1685440686111.1&b=84897990.1.1685440686111&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.240.166 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: db3db4f1-d771-4de7-9120-12928eb2e98b
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 138f4a36-55f2-42a1-8923-4e99a54bfac1
last-modified: Tue, 30 May 2023 09:58:06 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWYago3ucCZw8E6rh2kS3tpsCeAp%2F5fMdqw3r4wbPeSr6hnLCC2nUXcScxIryHEuerMx3suwudu0GRxjVkAXbjdKxEphiFnepY4i51cNE49Juo%2B89DDBWAhmt8eMjijKli7FyrcH9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: fra04/analytics-tracking-td/envoy-proxy-58947f5fdd-h84d7
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 7cf61de07ac03831-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track-eu1.hubspot.com/ 45 B
626 B 34ms
33ms Image
image/gif 172.65.240.166

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track-eu1.hubspot.com/__ptq.gif?k=15&fi=044e7558-8073-478a-ad3c-5807dd76840f&fci=8dda3e56-946b-45f1-855c-d45a6bc741dc&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1944070336&v=1.1&a=25755956&rcu=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&r=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&pu=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&t=Bridging+the+gap%3A+How+to+leverage+API+security+best+practices+to+combat+top+3+vulnerability+types+%7C+Group-IB+Blog&cts=1685440686126&vi=80f4e8e38c75ff3450789a2356a539b8&nc=true&u=84897990.80f4e8e38c75ff3450789a2356a539b8.1685440686111.1685440686111.1685440686111.1&b=84897990.1.1685440686111&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.240.166 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 355af714-1141-481d-a519-9cd80343fbcc
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a1a74d12-3abb-4a01-a630-f63f1f798689
last-modified: Tue, 30 May 2023 09:58:06 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOuNPvcWdQk2RJWw3nCWthgixeAwrC8TImfNdXHzC7I90kg8u5Ffy0xUXM8f7ZHZNaIANcmj8av%2FkQvFmnTKrCbQtb9Pje8WDSLMOpBH0sL7EZXFGswgvk8UNrLRpYptoBpUiHtu5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: fra04/analytics-tracking-td/envoy-proxy-58947f5fdd-m9j4k
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 7cf61de09adb3831-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track-eu1.hubspot.com/ 45 B
636 B 37ms
35ms Image
image/gif 172.65.240.166

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track-eu1.hubspot.com/__ptq.gif?k=17&fi=044e7558-8073-478a-ad3c-5807dd76840f&fci=8dda3e56-946b-45f1-855c-d45a6bc741dc&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1944070336&v=1.1&a=25755956&rcu=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&r=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&pu=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&t=Bridging+the+gap%3A+How+to+leverage+API+security+best+practices+to+combat+top+3+vulnerability+types+%7C+Group-IB+Blog&cts=1685440686127&vi=80f4e8e38c75ff3450789a2356a539b8&nc=true&u=84897990.80f4e8e38c75ff3450789a2356a539b8.1685440686111.1685440686111.1685440686111.1&b=84897990.1.1685440686111&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.240.166 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 4554c3a6-28e5-48f1-b2cc-d372f98f1438
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3ac59839-2915-464c-9110-d0ebd7fd6cbf
last-modified: Tue, 30 May 2023 09:58:06 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ziab6m1xOOnwU%2FXCIO8U9Wt093JQlUXCGJK5eNIIy4xJdTnWcO00tKcBI7g7QewIGQnUz0dm46maJT%2BkHZ0xP6SrqRFtx6N0DOl9k8roLltbNr%2B1m7OrMF8%2Btu8pRvH0YQUWV6aCxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: fra04/analytics-tracking-td/envoy-proxy-58947f5fdd-44rts
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 7cf61de09adc3831-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track-eu1.hubspot.com/ 45 B
630 B 53ms
51ms Image
image/gif 172.65.240.166

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track-eu1.hubspot.com/__ptq.gif?k=15&fi=4dbceae1-75ae-423a-9c12-dee8f1ca3345&fci=b6390e52-58ea-49e4-a18c-832119abcb57&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1944070336&v=1.1&a=25755956&rcu=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&r=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&pu=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&t=Bridging+the+gap%3A+How+to+leverage+API+security+best+practices+to+combat+top+3+vulnerability+types+%7C+Group-IB+Blog&cts=1685440686128&vi=80f4e8e38c75ff3450789a2356a539b8&nc=true&u=84897990.80f4e8e38c75ff3450789a2356a539b8.1685440686111.1685440686111.1685440686111.1&b=84897990.1.1685440686111&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.240.166 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ec161ec4-faa1-4e27-83b7-5573446a98e9
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 73f0fd9d-1600-4a02-8424-de6b8d8a945b
last-modified: Tue, 30 May 2023 09:58:06 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4mg5E5AAH93GbGNl5f59nncS65ksQiopGqRDnbSJImHAilMz49VSCAXmlNCigbei3yDjAcvSsviyPY30o2b%2BhVfGAbroR3t0Ed%2FTGP3PnKCSQlkrlS89f5viF3WiTjDT8bumvr7odw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: fra04/analytics-tracking-td/envoy-proxy-58947f5fdd-x2249
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 7cf61de09ade3831-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track-eu1.hubspot.com/ 45 B
1 KB 51ms
49ms Image
image/gif 172.65.240.166

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track-eu1.hubspot.com/__ptq.gif?k=17&fi=4dbceae1-75ae-423a-9c12-dee8f1ca3345&fci=b6390e52-58ea-49e4-a18c-832119abcb57&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1944070336&v=1.1&a=25755956&rcu=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&r=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&pu=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&t=Bridging+the+gap%3A+How+to+leverage+API+security+best+practices+to+combat+top+3+vulnerability+types+%7C+Group-IB+Blog&cts=1685440686130&vi=80f4e8e38c75ff3450789a2356a539b8&nc=true&u=84897990.80f4e8e38c75ff3450789a2356a539b8.1685440686111.1685440686111.1685440686111.1&b=84897990.1.1685440686111&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.240.166 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 61669a8b-3a1b-4f03-aa0f-532e4b5471cb
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ac541fda-e124-4f6b-ba8d-012f9e851c0a
last-modified: Tue, 30 May 2023 09:58:06 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wIWi8NC4j6MjOTS0y0DHuh9Gu8Kf3Nv3ccdAuf4yp8Ag7U7XJUHXcmZdOwrNlFCCcjMPxuyo%2B08Te5M89LXM34%2BgN0FZQ3bOEEKVVV6U4dHkka3BZMkxHU01LvdwN942W0bTxQDmiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: fra04/analytics-tracking-td/envoy-proxy-58947f5fdd-pfms8
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 7cf61de09adf3831-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track-eu1.hubspot.com/ 45 B
639 B 52ms
50ms Image
image/gif 172.65.240.166

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track-eu1.hubspot.com/__ptq.gif?k=15&fi=55a22738-d5a5-43f9-9c1c-fa4c1a6eb349&fci=9a8077c0-f0b9-4e55-87d7-f126a8c38b00&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1944070336&v=1.1&a=25755956&rcu=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&r=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&pu=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&t=Bridging+the+gap%3A+How+to+leverage+API+security+best+practices+to+combat+top+3+vulnerability+types+%7C+Group-IB+Blog&cts=1685440686131&vi=80f4e8e38c75ff3450789a2356a539b8&nc=true&u=84897990.80f4e8e38c75ff3450789a2356a539b8.1685440686111.1685440686111.1685440686111.1&b=84897990.1.1685440686111&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.240.166 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: a0a1e4c3-7ce1-4e33-b2bf-5758ee5f5fd4
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 4
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0ad64ce5-9f73-4318-9b1b-6042b474e24d
last-modified: Tue, 30 May 2023 09:58:06 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FgIyEjhrKZ%2BWLVs5pe4gI2niD3lf14FbEX5sBYJYJ1Qg0Sjlzs3z5yYyt3QteG0oqF3eLhkjC8ddVYEZF6Fn7%2FngkU54jTnnDJyv8eoyyDSE%2FAhlvc%2Fsc3%2FB5dN%2Fntc%2F4nqqLwPleg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: fra04/analytics-tracking-td/envoy-proxy-58947f5fdd-qxgr9
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 7cf61de09ae03831-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track-eu1.hubspot.com/ 45 B
1 KB 54ms
52ms Image
image/gif 172.65.240.166

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track-eu1.hubspot.com/__ptq.gif?k=17&fi=55a22738-d5a5-43f9-9c1c-fa4c1a6eb349&fci=9a8077c0-f0b9-4e55-87d7-f126a8c38b00&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1944070336&v=1.1&a=25755956&rcu=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&r=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&pu=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&t=Bridging+the+gap%3A+How+to+leverage+API+security+best+practices+to+combat+top+3+vulnerability+types+%7C+Group-IB+Blog&cts=1685440686132&vi=80f4e8e38c75ff3450789a2356a539b8&nc=true&u=84897990.80f4e8e38c75ff3450789a2356a539b8.1685440686111.1685440686111.1685440686111.1&b=84897990.1.1685440686111&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.240.166 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 0f012a10-6276-4a73-81d3-b3884b517c03
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7757284b-b3cf-4c9d-a75b-2dd576a26219
last-modified: Tue, 30 May 2023 09:58:06 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SD5KHQkgy3vTooLKAALLPbnlBYdjwyK%2FjxIdpSmZh04OqMzcXQa7iqU3KIZDxNDr59St8G4496akIS78EBpQiHddCEvSwENO5CoMJz%2Fwo7sZIRxRwnmqiEXJXPKdvl6YSJ%2Fqcl%2FUgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: fra04/analytics-tracking-td/envoy-proxy-58947f5fdd-pfms8
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 7cf61de09ae23831-FRA
x-robots-tag: none

GET
H2 200 facebook-64.svg
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/ 627 B
1 KB 76ms
74ms Image
image/svg+xml 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/facebook-64.svg

Requested by

Host: website.cdn.group-ib.com
URL: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f006e8bbfa4f0537780571436b5bed50ff10ff28759924c53b67732ec5af28ba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:06 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 376
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 29 Nov 2022 07:39:21 GMT
server: nginx
etag: "273-5ee9716178eea-gzip"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: jQC_tSUCOf6xqZRuT0zgwlHo9jwi_dzHzpvHBKTrC2a7epjiYdrw3w==
expires: Tue, 30 May 2023 10:28:06 GMT

GET
H2 200 facebook-lbg.svg
website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/ 1 KB
1 KB 48ms
46ms Image
image/svg+xml 2600:9000:225b:1800:9:7af6:1700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/images/socials/facebook-lbg.svg

Requested by

Host: website.cdn.group-ib.com
URL: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:225b:1800:9:7af6:1700:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1e0e607b314623cf3e5ba71869ca47d1549556369988daa5e8a1bf56559c2973

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://website.cdn.group-ib.com/wp-content/themes/gib-theme/assets/css/single-blog-post.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self';
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 30 May 2023 09:58:06 GMT
via: 1.1 32700c539a5f821aadd3624288c4aeb6.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-length: 522
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 29 Nov 2022 07:39:21 GMT
server: nginx
etag: "4f0-5ee9716178eea-gzip"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://www.group-ib.com
cache-control: max-age=1800, private, max-age=3600
permissions-policy: accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges: bytes
x-amz-cf-id: r_kbI4_8C9A8D74Y5yPtfSKDSo5tKHIUD7T-b5wtQWSXTM5k_UdABg==
expires: Tue, 30 May 2023 10:28:06 GMT

POST
H2 200 1
mc.yandex.com/watch/26812653/ 43 B
74 B 268ms
267ms XHR
image/gif 2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26812653/1?page-url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&charset=utf-8&hittoken=1685440685_659b0121bb91cb23fd6b26920b82b96752d11d6eee47529c71abbf0334894dee&browser-info=pa%3A1%3Aar%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1051%3Acn%3A1%3Adp%3A1%3Als%3A716715038822%3Ahid%3A720523766%3Az%3A0%3Ai%3A20230530095805%3Aet%3A1685440686%3Ac%3A1%3Arn%3A207517402%3Arqn%3A2%3Au%3A1685440685847244095%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1685440683567%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1685440686&t=gdpr(14)mc(p-3)clc(0-0-0)rqnt(2)lt(84300)aw(1)ti(2)

Requested by

Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 30 May 2023 09:58:06 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 30-May-2023 09:58:06 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://www.group-ib.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 30-May-2023 09:58:06 GMT

POST
H2 200 1
mc.yandex.com/watch/26812653/ 43 B
74 B 267ms
266ms XHR
image/gif 2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26812653/1?page-url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&charset=utf-8&hittoken=1685440685_659b0121bb91cb23fd6b26920b82b96752d11d6eee47529c71abbf0334894dee&browser-info=pa%3A1%3Aar%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1051%3Acn%3A1%3Adp%3A1%3Als%3A716715038822%3Ahid%3A720523766%3Az%3A0%3Ai%3A20230530095805%3Aet%3A1685440686%3Ac%3A1%3Arn%3A604980538%3Arqn%3A3%3Au%3A1685440685847244095%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1685440683567%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1685440686&t=gdpr(14)mc(p-3)clc(0-0-0)rqnt(3)lt(84300)aw(1)ti(2)

Requested by

Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 30 May 2023 09:58:06 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 30-May-2023 09:58:06 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://www.group-ib.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 30-May-2023 09:58:06 GMT

POST
H2 200 1
mc.yandex.com/watch/26812653/ 43 B
122 B 266ms
265ms XHR
image/gif 2a02:6b8::1:119

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26812653/1?page-url=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&charset=utf-8&hittoken=1685440685_659b0121bb91cb23fd6b26920b82b96752d11d6eee47529c71abbf0334894dee&browser-info=pa%3A1%3Aar%3A1%3Avf%3A7g4yzra6nxw2gnzj738gkwv%3Afu%3A1%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1051%3Acn%3A1%3Adp%3A1%3Als%3A716715038822%3Ahid%3A720523766%3Az%3A0%3Ai%3A20230530095805%3Aet%3A1685440686%3Ac%3A1%3Arn%3A611640921%3Arqn%3A4%3Au%3A1685440685847244095%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1685440683567%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1685440686&t=gdpr(14)mc(p-3)clc(0-0-0)rqnt(4)lt(84300)aw(1)ti(2)

Requested by

Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.group-ib.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 30 May 2023 09:58:06 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 30-May-2023 09:58:06 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: image/gif
access-control-allow-origin: https://www.group-ib.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 30-May-2023 09:58:06 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 23ms
19ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2109449339&t=timing&_s=2&dl=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&ul=en-us&de=UTF-8&dt=Bridging%20the%20gap%3A%20How%20to%20leverage%20API%20security%20best%20practices%20to%20combat%20top%203%20vulnerability%20types%20%7C%20Group-IB%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2541&pdt=9&dns=0&rrt=1&srt=30&tcp=0&dit=740&clt=815&_gst=709&_gbt=1513&_u=YGDAAUABAAAAAGAEK~&jid=&gjid=&cid=485761417.1685440685&tid=UA-25492706-2&_gid=1552060836.1685440685&gtm=457e35o0&z=1856832852

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 04:28:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
18ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=2109449339&t=timing&_s=2&dl=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&ul=en-us&de=UTF-8&dt=Bridging%20the%20gap%3A%20How%20to%20leverage%20API%20security%20best%20practices%20to%20combat%20top%203%20vulnerability%20types%20%7C%20Group-IB%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2541&pdt=9&dns=0&rrt=1&srt=30&tcp=0&dit=740&clt=815&_gst=709&_gbt=1513&_u=YGDAgUABAAAAAGAEK~&jid=&gjid=&cid=485761417.1685440685&tid=UA-25492706-2&_gid=1552060836.1685440685&gtm=45He35o0n71PW7265&cg1=COM%3A%20Blog%20and%20Media&cd1=485761417.1685440685&z=1280474864

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 May 2023 04:28:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19773
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 fl Show response
www.group-ib.com/api/ 665 B
783 B 39ms
32ms XHR
application/json 3.72.181.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.group-ib.com/api/fl?u=69270af0-fe18-11ed-b99a-d752889094b4&cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24=H71xO9jf50wA97JDCWCYCewEsJm9X%2BfFGblKKjh1%2F1d60T95WLTnPZ4gJj74%2BZX92CW1xWYDAbwDBYFpMQTnnUGWWPNC0JFAbBLmMrerYchb7xIz5TQXUxJW3zgsQhSE%2BfQ%2B3WDE8m1QyIeZSjpYdyztLZh46S41xpp7
Requested by: Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: fb299708e3157c4cc7764768575a8d51a618362938e8c04eebdb3ffa7679c0d7

Request headers

X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24: 9sqSV6M8MQF7jCJy9B7E/b1CjZpVVmbFCm7xhe1c0vFbiYQFz7g4k6zvkseHye+6y5IM+5ArVSUCprBfbx+GKiBDE2h6WID9jSyC9c/N5ZW+G8gIEbYw7Z7MY22sjvWpt/TfRTx1xa6LrVRkFHGJmLH8/w2p0OO5J5eiGmEgr6QMv5FcCpZJTDocRHYjV8UtZ4x+sh4FDFwAQkQTml96miZMgTD3dp6sGAsW6H2k66tjOXstfEcSTrzB3i6mXA==
Referer: https://www.group-ib.com/blog/api-security-best-practices/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24: vgPWf8d0f2a40816571899db791964fb971a5d36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 30 May 2023 09:58:06 GMT
content-encoding: gzip
server: istio-envoy
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.group-ib.com
cache-control: no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 11ms
9ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=709834390277869&ev=PageView&dl=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&rl=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&if=false&ts=1685440686332&sw=1600&sh=1200&ud[external_id]=80f4e8e38c75ff3450789a2356a539b8&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1685440685539.820968305&it=1685440685367&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 30 May 2023 09:58:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 219ms
216ms Image
image/gif 2.16.187.155

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.155 -, , ASN (),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:06 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Sat, 18 Feb 2023 00:49:36 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "63f020a0-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 counters.gif
forms-eu1.hsforms.com/embed/v3/ 35 B
202 B 37ms
35ms Image
image/gif 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1

Requested by

Host: js-eu1.hscollectedforms.net
URL: https://js-eu1.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 65b8cf59-b9cb-47a4-97c4-7bd1ac3e6479
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: c0ca2819-fe17-41c2-9b9f-cfdb7c41c324
server: cloudflare
x-trace: 2B15B2CE24DF658734F1E12D7667045BB8040618FF000000000000000000
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/star-hubspot-td/envoy-proxy-79bb87d888-p4pw9
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 7cf61de4c8949101-FRA

POST
H3 200 /
www.facebook.com/tr/ Frame E1AB 0
15 B 17ms
16ms Document
text/plain 2a03:2880:f176:181:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.group-ib.com
Referer: https://www.group-ib.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.group-ib.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 30 May 2023 09:58:06 GMT
priority: u=0,i
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 281ms
281ms Image
image/gif 2.16.187.155

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.155 -, , ASN (),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:07 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 218ms
214ms Image
image/gif 2.16.187.155

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.155 -, , ASN (),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:08 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 img.gif
b.6sc.co/v1/beacon/ 43 B
493 B 280ms
280ms Image
image/gif 2.16.187.155

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.155 -, , ASN (),

Reverse DNS

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.group-ib.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Tue, 30 May 2023 09:58:09 GMT
x-content-type-options: nosniff
content-length: 43
pragma: no-cache
last-modified: Tue, 05 Oct 2021 22:17:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "615ccf10-2b"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 19 Apr 2000 11:43:00 GMT

GET img.gif
b.6sc.co/v1/beacon/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: b.6sc.co
URL: https://b.6sc.co/v1/beacon/img.gif?token=e84d9c08a990af8592952e7ac9a983ad&svisitor=null&visitor=d5bd26f1-24b6-4689-8a87-9a02b304d1f7&session=2886fa21-6782-4c67-8c1f-fd13a281b877&event=active_time_track&q=%7B%22currentTime%22%3A%22Tue%2C%2030%20May%202023%2009%3A58%3A10%20GMT%22%2C%22lastTrackTime%22%3A%22Tue%2C%2030%20May%202023%2009%3A58%3A09%20GMT%22%2C%22timeSpent%22%3A%221002%22%2C%22totalTimeSpent%22%3A%225023%22%7D&isIframe=false&m=%7B%22description%22%3A%22Security%20misconfiguration%2C%20excessive%20data%20exposure%2C%20and%20injections%20top%20three%20API%20vulnerability%20types%20for%20financial%20and%20tech%20firms.%22%2C%22keywords%22%3A%22%22%2C%22title%22%3A%22Bridging%20the%20gap%3A%20How%20to%20leverage%20API%20security%20best%20practices%20to%20combat%20top%203%20vulnerability%20types%20%7C%20Group-IB%20Blog%22%7D&cb=&r=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.group-ib.com%2Fblog%2Fapi-security-best-practices%2F&pageViewId=12b23399-0164-4a7e-8b39-24442bbc034a

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.group-ib.com/	1970-01-20 12:10:40	Name: gssc213174 Value:
.www.group-ib.com/	1970-01-20 20:56:16	Name: __zzatgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: MDA0dBA=Fz2+aQ==
.group-ib.com/	1970-01-20 20:56:16	Name: __zzatgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: MDA0dBA=Fz2+aQ==
.ws.zoominfo.com/	1970-01-20 20:56:16	Name: visitorId Value: 1e9d369e2dcc9acb850bfb0be6445f97a2f7587da2956b04059205e49208a611
.zoominfo.com/	1970-01-20 12:10:42	Name: __cf_bm Value: btChvGY7Wdw1dG4E2h3uyCiywLByYZAId0r3OiLutGI-1685440684-0-AfM+26CwKzTL3F6ISEi/K0SNJ19qC8ztrSx6Va1neemqLEu900YM46pzVqs9quRYeAO9UT/OxfL8kBphHfpDhs8=
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: hdwoaQEVbsp5DXph_LzXc8XqzgHhSFk5he7szID1qlA-1685440684752-0-604800000
.linkedin.com/	1970-01-20 12:12:07	Name: lidc Value: "b=OGST00:s=O:r=O:a=O:p=O:g=3006:u=1:x=1:i=1685440684:t=1685527084:v=2:sig=AQGcQZPbr4-akpdyI1vnJM15Rlx9H63P"
.group-ib.com/	1970-01-20 12:12:07	Name: _gid Value: GA1.2.1552060836.1685440685
.group-ib.com/	1970-01-20 12:10:40	Name: _gat_gtag_UA_25492706_2 Value: 1
.linkedin.com/	1970-01-20 14:20:16	Name: li_sugr Value: d7bb074c-ee7b-45c1-bcf0-4dcc950b82db
.linkedin.com/	1970-01-20 12:53:52	Name: UserMatchHistory Value: AQJmNr18X6XalQAAAYhsF-QBKSZmqYRT6hmjsAHozJbO5vQG9Oh8UlecY8DfTmPkMPiGMNdu3W_NbQ
.linkedin.com/	1970-01-20 12:53:52	Name: AnalyticsSyncHistory Value: AQJRT6VDDflvsAAAAYhsF-QB3mx2eP4mk8UlMuAGVfpagh4gBF1uWLbzKo0VO5bTxBeTnVXmfK_wOwK-aZkEEw
.linkedin.com/	1970-01-20 20:56:16	Name: bcookie Value: "v=2&fbb705a4-16a1-42b0-8048-2aa1198ed0ba"
.group-ib.com/	1970-01-20 12:10:40	Name: _dc_gtm_UA-25492706-2 Value: 1
.group-ib.com/	1970-01-20 20:56:16	Name: _ym_uid Value: 1685440685847244095
.group-ib.com/	1970-01-20 20:56:16	Name: _ym_d Value: 1685440685
www.group-ib.com/	1970-01-20 21:46:40	Name: _gd_visitor Value: d5bd26f1-24b6-4689-8a87-9a02b304d1f7
www.group-ib.com/	1970-01-20 12:10:55	Name: _gd_session Value: 2886fa21-6782-4c67-8c1f-fd13a281b877
.mc.yandex.com/	1970-01-20 12:10:41	Name: sync_cookie_csrf Value: 4010672184fake
.group-ib.com/	1970-01-20 21:46:40	Name: _ga_QMES53K3Y2 Value: GS1.1.1685440685.1.0.1685440685.60.0.0
.group-ib.com/	1970-01-20 21:46:40	Name: _ga Value: GA1.1.485761417.1685440685
.www.linkedin.com/	1970-01-20 20:56:16	Name: bscookie Value: "v=1&2023053009580575ce14b5-fc3b-4016-8843-157d669252cbAQHD0M3r2ehYVsDpYZtPqkcFZxb37_n9"
.linkedin.com/	1970-01-20 16:29:52	Name: li_gc Value: MTswOzE2ODU0NDA2ODU7MjswMjF65115CCYnbfxpP5st+0Jde/lCAH1UK/lC1M/UOZxkUg==
.group-ib.com/	1970-01-20 12:11:52	Name: _ym_isad Value: 2
.t.co/	1970-01-20 21:46:40	Name: muc_ads Value: b9d6daa2-1109-4f02-b6e2-89f4105c4210
.group-ib.com/	1970-01-20 14:20:16	Name: _fbp Value: fb.1.1685440685539.820968305
.twitter.com/	1970-01-20 21:46:40	Name: personalization_id Value: "v1_DBUr8tmAV8X3dlCwBfRK8g=="
.group-ib.com/	1970-01-20 14:20:16	Name: _gcl_au Value: 1.1.1284728584.1685440686
.mc.yandex.ru/	1970-01-20 12:10:41	Name: sync_cookie_csrf Value: 235941128fake
.doubleclick.net/	1970-01-20 12:10:41	Name: test_cookie Value: CheckForPermission
.6sc.co/	1970-01-20 21:46:40	Name: 6suuid Value: 97bb1002e0b63000adc87564cb0200002dc32300
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 381809811685440685
.yandex.com/	1970-01-20 21:46:40	Name: i Value: 66YmVafCEdtFTsPynjPcocZZCda3v1iSVPX1Yd3NEXdF5Zg7+3SO6YcAb1+hjQ26hRtAz26vZ/lV8ucrAOCQbahq0+s=
.yandex.com/	1970-01-20 21:46:40	Name: yandexuid Value: 5278876661685440685
.yandex.com/	1970-01-20 20:56:16	Name: yuidss Value: 5278876661685440685
.yandex.com/	1970-01-20 20:56:16	Name: ymex Value: 1716976685.yc.1685440685#1716976685.yrts.1685440685#1716976685.yrtsi.1685440685
.yandex.com/	1970-01-20 20:56:16	Name: bh Value: KgI/MA==
.group-ib.com/	1970-01-20 16:29:52	Name: __hstc Value: 84897990.80f4e8e38c75ff3450789a2356a539b8.1685440686111.1685440686111.1685440686111.1
.group-ib.com/	1970-01-20 16:29:52	Name: hubspotutk Value: 80f4e8e38c75ff3450789a2356a539b8
.group-ib.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.group-ib.com/	1970-01-20 12:10:42	Name: __hssc Value: 84897990.1.1685440686111
.hubspot.com/	1970-01-20 12:10:42	Name: __cf_bm Value: SiBh39XQSjBdE2oS_6ujHYj57AVG6gBeEINC5nLxuLI-1685440686-0-AVjmPRCmUye+hZQSXnTxPrX3dIpRrQkbWP2D9408EhW/yLSvSSt6QGloggMmACyB2wv1Aa058ubOhaEwwdspb34=
www.group-ib.com/	1970-01-20 20:56:16	Name: cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: zWAIUNLCZE9qMRrjeueFmVuigDO7QWTaDKj6DsxC2NW0m+Vn24JOqazV7AZzVdR2VoMVkoCC2uYef0WifWqsyWDQxV4MUvBSMWk3uF5ehQwBNq/pdzzt1f7JFXMYxK2vWGwtrDDgVv1PUsyNz5fOFKORRta8ceN40gzC
.www.group-ib.com/	1970-01-20 20:56:16	Name: cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: zWAIUNLCZE9qMRrjeueFmVuigDO7QWTaDKj6DsxC2NW0m+Vn24JOqazV7AZzVdR2VoMVkoCC2uYef0WifWqsyWDQxV4MUvBSMWk3uF5ehQwBNq/pdzzt1f7JFXMYxK2vWGwtrDDgVv1PUsyNz5fOFKORRta8ceN40gzC
.group-ib.com/	1970-01-20 20:56:16	Name: cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: zWAIUNLCZE9qMRrjeueFmVuigDO7QWTaDKj6DsxC2NW0m+Vn24JOqazV7AZzVdR2VoMVkoCC2uYef0WifWqsyWDQxV4MUvBSMWk3uF5ehQwBNq/pdzzt1f7JFXMYxK2vWGwtrDDgVv1PUsyNz5fOFKORRta8ceN40gzC
.www.group-ib.com/	1970-01-20 20:56:16	Name: gsscgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: pVmlh58/tCGOYAYXvk+ulNt6J2+CuFMsVGO0l/X9kzdsFi/UQ1dlGJvQzHnFpIquUIXxqu/uDW2NTAidTuCo4N8SGG2BHdYtnLh+EfIqZH0VAf3bBAv2QpQ/ewcTnU7HUZMNsxKRCIByFQXOtVlFQhVxUHgEsMYZt5Sk9EcJGHkgae6wVOY4mdZmZOFbKrLwe8Zla0acnxwchIPgSza3kjnm1/LrgH56Pxkm5HhdSYJcgY5CwLQoVRl5j985cQ==
.group-ib.com/	1970-01-20 20:56:16	Name: gsscgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: pVmlh58/tCGOYAYXvk+ulNt6J2+CuFMsVGO0l/X9kzdsFi/UQ1dlGJvQzHnFpIquUIXxqu/uDW2NTAidTuCo4N8SGG2BHdYtnLh+EfIqZH0VAf3bBAv2QpQ/ewcTnU7HUZMNsxKRCIByFQXOtVlFQhVxUHgEsMYZt5Sk9EcJGHkgae6wVOY4mdZmZOFbKrLwe8Zla0acnxwchIPgSza3kjnm1/LrgH56Pxkm5HhdSYJcgY5CwLQoVRl5j985cQ==
.www.group-ib.com/	1970-01-20 20:56:16	Name: fgsscgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: 7GOC93678068b12019cf2772efe9b2c5b0b14b7c
.group-ib.com/	1970-01-20 20:56:16	Name: fgsscgib-w-61354c22-16cc-40a8-a871-6901f1a76e24 Value: 7GOC93678068b12019cf2772efe9b2c5b0b14b7c

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.group-ib.com/blog/api-security-best-practices/ Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api-eu1.hubapi.com
api.neverbounce.com
b.6sc.co
c.6sc.co
cdn.neverbounce.com
connect.facebook.net
fhp-aws-antibot-back.group-ib.com
forms-eu1.hscollectedforms.net
forms-eu1.hsforms.com
forms.hsforms.com
googleads.g.doubleclick.net
ipv6.6sc.co
j.6sc.co
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hsadspixel.net
js-eu1.hscollectedforms.net
js-eu1.hsforms.net
mc.yandex.com
mc.yandex.ru
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
track-eu1.hubspot.com
website.cdn.group-ib.com
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.group-ib.com
www.linkedin.com
b.6sc.co
104.244.42.131
104.244.42.5
107.21.40.231
13.107.42.14
13.225.78.65
146.75.120.157
172.65.192.122
172.65.202.201
172.65.208.22
172.65.219.229
172.65.232.43
172.65.238.60
172.65.240.166
172.65.255.172
2.16.187.155
2001:4860:4802:32::36
2600:9000:225b:1800:9:7af6:1700:93a1
2606:4700::6810:a852
2606:4700::6811:d5f3
2620:1ec:21::14
2a00:1450:4001:808::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:813::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2008
2a00:1450:400c:c0d::9b
2a02:26f0:480:23::1726:62a7
2a02:6b8::1:119
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3200::90:0
3.72.181.255
3.72.191.153
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c
092345c20e95a1a5aa797aa64efdcad7f15737c4c360d09d44c7411329dec089
1196f279a6c7440fd6e93fe91c0756ddadf1b5766e02a292da96404e2e6c3ff9
12475fdd5d48640d7ad60670a2342f02cf560b8cd977cf8e7e624e6a22576f82
12d3f6c46cfa13bd4236130c8388e8722111e88cfc3a53b22f6dd6b499db3633
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
15534f98c260c3c3caaedf53335d912010b2de1731477a9fd4dbea89fb4995d9
185a823544af79a6a21e702268c4b09c171b2fc6670653dffac2fcb96e7aa396
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367
1e0e607b314623cf3e5ba71869ca47d1549556369988daa5e8a1bf56559c2973
1e1aef19c5615e1e174346af6d5c1e86065b123d8931b9ae559e8900c38734c1
1e1bce508370a6994bd3e0e67c257f06875e16ca2038c27f498616a0f0d55687
1efe16c9efbadde5e242d88a315eca3906a55669fcd4882a904fbc723306a4e4
294fdc878aa8c42b19edc18d385880ad886397846aca640c305f3eb53a965e13
2be8ce2b065360537771ed230d5d72cbd84758ec127ffa035e6d260ed14af5b0
31d1c5bd0cd38e6e6b8eb944944df273044e826c7d3daacbe602caead3068c7a
3689e488f5478e26f0347353ad608ccd66e4d62992021c51d9db93f89d43c880
38b5c33193edba07b1e5a7c080034199c2f58ea32f9d880787c51c687d6bd304
3b63b449bde0f2c40eb23801ac24bd82666bd3a766c77b953ff75e6f3e257460
3c573b359c9b46db1e7a595e6fe07a09f5050e71cc12368c050cfca225dc3c2a
43f22362329b9705cf8629061fb5b1d1a38f1cc2bc9fd46728f73e5cd9eb77cf
45f4735fee499346d3bf9d23dfaa3025aaba8db1819516871aab49867b6e32d6
483ec486a8c947a82da6462397dbe386bebab6b2921f517c35e2b9cb53498c89
49d4fa2983f6350de2f63d55cc153050def7d66f9a92a61bccbe0de881512003
4aebf09e541acbdec678608c672bc670484930f2a4aba43dc3bea8ab323a76bb
4aec96eddab69454e554bb60664da2e5043c363ebef6921644f619523e7274d7
4cba6543c7061f9dc95e6f9b1e2eb96cdbb555cfbf059de21bf9dc463afe234f
520bbd5b67e96f1b1aeb551a189dd2c680502b5383a3d4cbb4958b405e8551df
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
574ab1a3d7b47add5d43a927f62c87698264f63572acd70b42081dd4a1dc5ced
589c9a6a159cf2ecc8555bc4457827f21002eaec9a24e3bc54401ed0b4d30ac8
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5f4ad169d92e6672202eb340ddc857e11802d10ba2722b80ebe1b5d31371c2ab
6068122af5aaf3871c283132bb19ddafc391f4cb78126882ca18a7c5f4c03611
641a4b99adf6ec3e67a303f16f4fe9b2caac7cc87bbe539e09d630be29214ffe
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b0775723ccade5ca3170fcc6a321c5b4768a5dc2b7c83b8b8b595407a2f0018
6b582fc82cbb62bd258392616702d7e7aa1d4a4a1c4cb23bfec2bc528c8b4a72
6cee0fb06339ba13e1f15d044e0e4904bbeeb7fbe4351e3f102b6d80b2465061
6e8e462ee6646b1101c16693d8becdfe06c50c68f5d22350e211e157067c11da
6ef1f43c331150d23e01b41927542d8dc5e0d363422a2909e5343bcd6f2082e9
720f8d59a77a6a287fbb620d483e91f1e3000e83a4377c3f853726fa7a75b47a
723de2ff7ec62357a8866addfd0a81a94edc5e06cee2ea2cb3c6a6950b1ce7d1
7574ba97d4ee7e81bd60873a52a31ff13359f246d0ac492ef2dabf96233a99e6
7742816e25adf971d4d8d64684af3a887faf2950d768debeff5d602153c80912
7b505661e730cee3a577f971defb04a68e5882846ca94bca825f3c7c210849e2
808606f159b3d4b670c89affc995cc23342154d4350dfb2cf1014952cdee7662
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f071f21280a5e64742fcf0f1d633d36470488059ede6ffc4174fb74ff71281
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87529cdcb37996a86356548eea055805fdfeb0865278efb9f2f3614ebc882e29
884314ddd17691acdb5c52114ecfd76e4d0894abf7270f1be03683d805c4d168
8963e927914bfbfe29e6f6b59578b01a28b8a91ef74c138f66927408fa67820b
8d15a221986226efe4f742f390f46f9d5ae8b2008a6edd40e10ff121ef9cca9b
9349b5f4fe9aed919fc635af8fef55eb49baaa591f5686edd82f993fb0484167
942e02acf640c0308f65e057a8afaed63dfaf995034cda9cfc75532a1009ec72
997d49d316b533985208f14602a1ff15a76bf6a567afbb6b6980629ca8d78bab
a300a894e169169882504968fae71958a87e0a4322e2aee1b6b0bbd63fd9621f
ac57c7130d61697977d2ed1796c27eefed8249083472716e474e5604b20636aa
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae9dad69229703dfa3b6d226c4c7d692e2f2809bf2475f22612824c2f7602efc
b624e1e378abe009ef0de69a698b0a3e734af47efcdbd6816d5fcb8fc64c8bfe
b750d3ae64e7f11817434daaa6d4688dd028b01d7b3565f35a79db71fd2fbe57
b876892af49a0987d964b76a6e6317d79c00ba6471902985fb3db020b93e3e52
bb17e3665ddcbbc687deb5cc1d91294ea5eccbb1dc8c429868e8980826a7ed23
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c33709a20ca4cd516d65b07a79c1d75445892fcb6d8c6f3871a47ab38d85e075
c40778be7e878f6e71da2853df07c82f1bcbf205300dbcb2a818b77566d3f869
c5100cd90a95aa459fe237adc409043e20f8fd06caa5cd3b74d66f79387ae0fb
c99d11cb4960d6e1918ed55d5bcbb316d38b51098e2efc1201904d7274d3273e
cc5dcea4d483d798630d7fe0846a1b784618aa3d4f86bdfa655083d81750322a
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cdc00b662dca5366eb3a59484a640ae532619e00126e537bd29f7e86f400be01
cdc4d10b6b74ad79b55333b9882e854f054ee8b9953c6203dc46c68dc74eb0fb
ce617f3004d6588dfcee166d50f43c41a8f8732205b2d8e9ddf55e9851177d12
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d1a8452daeb01fc562d4710059386b2073d549de6b356a957063a2e8198d0e96
d26d890ca5e32d97c4e51c70567c618bf315e27d2ec2850052169bfd14007c16
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dedf6c9294a8b9e4b13b1575641071e45c8e61235bd154d19103fd2893ccd708
dfb059f8aa219769088fd6c85d85aae789f1e72bfe3d314748f1f3ccfffffb1c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e91c5731358570d3e4cd684118251d243fc799059648b152403dcd775ceba632
e96c06c45385abd38f348861a2c08f10ea357237609e0df2f05a3e03486d95d7
eb386f9476888fca943822629cb75b5d1addf3f2a2ff6ef8cc3b5647f6c18a91
ed70c2cf61d0f24d03299ffc5896c7abd86bb858501987dc10e3afec086c01df
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f006e8bbfa4f0537780571436b5bed50ff10ff28759924c53b67732ec5af28ba
f0e3a799744c0c67782742af2c13b85f769b58abd04800a04853d26f60cf7314
f242ac36450a10fbf5934d1d554fc8d6d1796f1832b3c40915d41b65fab5846c
f367bbc4429fc9fb0a93045245aef519a000ab275549645cddecb3f953e0a05f
f4991587d5312981e74087707ed399bd3820d83f773e7773c013ce00d6835f28
f6d8b2d60702ecc04d9622f888d014a3efc6742c7c109dcbff7efe0c2a9a01b6
fa4859289ded4c674dcee233811758743116b1d7ce4e9f0c0e7e259391504c43
fb299708e3157c4cc7764768575a8d51a618362938e8c04eebdb3ffa7679c0d7
fc50d7c745b4b7ad268ab0c4a71b545dab230889a7f171a29e4a6534041f65bc
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

www.group-ib.com Open in urlscan Pro 3.72.181.255 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

135 Requests

96 %HTTPS

48 %IPv6

26 Domains

38 Subdomains

33 IPs

2 Countries

2290 kBTransfer

5711 kBSize

49 Cookies

25 Outgoing links

Page URL History

Redirected requests

135 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.group-ib.com Open in urlscan Pro
3.72.181.255 Public Scan

Screenshot
Live screenshot

Full Image

135
Requests

96 %
HTTPS

48 %
IPv6

26
Domains

38
Subdomains

33
IPs

2
Countries

2290 kB
Transfer

5711 kB
Size

49
Cookies

135 HTTP transactions
7 data transactions