urlscan.io logo urlscan.io
SecurityTrails logo

www.group-ib.com Open in urlscan Pro
3.72.181.255  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://group-ib.com/cert.html
Effective URL: https://www.group-ib.com/cert.html
Submission: On July 12 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 5 countries across 17 domains to perform 86 HTTP transactions. The main IP is 3.72.181.255, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.group-ib.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 26th 2023. Valid for: a year.
This is the only time www.group-ib.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 37 3.72.181.255 16509 (AMAZON-02)
2 3.64.98.252 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.65.255.172 13335 (CLOUDFLAR...)
2 172.65.232.43 13335 (CLOUDFLAR...)
1 2a03:2880:f08... 32934 (FACEBOOK)
1 104.16.95.80 13335 (CLOUDFLAR...)
1 185.17.9.185 49505 (SELECTEL)
2 4 2a00:1450:400... 15169 (GOOGLE)
9 95.101.111.184 20940 (AKAMAI-ASN1)
2 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 13.225.78.65 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 142.250.185.226 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
1 34.202.212.115 14618 (AMAZON-AES)
2 4 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:230... 16509 (AMAZON-02)
4 4 2620:1ec:21::14 8068 (MICROSOFT...)
1 13.107.42.14 ()
86 25
37    3.72.181.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
group-ib.com
www.group-ib.com
2    3.64.98.252 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-98-252.eu-central-1.compute.amazonaws.com
fhp-aws-antibot-back.group-ib.com
5    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    172.65.255.172 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hsforms.net
2    172.65.232.43 (United States)

ASN13335 (CLOUDFLARENET, US)
forms-eu1.hsforms.com
1    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    104.16.95.80 (None, )

ASN13335 (CLOUDFLARENET, US)
app-lon09.marketo.com
1    185.17.9.185 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL, RU)
ru.id.group-ib.com
4    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
9    95.101.111.184 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-184.deploy.static.akamaitechnologies.com
j.6sc.co
c.6sc.co
b.6sc.co
2    2a02:26f0:3100::1735:28f0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    13.225.78.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-65.fra2.r.cloudfront.net
cdn.neverbounce.com
1    2606:4700::6810:650c (United States)

ASN13335 (CLOUDFLARENET, US)
ws.zoominfo.com
1    2606:4700::6811:d4f3 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
2    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a02:26f0:7100::210:172 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ipv6.6sc.co
1    34.202.212.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-212-115.compute-1.amazonaws.com
api.neverbounce.com
4    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2600:9000:2304:fe00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.linkedin.oribi.io
4    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (None, )

ASN- ()
px4.ads.linkedin.com
Apex Domain
Subdomains		 Transfer
40 group-ib.com
group-ib.com — Cisco Umbrella Rank: 74049
fhp-aws-antibot-back.group-ib.com
www.group-ib.com
ru.id.group-ib.com — Cisco Umbrella Rank: 123589
9 MB
10 6sc.co
j.6sc.co — Cisco Umbrella Rank: 6369
c.6sc.co — Cisco Umbrella Rank: 9185
ipv6.6sc.co — Cisco Umbrella Rank: 6440
b.6sc.co — Cisco Umbrella Rank: 4176
15 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 414
www.linkedin.com
px4.ads.linkedin.com
5 KB
5 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1031
2 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 4752
886 B
5 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2556
www.google.com — Cisco Umbrella Rank: 10
2 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
5 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
366 KB
3 hsforms.com
forms-eu1.hsforms.com — Cisco Umbrella Rank: 32222
forms.hsforms.com — Cisco Umbrella Rank: 4527
5 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 169
4 KB
2 neverbounce.com
cdn.neverbounce.com — Cisco Umbrella Rank: 74198
api.neverbounce.com — Cisco Umbrella Rank: 49598
29 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 914
6 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
1 KB
1 zoominfo.com
ws.zoominfo.com — Cisco Umbrella Rank: 4985
2 KB
1 marketo.com
app-lon09.marketo.com — Cisco Umbrella Rank: 641692
69 KB
1 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 173
86 KB
1 hsforms.net
js-eu1.hsforms.net — Cisco Umbrella Rank: 72123
165 KB
86 17
Domain Requested by
31 www.group-ib.com group-ib.com
www.group-ib.com
fhp-aws-antibot-back.group-ib.com
7 b.6sc.co www.group-ib.com
6 group-ib.com 2 redirects fhp-aws-antibot-back.group-ib.com
5 cdn.linkedin.oribi.io fhp-aws-antibot-back.group-ib.com
5 www.google.de www.group-ib.com
5 www.googletagmanager.com www.group-ib.com
www.googletagmanager.com
4 www.google.com 2 redirects www.group-ib.com
4 googleads.g.doubleclick.net 2 redirects www.googletagmanager.com
3 px.ads.linkedin.com 3 redirects
2 www.googleadservices.com www.googletagmanager.com
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 forms-eu1.hsforms.com fhp-aws-antibot-back.group-ib.com
www.group-ib.com
2 fonts.googleapis.com www.group-ib.com
2 fhp-aws-antibot-back.group-ib.com group-ib.com
www.group-ib.com
1 px4.ads.linkedin.com www.group-ib.com
1 www.linkedin.com 1 redirects
1 api.neverbounce.com cdn.neverbounce.com
1 ipv6.6sc.co fhp-aws-antibot-back.group-ib.com
1 c.6sc.co fhp-aws-antibot-back.group-ib.com
1 stats.g.doubleclick.net fhp-aws-antibot-back.group-ib.com
1 region1.analytics.google.com fhp-aws-antibot-back.group-ib.com
1 forms.hsforms.com www.group-ib.com
1 ws.zoominfo.com group-ib.com
1 cdn.neverbounce.com www.googletagmanager.com
1 j.6sc.co group-ib.com
1 ru.id.group-ib.com www.group-ib.com
1 app-lon09.marketo.com www.group-ib.com
1 connect.facebook.net www.group-ib.com
1 js-eu1.hsforms.net www.group-ib.com
86 29
Subject Issuer Validity Valid
www.group-ib.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-26 -
2024-06-28		 a year crt.sh
*.group-ib.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-30 -
2024-07-04		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-16 -
2024-05-15		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-04-20 -
2023-07-19		 3 months crt.sh
app-lon09.marketo.com
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
*.id.group-ib.com
R3		 2023-05-27 -
2023-08-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
6sc.co
R3		 2023-05-25 -
2023-08-23		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
neverbounce.com
Amazon RSA 2048 M02		 2023-02-13 -
2024-03-12		 a year crt.sh
zoominfo.com
Cloudflare Inc ECC CA-3		 2023-04-04 -
2024-04-03		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-07		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.group-ib.com/cert.html
Frame ID: 0458527D8AB423BF63BD31599D095B7D
Requests: 99 HTTP requests in this frame

Frame: https://ru.id.group-ib.com/id.html
Frame ID: 7F9AA162D47A19F6EFD8851035832B91
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Response to information security incidents - CERT-GIB

Page URL History Show full URLs

  1. http://group-ib.com/cert.html HTTP 301
    https://group-ib.com/cert.html Page URL
  2. https://group-ib.com/cert.html HTTP 301
    https://www.group-ib.com/cert.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • marketo\.\w+/js/forms(?:[\d.]+)/js/forms([\d.]+)\.min\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

86
Requests

95 %
HTTPS

56 %
IPv6

17
Domains

29
Subdomains

25
IPs

5
Countries

10323 kB
Transfer

12269 kB
Size

33
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://group-ib.com/cert.html HTTP 301
    https://group-ib.com/cert.html Page URL
  2. https://group-ib.com/cert.html HTTP 301
    https://www.group-ib.com/cert.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://group-ib.com/cert.html HTTP 301
  • https://group-ib.com/cert.html
Request Chain 85
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601&time=1689157986790&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tm=gtmv2 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601&time=1689157986790&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tm=gtmv2&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4496601%26time%3D1689157986790%26url%3Dhttps%253A%252F%252Fwww.group-ib.com%252Fcert.html%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601&time=1689157986790&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601&time=1689157986790&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJHNVZFs_IluwAAAYlJqW31NNO59pyi_-RXxwOpXk2GPstlmLKNg_GPwxEkIyiHvK_qL-9PYiHY9FU5UFOolfwlEKxD5g
Request Chain 86
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/863262324/?random=1872657583&cv=11&fst=1689157986552&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fgroup-ib.com%2F&label=NAwCCJTDvd8CEPSs0ZsD&hn=www.googleadservices.com&frm=0&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=1430288399.1689157986&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=YoGuZMrkJqWL-cAPwqeU6AQ&sscte=1&crd=&pscrd=Ek5DaEFJOEo2NXBRWVFsNnJ2ODdHMnpfTjZFaVlBZjRkWlI5NFdBTTM3WkNFVDNSZjJUVHhkNTAxMlUtMVVyaHBTUDVaVllUZmwteVp0QkEaWENoQUk4SjY1cFFZUW9zenVuSlBxNE1vcUVpNEFsQ24zQjVtdVBUMkxoaHdjMlRyYUlodEl5amNXcnBzcjZKVl92bDh4TWtmZVBXMEN3ZUJKVEY5bVN6M2MiEwjKnY3u-4iAAxWlRR4CHcITBU0 HTTP 302
  • https://www.google.com/pagead/1p-conversion/863262324/?random=1872657583&cv=11&fst=1689157986552&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fgroup-ib.com%2F&label=NAwCCJTDvd8CEPSs0ZsD&hn=www.googleadservices.com&frm=0&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=1430288399.1689157986&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEo2NXBRWVFsNnJ2ODdHMnpfTjZFaVlBZjRkWlI5NFdBTTM3WkNFVDNSZjJUVHhkNTAxMlUtMVVyaHBTUDVaVllUZmwteVp0QkEaWENoQUk4SjY1cFFZUW9zenVuSlBxNE1vcUVpNEFsQ24zQjVtdVBUMkxoaHdjMlRyYUlodEl5amNXcnBzcjZKVl92bDh4TWtmZVBXMEN3ZUJKVEY5bVN6M2MiEwjKnY3u-4iAAxWlRR4CHcITBU0&is_vtc=1&ocp_id=YoGuZMrkJqWL-cAPwqeU6AQ&cid=CAQSKQBpAlJWCXsEDXt3KRt8ZRMGfd9sSfSKclZWl3BQnDHskLhpIgbxu2rh&random=3574792377 HTTP 302
  • https://www.google.de/pagead/1p-conversion/863262324/?random=1872657583&cv=11&fst=1689157986552&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fgroup-ib.com%2F&label=NAwCCJTDvd8CEPSs0ZsD&hn=www.googleadservices.com&frm=0&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=1430288399.1689157986&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEo2NXBRWVFsNnJ2ODdHMnpfTjZFaVlBZjRkWlI5NFdBTTM3WkNFVDNSZjJUVHhkNTAxMlUtMVVyaHBTUDVaVllUZmwteVp0QkEaWENoQUk4SjY1cFFZUW9zenVuSlBxNE1vcUVpNEFsQ24zQjVtdVBUMkxoaHdjMlRyYUlodEl5amNXcnBzcjZKVl92bDh4TWtmZVBXMEN3ZUJKVEY5bVN6M2MiEwjKnY3u-4iAAxWlRR4CHcITBU0&is_vtc=1&ocp_id=YoGuZMrkJqWL-cAPwqeU6AQ&cid=CAQSKQBpAlJWCXsEDXt3KRt8ZRMGfd9sSfSKclZWl3BQnDHskLhpIgbxu2rh&random=3574792377&ipr=y
Request Chain 89
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10865976765/?random=1327860346&cv=11&fst=1689157986715&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fgroup-ib.com%2F&label=FfadCJnh_KkDEL3Lpr0o&hn=www.googleadservices.com&frm=0&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=1430288399.1689157986&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=YoGuZJjaLcaJiQavzIm4AQ&sscte=1&crd=&pscrd=Ek5DaEFJOEo2NXBRWVFsNnJ2ODdHMnpfTjZFaVlBZjRkWlI5NFdBTTM3WkNFVDNSZjJUVHhkNTAxMlUtMVVyaHBTUDVaVllUZmwteVp0QkEaWENoQUk4SjY1cFFZUW9zenVuSlBxNE1vcUVpNEFsQ24zQjBvU01RTWFfVzQyY1Yxc3pXUWNENTJ6cHhWMEg2SFBScWZScVROdzIzUFhhTU9hazcxeDYwcmQiEwiYk5Tu-4iAAxXGRMIKHS9mAhc HTTP 302
  • https://www.google.com/pagead/1p-conversion/10865976765/?random=1327860346&cv=11&fst=1689157986715&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fgroup-ib.com%2F&label=FfadCJnh_KkDEL3Lpr0o&hn=www.googleadservices.com&frm=0&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=1430288399.1689157986&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEo2NXBRWVFsNnJ2ODdHMnpfTjZFaVlBZjRkWlI5NFdBTTM3WkNFVDNSZjJUVHhkNTAxMlUtMVVyaHBTUDVaVllUZmwteVp0QkEaWENoQUk4SjY1cFFZUW9zenVuSlBxNE1vcUVpNEFsQ24zQjBvU01RTWFfVzQyY1Yxc3pXUWNENTJ6cHhWMEg2SFBScWZScVROdzIzUFhhTU9hazcxeDYwcmQiEwiYk5Tu-4iAAxXGRMIKHS9mAhc&is_vtc=1&ocp_id=YoGuZJjaLcaJiQavzIm4AQ&cid=CAQSKQBpAlJW7FqVwFutoUBOww0cu2Ie2f37XcjsmLnGhcbwd2xEaFkr6SUJ&random=2733390270 HTTP 302
  • https://www.google.de/pagead/1p-conversion/10865976765/?random=1327860346&cv=11&fst=1689157986715&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fgroup-ib.com%2F&label=FfadCJnh_KkDEL3Lpr0o&hn=www.googleadservices.com&frm=0&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=1430288399.1689157986&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEo2NXBRWVFsNnJ2ODdHMnpfTjZFaVlBZjRkWlI5NFdBTTM3WkNFVDNSZjJUVHhkNTAxMlUtMVVyaHBTUDVaVllUZmwteVp0QkEaWENoQUk4SjY1cFFZUW9zenVuSlBxNE1vcUVpNEFsQ24zQjBvU01RTWFfVzQyY1Yxc3pXUWNENTJ6cHhWMEg2SFBScWZScVROdzIzUFhhTU9hazcxeDYwcmQiEwiYk5Tu-4iAAxXGRMIKHS9mAhc&is_vtc=1&ocp_id=YoGuZJjaLcaJiQavzIm4AQ&cid=CAQSKQBpAlJW7FqVwFutoUBOww0cu2Ie2f37XcjsmLnGhcbwd2xEaFkr6SUJ&random=2733390270&ipr=y

86 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
cert.html
group-ib.com/
Redirect Chain
  • http://group-ib.com/cert.html
  • https://group-ib.com/cert.html
7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
dfef3b3b725657391e24cf6811a83b43162d15068bc0ce8544e88f06512b9450

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-type
text/html
date
Wed, 12 Jul 2023 10:33:03 GMT

Redirect headers

Content-Length
66
Content-Type
text/html; charset=utf-8
Date
Wed, 12 Jul 2023 10:33:03 GMT
Location
https://group-ib.com:/cert.html
bt-autoinject.js
fhp-aws-antibot-back.group-ib.com/d/ 		346 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Requested by
Host: group-ib.com
URL: https://group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.64.98.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-98-252.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
094b8f36032e6b6df897c9fc0fcc123be179fede9324a189bc1e53186f2d9b63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:33:03 GMT
content-encoding
gzip
x-envoy-upstream-service-time
1
server
istio-envoy
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
truncated
/ 		484 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a6e794d91aceda4c875927fd8aedd9e34a9643b18f1d9893aeeecdc9e61b5cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7df6b8c5291f0867dc7090d3db39ada9db8d4b8727d0bc7db05f26e4c700ed6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
idgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
group-ib.com/api/fl/ 		205 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://group-ib.com/api/fl/idgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
dad70b7676cc28cac775ec7c5063ab0f81fe7f63bd6ff2ecb708cd4508675ad3

Request headers

Referer
https://group-ib.com/cert.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
x-cfids
-

Response headers

date
Wed, 12 Jul 2023 10:33:04 GMT
content-encoding
gzip
server
istio-envoy
etag
W/"Uzlx87beQ5So45N2/FgUDfjPXlhiYAIkIt2H4UCQx2McMBWSmGxFYWhyUwcr0ItXf5lPF3iZqAaTcjKchAgGf1RiGBvRKTaR1Zy2RoscWVSWvau2VaWoerF9pwMs+bFKzlWnX2xAIm4Nbqj88iyGsiwp"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache
x-envoy-upstream-service-time
2
fl
group-ib.com/api/ 		665 B
830 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://group-ib.com/api/fl?u=f7a980b0-1ffa-11ee-9d24-2b6b54174851&cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24=Uzlx87beQ5So45N2%2FFgUDfjPXlhiYAIkIt2H4UCQx2McMBWSmGxFYWhyUwcr0ItXf5lPF3iZqAaTcjKchAgGf1RiGBvRKTaR1Zy2RoscWVSWvau2VaWoerF9pwMs%2BbFKzlWnX2xAIm4Nbqj88iyGsiwp
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://group-ib.com/cert.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 12 Jul 2023 10:33:05 GMT
content-encoding
gzip
server
istio-envoy
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://group-ib.com
cache-control
no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
fl
group-ib.com/api/ 		665 B
702 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://group-ib.com/api/fl?u=f7a980b0-1ffa-11ee-9d24-2b6b54174851&cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24=LJbX%2B8nUqu2rRRAzIzgqBfb4r7%2F7fAVGUK0sVaJAIMPkcRJF0yr8Cby7gbL%2F%2F6XIMMNkYrQvaYhPb0S482TkzzayhxYc5uxvQ%2F7wxuDvDex%2BWoPpF15dFISVoZOdnQ0ADpdLb8II4tJQhv6n%2FTYUiIaum2PeFyx5VCIF
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash

Request headers

Referer
https://group-ib.com/cert.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 12 Jul 2023 10:33:05 GMT
content-encoding
gzip
server
istio-envoy
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://group-ib.com
cache-control
no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
Primary Request cert.html
www.group-ib.com/
Redirect Chain
  • https://group-ib.com/cert.html
  • https://www.group-ib.com/cert.html
45 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/cert.html
Requested by
Host: group-ib.com
URL: https://group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0fad7c265494ea50c0917b6e30e8b40c9001d3b94bfa3fa5d476cf0f39dde120
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/ frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/ ALLOW-FROM https://groupib.pathfactory.com/ SAMEORIGIN sameorigin
X-Xss-Protection 1; mode=block 1; mode=block

Request headers

Referer
https://group-ib.com/cert.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
https://www.group-ib.com
cache-control
private, max-age=3600
content-encoding
gzip
content-length
10781
content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/ frame-ancestors 'self';
content-type
text/html; charset=UTF-8
date
Wed, 12 Jul 2023 10:33:05 GMT
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(), accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
referrer-policy
no-referrer strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/ ALLOW-FROM https://groupib.pathfactory.com/ SAMEORIGIN sameorigin
x-xss-protection
1; mode=block 1; mode=block

Redirect headers

access-control-allow-origin
https://www.group-ib.com
cache-control
private, max-age=3600
content-length
402
content-security-policy
frame-ancestors 'self';
content-type
text/html
date
Wed, 12 Jul 2023 10:33:05 GMT
location
https://www.group-ib.com/cert.html
permissions-policy
accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
referrer-policy
strict-origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
sameorigin
x-xss-protection
1; mode=block
bt-autoinject.js
fhp-aws-antibot-back.group-ib.com/d/ 		346 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.64.98.252 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-98-252.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
094b8f36032e6b6df897c9fc0fcc123be179fede9324a189bc1e53186f2d9b63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:33:05 GMT
content-encoding
gzip
x-envoy-upstream-service-time
1
server
istio-envoy
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
hubspot-form-0d3ea2cd.css
www.group-ib.com/hubspot-form/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/hubspot-form/hubspot-form-0d3ea2cd.css
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
66d609b0c975493c48e785524fbb6cfa5d28ea59d8d7e5e12bd4a8c5b8556f67
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Wed, 12 Jul 2023 10:33:05 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
3831
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Sun, 22 May 2022 18:42:44 GMT
server
nginx
etag
"628a8424-ef7"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
text/css
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Wed, 19 Jul 2023 10:33:05 GMT
main_26755_2be51925_563_1764.js
www.group-ib.com/build/ 		297 KB
298 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/build/main_26755_2be51925_563_1764.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
844bb56d9d924583139e6f89aa998b215f3a7516cafc5e448c64e8cde29361e5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self';
date
Wed, 12 Jul 2023 10:33:05 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-length
304595
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 25 May 2022 09:25:21 GMT
server
nginx
etag
"628df601-4a5d3"
vary
Accept-Encoding, Accept-Encoding
x-frame-options
sameorigin
content-type
application/javascript
access-control-allow-origin
https://www.group-ib.com
cache-control
private, max-age=3600
permissions-policy
accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
js
www.googletagmanager.com/gtag/ 		181 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-392399615
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c5c82d07f8585f9fb204c3e7ad772d144ee04022adcaab154b1c7b535a4803bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:33:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67962
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Jul 2023 10:33:05 GMT
css2
fonts.googleapis.com/ 		2 KB
903 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500&display=swap
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
492584db86b05db92e84082fb80ac2d2944bc4c7c8d9ef82cdf8c880b7cee02d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 12 Jul 2023 10:33:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 09:42:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 Jul 2023 10:33:05 GMT
css2
fonts.googleapis.com/ 		1 KB
562 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Prata&display=swap
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b6dae59b1696ffa3e74d2a5ea01c460be556d5a8cbb399c73cbcd765b812d251
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 12 Jul 2023 10:33:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 10:31:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 Jul 2023 10:33:05 GMT
types-new-38330f89.css
www.group-ib.com/stylesheets/ 		462 KB
462 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/stylesheets/types-new-38330f89.css
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c678f7ebeaf42ae73a6b84255ed78e47baa5f2fa1718892dd24d5064bfe67117
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Wed, 12 Jul 2023 10:33:05 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
472773
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Thu, 06 May 2021 06:58:10 GMT
server
nginx
etag
"60939382-736c5"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
text/css
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Wed, 19 Jul 2023 10:33:05 GMT
all-508e897e.css
www.group-ib.com/stylesheets/ 		1 MB
1 MB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/stylesheets/all-508e897e.css
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cbd38f4d44ad316257c6d3179f980798a97688e6ff1df6d94f66cad4b46945a7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Wed, 12 Jul 2023 10:33:05 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
1516216
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Mon, 17 Oct 2022 07:53:19 GMT
server
nginx
etag
"634d09ef-1722b8"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
text/css
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Wed, 19 Jul 2023 10:33:05 GMT
jquery-96f076a3.js
www.group-ib.com/javascripts/ 		85 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/javascripts/jquery-96f076a3.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fe9a7ca1e475140e6b37fbc86a5efcd3251be4348137aa07231bd91ee8678b7c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Wed, 12 Jul 2023 10:33:05 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
87307
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Thu, 18 Mar 2021 09:02:08 GMT
server
nginx
etag
"60531710-1550b"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
application/javascript
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Wed, 19 Jul 2023 10:33:05 GMT
all-2bd8fcd3.js
www.group-ib.com/javascripts/ 		199 KB
199 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/javascripts/all-2bd8fcd3.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3cbdeb53c566f58fa2298177c12defc90c733843c50e2fd4147d9597d33a1e34
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Wed, 12 Jul 2023 10:33:05 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
203894
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 04 Aug 2021 14:28:19 GMT
server
nginx
etag
"610aa403-31c76"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
application/javascript
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Wed, 19 Jul 2023 10:33:05 GMT
first@2x.png
www.group-ib.com/images/cert-partners/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.group-ib.com/images/cert-partners/first@2x.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0430dd3b974561238dac03eb963a67da014965080c3d2de38d5b7aa318f3053e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Wed, 12 Jul 2023 10:33:05 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
5432
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 17 Mar 2021 06:26:52 GMT
server
nginx
etag
"6051a12c-1538"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/png
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Wed, 19 Jul 2023 10:33:05 GMT
ti@2x.png
www.group-ib.com/images/cert-partners/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.group-ib.com/images/cert-partners/ti@2x.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cba8dab9146aa4c7695c71ec3c6dd57b5e7c3c26cf53709866aa9ca7da1de491
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Wed, 12 Jul 2023 10:33:05 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
5019
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 17 Mar 2021 06:26:52 GMT
server
nginx
etag
"6051a12c-139b"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/png
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Wed, 19 Jul 2023 10:33:05 GMT
impact@2x.png
www.group-ib.com/images/cert-partners/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.group-ib.com/images/cert-partners/impact@2x.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3dd4b088ab105f30c06ccea664b41ad4d8308bca0d79497bfd795113e7d616c6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Wed, 12 Jul 2023 10:33:05 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
3867
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 17 Mar 2021 06:26:52 GMT
server
nginx
etag
"6051a12c-f1b"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/png
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Wed, 19 Jul 2023 10:33:05 GMT
oic@2x.png
www.group-ib.com/images/cert-partners/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.group-ib.com/images/cert-partners/oic@2x.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
7b12bc0e3c26c7489b7b00b5eac170133e840e004baac496b88c23db28353ad4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Wed, 12 Jul 2023 10:33:05 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
12648
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 17 Mar 2021 06:26:52 GMT
server
nginx
etag
"6051a12c-3168"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/png
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Wed, 19 Jul 2023 10:33:05 GMT
azb-w@2x.png
www.group-ib.com/images/cert-partners/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.group-ib.com/images/cert-partners/azb-w@2x.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
206d8cf5d1a0149c666651755b0f7b0b62a50882d61a5d18eaddc7317bb92a53
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Wed, 12 Jul 2023 10:33:05 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
18668
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 17 Mar 2021 06:26:52 GMT
server
nginx
etag
"6051a12c-48ec"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/png
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Wed, 19 Jul 2023 10:33:05 GMT
onc@2x.png
www.group-ib.com/images/cert-partners/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.group-ib.com/images/cert-partners/onc@2x.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e879f79cf3432a5c0e30fe7ff7bbbccf97fb8adf675ea88a3349f22936b73a9d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Wed, 12 Jul 2023 10:33:06 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
40133
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 17 Mar 2021 06:26:52 GMT
server
nginx
etag
"6051a12c-9cc5"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/png
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Wed, 19 Jul 2023 10:33:06 GMT
apwg@2x.png
www.group-ib.com/images/cert-partners/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.group-ib.com/images/cert-partners/apwg@2x.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
141397708f146e91f2a8137f1897e36d558af1c3c2e552c6aeda5f5d0a7448b0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Wed, 12 Jul 2023 10:33:06 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
11163
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 17 Mar 2021 06:26:52 GMT
server
nginx
etag
"6051a12c-2b9b"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/png
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Wed, 19 Jul 2023 10:33:06 GMT
award-2021_gold.png
www.group-ib.com/images/certificates/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.group-ib.com/images/certificates/award-2021_gold.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
74a02ff107402492b9e19e4c7c550a9db662bfcb3a8bebc372d4ac8fb0a90fff
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Wed, 12 Jul 2023 10:33:06 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
10858
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 12 May 2021 18:13:10 GMT
server
nginx
etag
"609c1ab6-2a6a"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/png
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Wed, 19 Jul 2023 10:33:06 GMT
v2.js
js-eu1.hsforms.net/forms/ 		527 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hsforms.net/forms/v2.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.255.172 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aad18b84e34e15f9dddf39cc08a040e557bce50512b8689f3f7faae963f1429f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-encoding
br
age
246
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3372/bundles/project-v2.js&cfRay=7e589a3e34933a60-FRA
x-amz-replication-status
COMPLETED
x-evy-trace-listener
listener_https
etag
W/"df557d754a89ef0210bd93ff6301921d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
cache-control
s-maxage=600, max-age=300
x-hs-target-asset
forms-embed/static-1.3372/bundles/project-v2.js
date
Wed, 12 Jul 2023 10:33:05 GMT
x-amz-version-id
r0RDqVAx5nyXFjVas4brXORZ1.2QDi7x
via
1.1 50c53efe331c3da25a4faf191817af8c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
FRA56-P2
x-hubspot-correlation-id
8c6efa77-f8f9-4c22-9a89-632e14556ff2
x-cache
Hit from cloudfront
cache-tag
staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-request-id
8c6efa77-f8f9-4c22-9a89-632e14556ff2
last-modified
Tue, 27 Jun 2023 09:59:09 UTC
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVha8aqnPAxrlkNvSXIrOdvMOBu%2FUCcfrolTOA6MljfWtcm3sXbR4c0gOsbUuNlmczxX50TxcQChVWOI3NIKCXCVo95tR%2BvrVkekpGb5Y6N%2B4W4QFUw3QOUsjCpeWlTINjj3hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status
HIT
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-5b45bc9bc5-p7df5
cf-ray
7e58a0434dbb3838-FRA
x-amz-cf-id
tZnbABqtAtQgufvHZHSct9DK-DH8q4rPWpH0jQwZ1Uh0tOyJvIPoGg==
truncated
/ 		484 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f3663a053e8d7539e71ac628811d68f69d5dac8449b5546ab5ac13c2f609e4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c873ebdfd85a5d07ebc31bb4070de59747bb8199a39fa74c5c24a9fdcb998a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
idgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
www.group-ib.com/api/fl/ 		217 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/api/fl/idgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
d3b6086fc1ebac05142d14fbf04500c346db14ec84fa2d244ca7265e55df0625

Request headers

X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
rS/+loaaM1eFSQwV4ZnPkh7jt1AtzxD5PJ0WbunueWpiXYQUlmrgsRoub8jMJKUqt5mxR5RXKd49kZue1+icF135EFEpPSCiw6jLuqI0PLkVuNIwFT9LkQrzDDR55letz7/Qdraha9Kw2DfGguLZXD+rEiJ8kVWdcVP4XsLuPbd/Qe0tEL7SSIZyvIeJL0TabvLMqB+PQGsbD4ncAfK1+CuDZ5Q5QY2gOICjF+Rje6uMdfwv5LtwjOH39xx2hg==
Referer
https://www.group-ib.com/cert.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
3bHUb0b3d3f683dc027be1d420a98afe9e35bb2b
x-cfids
LJbX+8nUqu2rRRAzIzgqBfb4r7/7fAVGUK0sVaJAIMPkcRJF0yr8Cby7gbL//6XIMMNkYrQvaYhPb0S482TkzzayhxYc5uxvQ/7wxuDvDex+WoPpF15dFISVoZOdnQ0ADpdLb8II4tJQhv6n/TYUiIaum2PeFyx5VCIF

Response headers

date
Wed, 12 Jul 2023 10:33:05 GMT
content-encoding
gzip
server
istio-envoy
etag
W/"1nIx33nvZQyqkwXDjgZ7DFSNM81W8WIykVK8AEAqOEwEDsLL50vYaVK9AcEL7D4C5UwshRb/eS2C3ba6Dt9LVa2GacnCAjyj+ORFLz75Jib20F07Q3EEKNqC/AtVl7AgbYOien73iREli5XTH2lQFbqgOhO28FYwRyV8"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache
x-envoy-upstream-service-time
1
gtm.js
www.googletagmanager.com/ 		254 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PW7265
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0ba0fdd1f4249082a8547ab87976249ef74e8f587919cea3a64ee76a60802461
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:33:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84171
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 09:46:50 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Jul 2023 10:33:05 GMT
sdk.js
www.group-ib.com/javascripts/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/javascripts/sdk.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8032f11ad394a57147c4ddfcd40dc7a1c069a7cba58522352fdb8bd8a3fb60c7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Wed, 12 Jul 2023 10:33:06 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
3093
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Tue, 11 Jul 2023 22:10:01 GMT
server
nginx
etag
"64add339-c15"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
application/javascript
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Wed, 19 Jul 2023 10:33:06 GMT
icons.svg
www.group-ib.com/images/ 		440 KB
440 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/images/icons.svg
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a138c249b501af8ef53ac907a5cc8f9ba7a7a75b35d7c4cd4951eda4c4aa6e54
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Wed, 12 Jul 2023 10:33:06 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
450279
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 07 Jun 2023 07:30:30 GMT
server
nginx
etag
"64803216-6dee7"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/svg+xml
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Wed, 19 Jul 2023 10:33:06 GMT
truncated
/ 		121 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ee338bd03594461a939b661840e43fec02d7345e19e3ad12509c06ba37ad355

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
logo-new.svg
www.group-ib.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.group-ib.com/images/logo-new.svg
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/stylesheets/all-508e897e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
74711bb799e7d4712bcdc9fdf42f5acb835448d1ec23936a1d46a087e192e378
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/stylesheets/all-508e897e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Wed, 12 Jul 2023 10:33:06 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
2432
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Thu, 02 Dec 2021 07:15:15 GMT
server
nginx
etag
"61a87283-980"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/svg+xml
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Wed, 19 Jul 2023 10:33:06 GMT
main-cover67.jpg
www.group-ib.com/images/covers/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.group-ib.com/images/covers/main-cover67.jpg
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/stylesheets/all-508e897e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
48dcfb6f699f2b4601e387a2c338ecd86589342e957bdc153650df90f3c175a9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/stylesheets/all-508e897e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Wed, 12 Jul 2023 10:33:06 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
59118
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 17 Mar 2021 06:26:53 GMT
server
nginx
etag
"6051a12d-e6ee"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/jpeg
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Wed, 19 Jul 2023 10:33:06 GMT
truncated
/ 		412 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3dfb83a15a1a69fb2c6355797651535983e30f2ebee4666b987b217780a18f61

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9f76fca582f32f2da3a5f6c1fbfd29f75a599227fc58c9a3acde24fd25550246

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
163907259fa19c5b768aea83f82db575b01aad0fd5fbf9ac448d3db383229547

Request headers

Referer
Origin
https://www.group-ib.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
077dad3be3a10854dc97527ce83bbf6422309d807f6e4b3492de78005d786cdc

Request headers

Referer
Origin
https://www.group-ib.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
application/font-woff
truncated
/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b3ecc577e9722ca0bb5fd08ce6e5b800b114001af146f2a03865ab2859e9eb1

Request headers

Referer
Origin
https://www.group-ib.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
application/font-woff
idgib-w-group-ib
www.group-ib.com/api/fl/ 		0
49 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/api/fl/idgib-w-group-ib
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
rS/+loaaM1eFSQwV4ZnPkh7jt1AtzxD5PJ0WbunueWpiXYQUlmrgsRoub8jMJKUqt5mxR5RXKd49kZue1+icF135EFEpPSCiw6jLuqI0PLkVuNIwFT9LkQrzDDR55letz7/Qdraha9Kw2DfGguLZXD+rEiJ8kVWdcVP4XsLuPbd/Qe0tEL7SSIZyvIeJL0TabvLMqB+PQGsbD4ncAfK1+CuDZ5Q5QY2gOICjF+Rje6uMdfwv5LtwjOH39xx2hg==, rS/+loaaM1eFSQwV4ZnPkh7jt1AtzxD5PJ0WbunueWpiXYQUlmrgsRoub8jMJKUqt5mxR5RXKd49kZue1+icF135EFEpPSCiw6jLuqI0PLkVuNIwFT9LkQrzDDR55letz7/Qdraha9Kw2DfGguLZXD+rEiJ8kVWdcVP4XsLuPbd/Qe0tEL7SSIZyvIeJL0TabvLMqB+PQGsbD4ncAfK1+CuDZ5Q5QY2gOICjF+Rje6uMdfwv5LtwjOH39xx2hg==
Referer
https://www.group-ib.com/cert.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Qp344587572d4d4bff02eace2e243e1f48e19fef, tDtyd53880f2a05fb24480bb6e82990fa33fdfa0
x-cfids
-

Response headers

date
Wed, 12 Jul 2023 10:33:06 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
content-length
0
truncated
/ 		483 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cee24f869788360296866f1972d14a8b6de5f60d3507948fc643ee794b57145

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
317b79559a280536f56fe52251c981953cd99790dafa3eb04997d55f07ed3548

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
json
forms-eu1.hsforms.com/embed/v3/form/25755956/55a22738-d5a5-43f9-9c1c-fa4c1a6eb349/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms-eu1.hsforms.com/embed/v3/form/25755956/55a22738-d5a5-43f9-9c1c-fa4c1a6eb349/json?hs_static_app=forms-embed&hs_static_app_version=1.3372&X-HubSpot-Static-App-Info=forms-embed-1.3372
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1e95c3c56d79dd5f88d2bd71e644847e54f09230c790fce8f404577b6ac581f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.group-ib.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-Origin-Hublet
eu1
Date
Wed, 12 Jul 2023 10:33:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
br
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
0db13f8b-4617-4d24-a3e1-8d597f7c7bdd
Transfer-Encoding
chunked
x-envoy-upstream-service-time
19
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
0db13f8b-4617-4d24-a3e1-8d597f7c7bdd
Server
cloudflare
X-Trace
2B996667D9427A64D943FF2C429A1C4B6609FF4EE2000000000000000000
Vary
origin
Access-Control-Allow-Methods
OPTIONS, GET
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.group-ib.com
x-evy-trace-virtual-host
all
Access-Control-Expose-Headers
X-Origin-Hublet
Access-Control-Max-Age
180
Access-Control-Allow-Credentials
false
Cache-Control
max-age=0, no-cache, no-store
X-Robots-Tag
none
Access-Control-Allow-Headers
*
CF-RAY
7e58a045da4c3a5a-FRA
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-79bb87d888-p4pw9
idgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
www.group-ib.com/api/fl/ 		217 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/api/fl/idgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
ff95cae331e15782a6bf52e6420f680468e814292683674e664de85228388ab2

Request headers

X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
rS/+loaaM1eFSQwV4ZnPkh7jt1AtzxD5PJ0WbunueWpiXYQUlmrgsRoub8jMJKUqt5mxR5RXKd49kZue1+icF135EFEpPSCiw6jLuqI0PLkVuNIwFT9LkQrzDDR55letz7/Qdraha9Kw2DfGguLZXD+rEiJ8kVWdcVP4XsLuPbd/Qe0tEL7SSIZyvIeJL0TabvLMqB+PQGsbD4ncAfK1+CuDZ5Q5QY2gOICjF+Rje6uMdfwv5LtwjOH39xx2hg==, rS/+loaaM1eFSQwV4ZnPkh7jt1AtzxD5PJ0WbunueWpiXYQUlmrgsRoub8jMJKUqt5mxR5RXKd49kZue1+icF135EFEpPSCiw6jLuqI0PLkVuNIwFT9LkQrzDDR55letz7/Qdraha9Kw2DfGguLZXD+rEiJ8kVWdcVP4XsLuPbd/Qe0tEL7SSIZyvIeJL0TabvLMqB+PQGsbD4ncAfK1+CuDZ5Q5QY2gOICjF+Rje6uMdfwv5LtwjOH39xx2hg==
Referer
https://www.group-ib.com/cert.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
eJ5u68d4883818e6a1d46f9fd59631ac37238003, jiqddbb39da6142b2d6d3cd6b02820c104cbc144
x-cfids
1nIx33nvZQyqkwXDjgZ7DFSNM81W8WIykVK8AEAqOEwEDsLL50vYaVK9AcEL7D4C5UwshRb/eS2C3ba6Dt9LVa2GacnCAjyj+ORFLz75Jib20F07Q3EEKNqC/AtVl7AgbYOien73iREli5XTH2lQFbqgOhO28FYwRyV8

Response headers

date
Wed, 12 Jul 2023 10:33:06 GMT
content-encoding
gzip
server
istio-envoy
etag
W/"6Jm6qF+/+9LD6kzOJFgTsu5GbBDYN8GhN+8FUpBUzHz7BzxQj6OpZ07jrRXuTawIW7/wVXIBbJeAuNWqjh5xaob9T22evQhAWMcmEplxtM4Lxbuad0V/zxc0wCdgwAwAOLU5381Lts8muqzXhDJQl2Mrad01uHXPdthK"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache
x-envoy-upstream-service-time
1
truncated
/ 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
98798d0e87b53006f4a5e5225a1c3f968075937b75aa0d7cca0506bda9063e55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
756fc1c26e7451568fba7f9b0e1365c1d3f3585d911c49020ee0678564da7d06

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
sdk.js
connect.facebook.net/ru_RU/ 		303 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js?hash=118d9dcb5e21ba0d88956e18eb06fc69&ua=modern_es6
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/javascripts/all-2bd8fcd3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b45e3445db9d89e055c30a7fc09e90ecfdc0f6971d65113033beb474f7f6bb01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.group-ib.com/
Origin
https://www.group-ib.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 12 Jul 2023 10:33:06 GMT
content-md5
KFo3Vmg16A9yioRlU/6etQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87527
x-fb-debug
11wx8eTlQsaY1PvOUUYm3wVAg4Z2ph2TgaziM8qNIqI+z3ExjdF9w2SX8UCJc8kMHkiGKdUFkp5U7pwi3dD8Tg==
x-fb-content-md5
0952d9e9e30458824e3b91815fcde9dd
cross-origin-opener-policy
same-origin-allow-popups
etag
"90f73044948e1059ec2d4f0ce6327648"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Wed, 03 Jul 2024 12:37:51 GMT
forms2.min.js
app-lon09.marketo.com/js/forms2/js/ 		208 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-lon09.marketo.com/js/forms2/js/forms2.min.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/javascripts/all-2bd8fcd3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:33:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 05 May 2023 17:50:04 GMT
server
cloudflare
age
3210
etag
"1a063c-33e51-5faf5eb3b0b00"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
cf-ray
7e58a047baf830c3-FRA
expires
Wed, 12 Jul 2023 14:33:06 GMT
id.html
ru.id.group-ib.com/ Frame 7F9A 		524 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ru.id.group-ib.com/id.html
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/build/main_26755_2be51925_563_1764.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.17.9.185 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
9353a3bbd5a26c02cc3014fcb55f262e233f9b875b4d91ba012deca8a76e0f07

Request headers

Referer
https://www.group-ib.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Wed, 12 Jul 2023 10:33:06 GMT
Server
nginx
Transfer-Encoding
chunked
cache-control
no-cache
content-encoding
gzip
etag
W/"AT4lPr06wHC5+TQQcNb6gxLo8bH0t+jTRQ+hySENv2a-awMLHQvCEdLPQNgNnlUwzYZ7MTSmHb55VQ+wle1GnYFoKSb5-RWqOQKcG7x+5umVPSN488lKFaZL5wso"
vary
Accept-Encoding
x-envoy-upstream-service-time
1
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/392399615/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/392399615/?random=1689157986374&cv=11&fst=1689157986374&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fgroup-ib.com%2F&hn=www.googleadservices.com&frm=0&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&auid=1430288399.1689157986&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-392399615
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6851043ba2503bc957301fb90e0cc3f193d3ef8b6d5695204585f59922494cc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Jul 2023 10:33:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1351
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		141 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-863262324&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-392399615
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
01e72a9ab59f9a5263e51e8df4d54a3b5a59825eb982dea4ba4eec0a0985e021
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:33:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55207
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Jul 2023 10:33:06 GMT
6si.min.js
j.6sc.co/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.6sc.co/6si.min.js
Requested by
Host: group-ib.com
URL: https://group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4aec96eddab69454e554bb60664da2e5043c363ebef6921644f619523e7274d7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Jul 2023 10:33:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 17 May 2023 00:27:16 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"64641f64-8a3f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, proxy-revalidate
accept-ranges
bytes
content-length
11052
expires
Wed, 12 Jul 2023 10:33:06 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		1 KB
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PW7265
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:28f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
55023db66b5b5211f8416ea69c8786ef0ae48e1dc5a3a065869755dc1a1e2435
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:33:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Jul 2023 13:15:12 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=9734
accept-ranges
bytes
content-length
490
NeverBounce.js
cdn.neverbounce.com/widget/dist/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.neverbounce.com/widget/dist/NeverBounce.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PW7265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-65.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c99d11cb4960d6e1918ed55d5bcbb316d38b51098e2efc1201904d7274d3273e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 09:30:43 GMT
content-encoding
gzip
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
last-modified
Mon, 02 Mar 2020 18:37:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
3746
etag
W/"c1e06621030dfcba15b88abbcaa546eb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
SX3Ko3qSRAE3lUPp7TpA63pBB5qVyf62Gj2QVGZxE9SkMP8w62En-g==
63e267f61a03d71ea3df5fe7
ws.zoominfo.com/pixel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.zoominfo.com/pixel/63e267f61a03d71ea3df5fe7
Requested by
Host: group-ib.com
URL: https://group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:650c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ed8be858616fadd04b8af9579ce6bd3b62a54b50d930b530dce028aef297f716
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/cert.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:33:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
via
1.1 google
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
7e58a047bc2a1ca1-FRA
access-control-allow-headers
Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		265 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QMES53K3Y2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PW7265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba7142b67a35b355665658ebc3e6a70f2ec8eef6cabf0df2605d87ae469a05cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:33:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90185
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 12 Jul 2023 10:33:06 GMT
cert-video.mp4
www.group-ib.com/video/ 		6 MB
6 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/video/cert-video.mp4
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2182c7c52d0d00a3867cd805e699903609504621a5088a51c9cdd07ad5a53197
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

Referer
https://www.group-ib.com/cert.html
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range
bytes=0-

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Wed, 12 Jul 2023 10:33:06 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
Content-Range
bytes 0-6019493/6019494
Content-Length
6019494
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 17 Mar 2021 06:26:56 GMT
server
nginx
etag
"6051a130-5bd9a6"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
video/mp4
access-control-allow-origin
https://www.group-ib.com
cache-control
private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
admin-ajax.php
www.group-ib.com/media/wp-admin/ 		796 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/media/wp-admin/admin-ajax.php?action=mediaforcert
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f861bad7e2c91ffabeed5b2eceeb943001ebe1c4ff4fa131a2b574e1a6c34b1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
rS/+loaaM1eFSQwV4ZnPkh7jt1AtzxD5PJ0WbunueWpiXYQUlmrgsRoub8jMJKUqt5mxR5RXKd49kZue1+icF135EFEpPSCiw6jLuqI0PLkVuNIwFT9LkQrzDDR55letz7/Qdraha9Kw2DfGguLZXD+rEiJ8kVWdcVP4XsLuPbd/Qe0tEL7SSIZyvIeJL0TabvLMqB+PQGsbD4ncAfK1+CuDZ5Q5QY2gOICjF+Rje6uMdfwv5LtwjOH39xx2hg==, rS/+loaaM1eFSQwV4ZnPkh7jt1AtzxD5PJ0WbunueWpiXYQUlmrgsRoub8jMJKUqt5mxR5RXKd49kZue1+icF135EFEpPSCiw6jLuqI0PLkVuNIwFT9LkQrzDDR55letz7/Qdraha9Kw2DfGguLZXD+rEiJ8kVWdcVP4XsLuPbd/Qe0tEL7SSIZyvIeJL0TabvLMqB+PQGsbD4ncAfK1+CuDZ5Q5QY2gOICjF+Rje6uMdfwv5LtwjOH39xx2hg==
Referer
https://www.group-ib.com/cert.html
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
T0te7280751b581f599c8565babb50a2db753204, w6r05e320d117c34a2422e5c854974d60dacbd8b

Response headers

date
Wed, 12 Jul 2023 10:33:06 GMT
content-encoding
gzip
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
x-content-type-options
nosniff
x-frame-options
sameorigin
content-type
text/html
access-control-allow-origin
https://www.group-ib.com
permissions-policy
accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
content-length
334
x-xss-protection
1; mode=block
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d4f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 12 Jul 2023 10:33:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
a0d184ce-9113-4ec7-b372-f38f9067f6bf
x-envoy-upstream-service-time
2
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
a0d184ce-9113-4ec7-b372-f38f9067f6bf
Server
cloudflare
X-Trace
2BFFDA0322AEAD7110FDE97E566E9EF438ECC2130E000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-759c64d45c-zlsgj
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
7e58a047bddb3735-FRA
fl
www.group-ib.com/api/ 		45 B
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/api/fl?u=d5fb122505&mv=2&cfidsgib-w-group-ib=
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e51d180997efe01b05d525240cff9025620bf4cc3b34487c6890742a2b1ed7d4

Request headers

X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
rS/+loaaM1eFSQwV4ZnPkh7jt1AtzxD5PJ0WbunueWpiXYQUlmrgsRoub8jMJKUqt5mxR5RXKd49kZue1+icF135EFEpPSCiw6jLuqI0PLkVuNIwFT9LkQrzDDR55letz7/Qdraha9Kw2DfGguLZXD+rEiJ8kVWdcVP4XsLuPbd/Qe0tEL7SSIZyvIeJL0TabvLMqB+PQGsbD4ncAfK1+CuDZ5Q5QY2gOICjF+Rje6uMdfwv5LtwjOH39xx2hg==, rS/+loaaM1eFSQwV4ZnPkh7jt1AtzxD5PJ0WbunueWpiXYQUlmrgsRoub8jMJKUqt5mxR5RXKd49kZue1+icF135EFEpPSCiw6jLuqI0PLkVuNIwFT9LkQrzDDR55letz7/Qdraha9Kw2DfGguLZXD+rEiJ8kVWdcVP4XsLuPbd/Qe0tEL7SSIZyvIeJL0TabvLMqB+PQGsbD4ncAfK1+CuDZ5Q5QY2gOICjF+Rje6uMdfwv5LtwjOH39xx2hg==
Referer
https://www.group-ib.com/cert.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Rtz0890516d57178bf6dd448a8c7dbc56e250eed, zPvB9abe40cede8ea4d8a1223634ebfc28cc3fa3
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 12 Jul 2023 10:33:06 GMT
content-encoding
gzip
server
istio-envoy
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.group-ib.com
cache-control
no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
arrow_white-right.png
www.group-ib.com/images/arrows/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.group-ib.com/images/arrows/arrow_white-right.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/stylesheets/all-508e897e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
96a6001a342e4c3f87e5bf80a35541f4967c0a2d94eb185d030a752d5b05f645
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff, nosniff
X-Frame-Options ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
X-Xss-Protection 1; mode=block, 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/stylesheets/all-508e897e.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://pathfactory.com/ https://groupib.pathfactory.com/, frame-ancestors 'self';
date
Wed, 12 Jul 2023 10:33:06 GMT
x-content-type-options
nosniff, nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-dns-prefetch-control
off
content-length
1113
x-xss-protection
1; mode=block, 1; mode=block
referrer-policy
no-referrer, strict-origin-when-cross-origin
last-modified
Wed, 17 Mar 2021 06:26:52 GMT
server
nginx
etag
"6051a12c-459"
x-download-options
noopen
x-frame-options
ALLOW-FROM https://pathfactory.com/, ALLOW-FROM https://groupib.pathfactory.com/, SAMEORIGIN, sameorigin
content-type
image/png
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=604800, private, max-age=3600
feature-policy
camera 'none'; microphone 'none'; geolocation 'none'; encrypted-media 'none'; payment 'none'; speaker 'none'; usb 'none';
permissions-policy
camera=(), microphone=(), geolocation=(), encrypted-media=(), payment=(), speaker=(), usb=(),, accelerometer=(),autoplay=(),camera=(),encrypted-media=(),fullscreen=*,geolocation=(),gyroscope=(),magnetometer=(),microphone=(),midi=(),payment=(),sync-xhr=(),usb=(),xr-spatial-tracking=()
accept-ranges
bytes
expires
Wed, 19 Jul 2023 10:33:06 GMT
counters.gif
forms-eu1.hsforms.com/embed/v3/ 		35 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Wed, 12 Jul 2023 10:33:06 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
6d19e492-5a03-4cf4-aa17-c1c0ae73cabc
x-envoy-upstream-service-time
2
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
6d19e492-5a03-4cf4-aa17-c1c0ae73cabc
Server
cloudflare
X-Trace
2BB2FE4FDACEADDEAE2C749A51E1218404B00A9DD5000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-79bb87d888-m76dn
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
7e58a049bdf03626-FRA
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/863262324/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/863262324/?random=1689157986533&cv=11&fst=1689157986533&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fgroup-ib.com%2F&hn=www.googleadservices.com&frm=0&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&auid=1430288399.1689157986&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-863262324&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9e440a6c0b5763ba950460f55d677ca052ef1645ae0755d343d7d72c527146a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Jul 2023 10:33:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1349
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/863262324/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/863262324/?random=1689157986552&cv=11&fst=1689157986552&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fgroup-ib.com%2F&label=NAwCCJTDvd8CEPSs0ZsD&hn=www.googleadservices.com&frm=0&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=1430288399.1689157986&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-863262324&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
845269483abcd5c6fadaed7ce8f503165db4f2db1045361f60e5e5b669f4ba4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Jul 2023 10:33:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1599
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
destination
www.googletagmanager.com/gtag/ 		215 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-10865976765&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QMES53K3Y2&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
97a93f703234d95ced11934ff8da8333d27ff6974f79ce4f56c3f6af5e49b2e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:33:06 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
76806
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Jul 2023 10:33:06 GMT
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-QMES53K3Y2&gtm=45je37a0&_p=187694849&_gaz=1&cid=591046217.1689157987&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1689157986&sct=1&seg=0&dl=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&dr=https%3A%2F%2Fgroup-ib.com%2F&dt=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Jul 2023 10:33:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.group-ib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-QMES53K3Y2&cid=591046217.1689157987&gtm=45je37a0&aip=1
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Jul 2023 10:33:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.group-ib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-QMES53K3Y2&cid=591046217.1689157987&gtm=45je37a0&aip=1&z=446685797
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Jul 2023 10:33:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
insight.beta.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100::1735:28f0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:33:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 Jul 2023 13:00:14 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=9077
accept-ranges
bytes
content-length
4862
/
c.6sc.co/ 		7 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.6sc.co/
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:33:06 GMT
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/html
access-control-allow-origin
https://www.group-ib.com
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
7
/
ipv6.6sc.co/ 		36 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv6.6sc.co/
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100::210:172 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b115b87838e7ec037b880f4f0b3243546ca34e849b07e2e37129eabb753d8aa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Jul 2023 10:33:06 GMT
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.group-ib.com
cache-control
max-age=0, no-cache, no-store
6si-ipv6
2001:1b60:1010:2:1011:2f85:d184:9f9f
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469210_34603374_823687803_18_958_21_0_-";dur=1
content-length
36
expires
Wed, 12 Jul 2023 10:33:06 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=e84d9c08a990af8592952e7ac9a983ad&svisitor=null&visitor=823d88e4-55b7-44e1-86a7-9c23573d7784&session=3e5c7283-d739-48ec-86e5-bd2f86b5e841&event=a_pageload&q=%7B%22pageLoadTime%22%3A%22Wed%2C%2012%20Jul%202023%2010%3A33%3A06%20GMT%22%2C%22settings%22%3A%22%5B%7B%5C%22name%5C%22%3A%5C%22enableEventTracking%5C%22%2C%5C%22value%5C%22%3A%5C%22true%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2012%20Jul%202023%2010%3A33%3A06%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setToken%5C%22%2C%5C%22value%5C%22%3A%5C%22e84d9c08a990af8592952e7ac9a983ad%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2012%20Jul%202023%2010%3A33%3A06%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%2C%7B%5C%22name%5C%22%3A%5C%22setEndpoint%5C%22%2C%5C%22value%5C%22%3A%5C%22b.6sc.co%5C%22%2C%5C%22dateTime%5C%22%3A%5C%22Wed%2C%2012%20Jul%202023%2010%3A33%3A06%20GMT%5C%22%2C%5C%22timeSincePageLoad%5C%22%3A%5C%220%5C%22%7D%5D%22%7D&isIframe=false&m=%7B%22description%22%3A%22Group-IB%20provides%20professional%20assistance%20in%20response%20to%20DDoS%20attacks%2C%20unsanctioned%20access%2C%20phishing%2C%20infection%20by%20malware%20and%20etc.%20Inform%20us%20about%20the%20incident%20and%20we%20will%20help%20you.%22%2C%22keywords%22%3A%22response%2C%20center%2C%20incident%2C%20cert%2C%20computer%2C%20emergency%2C%20SOC%2C%20team%2C%20DDoS%2C%20phishing%2C%20malware%2C%20fraud%2C%20online%22%2C%22title%22%3A%22Response%20to%20information%20security%20incidents%20-%20CERT-GIB%22%7D&cb=&r=https%3A%2F%2Fgroup-ib.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&pageViewId=7b88a800-36e0-4f6e-8bbc-0025897a74a2
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:33:06 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f020a0-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
notify
api.neverbounce.com/v4/poe/ 		62 B
282 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.neverbounce.com/v4/poe/notify?key=public_feedec8c69cd171b06421bb96273f04d&event=form.load&callback=__neverbounce_41122
Requested by
Host: cdn.neverbounce.com
URL: https://cdn.neverbounce.com/widget/dist/NeverBounce.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.212.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-212-115.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e7b8b47c2e1dbda0ccfb9d5b4e71ac859d165493f408bfe746325e0d929a3921
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:33:07 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private
x-ua-compatible
IE=Edge
img.gif
b.6sc.co/v1/beacon/ 		43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=e84d9c08a990af8592952e7ac9a983ad&svisitor=null&visitor=823d88e4-55b7-44e1-86a7-9c23573d7784&session=3e5c7283-d739-48ec-86e5-bd2f86b5e841&event=play&q=%7B%22event_id%22%3A%22%22%2C%22event_value%22%3A%22https%3A%2F%2Fwww.group-ib.com%2Fvideo%2Fcert-video.mp4%22%7D&isIframe=false&m=%7B%22description%22%3A%22Group-IB%20provides%20professional%20assistance%20in%20response%20to%20DDoS%20attacks%2C%20unsanctioned%20access%2C%20phishing%2C%20infection%20by%20malware%20and%20etc.%20Inform%20us%20about%20the%20incident%20and%20we%20will%20help%20you.%22%2C%22keywords%22%3A%22response%2C%20center%2C%20incident%2C%20cert%2C%20computer%2C%20emergency%2C%20SOC%2C%20team%2C%20DDoS%2C%20phishing%2C%20malware%2C%20fraud%2C%20online%22%2C%22title%22%3A%22Response%20to%20information%20security%20incidents%20-%20CERT-GIB%22%7D&cb=&r=https%3A%2F%2Fgroup-ib.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&pageViewId=7b88a800-36e0-4f6e-8bbc-0025897a74a2
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:33:06 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 02:04:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f03226-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
/
www.google.com/pagead/1p-user-list/392399615/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/392399615/?random=1689157986374&cv=11&fst=1689156000000&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fgroup-ib.com%2F&frm=0&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1497818697&rmt_tld=0&ipr=y
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Jul 2023 10:33:06 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/392399615/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/392399615/?random=1689157986374&cv=11&fst=1689156000000&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fgroup-ib.com%2F&frm=0&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1497818697&rmt_tld=1&ipr=y
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Jul 2023 10:33:06 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/10865976765/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/10865976765/?random=1689157986715&cv=11&fst=1689157986715&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fgroup-ib.com%2F&label=FfadCJnh_KkDEL3Lpr0o&hn=www.googleadservices.com&frm=0&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=1430288399.1689157986&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10865976765&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
6c180fd42d1bdcbe44770f66302e735851c26d2a79016520583e8e0118aae6ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Jul 2023 10:33:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1599
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/863262324/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/863262324/?random=1689157986533&cv=11&fst=1689156000000&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fgroup-ib.com%2F&frm=0&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1199591983&rmt_tld=0&ipr=y
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Jul 2023 10:33:06 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/863262324/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/863262324/?random=1689157986533&cv=11&fst=1689156000000&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fgroup-ib.com%2F&frm=0&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1199591983&rmt_tld=1&ipr=y
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Jul 2023 10:33:06 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
token
cdn.linkedin.oribi.io/partner/4496601/domain/group-ib.com/ 		36 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/4496601/domain/group-ib.com/token
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:fe00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.group-ib.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:26:02 GMT
content-encoding
gzip
via
1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
425
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
S69nstnXDzHvL3ckz7w13RhhrwPUtPcS747zYpofdq59VEun40Dwdg==
token
cdn.linkedin.oribi.io/partner/4496601/domain/group-ib.com/ 		36 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/4496601/domain/group-ib.com/token
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:fe00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.group-ib.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:26:02 GMT
content-encoding
gzip
via
1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
425
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
ez5X6bSye9d6jdrCzUIDHmhuFGR6q0wmZo4je4hABG_oCceXKNMlSg==
token
cdn.linkedin.oribi.io/partner/4496601/domain/group-ib.com/ 		36 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/4496601/domain/group-ib.com/token
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:fe00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.group-ib.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:26:02 GMT
content-encoding
gzip
via
1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
425
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
GWHszvs_671gzd_6NsyxTCjTiw5RucRRTMFVy5EBMF3G3MYF_0-MKw==
img.gif
b.6sc.co/v1/beacon/ 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=e84d9c08a990af8592952e7ac9a983ad&svisitor=null&visitor=823d88e4-55b7-44e1-86a7-9c23573d7784&session=3e5c7283-d739-48ec-86e5-bd2f86b5e841&event=ipv6&q=%7B%22address%22%3A%222001%3A1b60%3A1010%3A2%3A1011%3A2f85%3Ad184%3A9f9f%22%7D&isIframe=false&m=%7B%22description%22%3A%22Group-IB%20provides%20professional%20assistance%20in%20response%20to%20DDoS%20attacks%2C%20unsanctioned%20access%2C%20phishing%2C%20infection%20by%20malware%20and%20etc.%20Inform%20us%20about%20the%20incident%20and%20we%20will%20help%20you.%22%2C%22keywords%22%3A%22response%2C%20center%2C%20incident%2C%20cert%2C%20computer%2C%20emergency%2C%20SOC%2C%20team%2C%20DDoS%2C%20phishing%2C%20malware%2C%20fraud%2C%20online%22%2C%22title%22%3A%22Response%20to%20information%20security%20incidents%20-%20CERT-GIB%22%7D&cb=&r=https%3A%2F%2Fgroup-ib.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&pageViewId=7b88a800-36e0-4f6e-8bbc-0025897a74a2
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:33:07 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f020a0-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
token
cdn.linkedin.oribi.io/partner/4496601/domain/group-ib.com/ 		36 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/4496601/domain/group-ib.com/token
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:fe00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.group-ib.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:26:02 GMT
content-encoding
gzip
via
1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
425
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
pUkozqqxzL5u43AitbXFMZLH9-iN-i4ISQ8VoI9gU2_2IcfM2nGr7Q==
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601&time=1689157986790&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tm=gtmv2
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601&time=1689157986790&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tm=gtmv2&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4496601%26time%3D1689157986790%26url%3Dhttps%253A%252F%252Fwww.group-ib.com%252Fc...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601&time=1689157986790&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tm=gtmv2&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601&time=1689157986790&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJHNVZFs_IluwAAAYlJqW31NN...
0
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601&time=1689157986790&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJHNVZFs_IluwAAAYlJqW31NNO59pyi_-RXxwOpXk2GPstlmLKNg_GPwxEkIyiHvK_qL-9PYiHY9FU5UFOolfwlEKxD5g
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Server
13.107.42.14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:33:07 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 9876D49ED2DD42EC93EB32ADA9CF2D71 Ref B: DUS30EDGE0414 Ref C: 2023-07-12T10:33:07Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYAR73Y6kt+1oEZ96dOTw==

Redirect headers

date
Wed, 12 Jul 2023 10:33:07 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: DE3DC069FE9C418E8D374D137FC9D78B Ref B: FRAEDGE1317 Ref C: 2023-07-12T10:33:07Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4496601&time=1689157986790&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJHNVZFs_IluwAAAYlJqW31NNO59pyi_-RXxwOpXk2GPstlmLKNg_GPwxEkIyiHvK_qL-9PYiHY9FU5UFOolfwlEKxD5g
x-li-proto
http/2
content-length
0
x-li-uuid
AAYAR73VaIBh/4JUse2CcQ==
/
www.google.de/pagead/1p-conversion/863262324/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/863262324/?random=1872657583&cv=11&fst=1689157986552&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww....
  • https://www.google.com/pagead/1p-conversion/863262324/?random=1872657583&cv=11&fst=1689157986552&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.h...
  • https://www.google.de/pagead/1p-conversion/863262324/?random=1872657583&cv=11&fst=1689157986552&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.ht...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/863262324/?random=1872657583&cv=11&fst=1689157986552&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fgroup-ib.com%2F&label=NAwCCJTDvd8CEPSs0ZsD&hn=www.googleadservices.com&frm=0&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=1430288399.1689157986&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEo2NXBRWVFsNnJ2ODdHMnpfTjZFaVlBZjRkWlI5NFdBTTM3WkNFVDNSZjJUVHhkNTAxMlUtMVVyaHBTUDVaVllUZmwteVp0QkEaWENoQUk4SjY1cFFZUW9zenVuSlBxNE1vcUVpNEFsQ24zQjVtdVBUMkxoaHdjMlRyYUlodEl5amNXcnBzcjZKVl92bDh4TWtmZVBXMEN3ZUJKVEY5bVN6M2MiEwjKnY3u-4iAAxWlRR4CHcITBU0&is_vtc=1&ocp_id=YoGuZMrkJqWL-cAPwqeU6AQ&cid=CAQSKQBpAlJWCXsEDXt3KRt8ZRMGfd9sSfSKclZWl3BQnDHskLhpIgbxu2rh&random=3574792377&ipr=y
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Jul 2023 10:33:06 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 12 Jul 2023 10:33:06 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/863262324/?random=1872657583&cv=11&fst=1689157986552&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fgroup-ib.com%2F&label=NAwCCJTDvd8CEPSs0ZsD&hn=www.googleadservices.com&frm=0&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=1430288399.1689157986&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEo2NXBRWVFsNnJ2ODdHMnpfTjZFaVlBZjRkWlI5NFdBTTM3WkNFVDNSZjJUVHhkNTAxMlUtMVVyaHBTUDVaVllUZmwteVp0QkEaWENoQUk4SjY1cFFZUW9zenVuSlBxNE1vcUVpNEFsQ24zQjVtdVBUMkxoaHdjMlRyYUlodEl5amNXcnBzcjZKVl92bDh4TWtmZVBXMEN3ZUJKVEY5bVN6M2MiEwjKnY3u-4iAAxWlRR4CHcITBU0&is_vtc=1&ocp_id=YoGuZMrkJqWL-cAPwqeU6AQ&cid=CAQSKQBpAlJWCXsEDXt3KRt8ZRMGfd9sSfSKclZWl3BQnDHskLhpIgbxu2rh&random=3574792377&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
token
cdn.linkedin.oribi.io/partner/4496601/domain/group-ib.com/ 		36 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/4496601/domain/group-ib.com/token
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:fe00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.group-ib.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:26:02 GMT
content-encoding
gzip
via
1.1 6e4fd2f7f4c55027ff6ee922bdafd3ae.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
425
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
vVpkBwZ11o5fPawBShIlSneb-4OTnUwXSY4CyX-Kgoqb6bpEqQBfVg==
fl
www.group-ib.com/api/ 		665 B
761 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/api/fl?u=f7a980b0-1ffa-11ee-9d24-2b6b54174851&cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24=1nIx33nvZQyqkwXDjgZ7DFSNM81W8WIykVK8AEAqOEwEDsLL50vYaVK9AcEL7D4C5UwshRb%2FeS2C3ba6Dt9LVa2GacnCAjyj%2BORFLz75Jib20F07Q3EEKNqC%2FAtVl7AgbYOien73iREli5XTH2lQFbqgOhO28FYwRyV8
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
85b858c0d849f48e6f39a5e76b0ffd672135822f87d0b1ac4d643931e862e912

Request headers

X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
rS/+loaaM1eFSQwV4ZnPkh7jt1AtzxD5PJ0WbunueWpiXYQUlmrgsRoub8jMJKUqt5mxR5RXKd49kZue1+icF135EFEpPSCiw6jLuqI0PLkVuNIwFT9LkQrzDDR55letz7/Qdraha9Kw2DfGguLZXD+rEiJ8kVWdcVP4XsLuPbd/Qe0tEL7SSIZyvIeJL0TabvLMqB+PQGsbD4ncAfK1+CuDZ5Q5QY2gOICjF+Rje6uMdfwv5LtwjOH39xx2hg==, rS/+loaaM1eFSQwV4ZnPkh7jt1AtzxD5PJ0WbunueWpiXYQUlmrgsRoub8jMJKUqt5mxR5RXKd49kZue1+icF135EFEpPSCiw6jLuqI0PLkVuNIwFT9LkQrzDDR55letz7/Qdraha9Kw2DfGguLZXD+rEiJ8kVWdcVP4XsLuPbd/Qe0tEL7SSIZyvIeJL0TabvLMqB+PQGsbD4ncAfK1+CuDZ5Q5QY2gOICjF+Rje6uMdfwv5LtwjOH39xx2hg==
Referer
https://www.group-ib.com/cert.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
mym648d0d2a8fb94856c80f718d14f4a922c6cf8, NlfL29ef510d3414b9293cf553d9033bbc548cb6
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 12 Jul 2023 10:33:06 GMT
content-encoding
gzip
server
istio-envoy
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.group-ib.com
cache-control
no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
/
www.google.de/pagead/1p-conversion/10865976765/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10865976765/?random=1327860346&cv=11&fst=1689157986715&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fww...
  • https://www.google.com/pagead/1p-conversion/10865976765/?random=1327860346&cv=11&fst=1689157986715&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fcert...
  • https://www.google.de/pagead/1p-conversion/10865976765/?random=1327860346&cv=11&fst=1689157986715&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fcert....
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/10865976765/?random=1327860346&cv=11&fst=1689157986715&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fgroup-ib.com%2F&label=FfadCJnh_KkDEL3Lpr0o&hn=www.googleadservices.com&frm=0&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=1430288399.1689157986&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEo2NXBRWVFsNnJ2ODdHMnpfTjZFaVlBZjRkWlI5NFdBTTM3WkNFVDNSZjJUVHhkNTAxMlUtMVVyaHBTUDVaVllUZmwteVp0QkEaWENoQUk4SjY1cFFZUW9zenVuSlBxNE1vcUVpNEFsQ24zQjBvU01RTWFfVzQyY1Yxc3pXUWNENTJ6cHhWMEg2SFBScWZScVROdzIzUFhhTU9hazcxeDYwcmQiEwiYk5Tu-4iAAxXGRMIKHS9mAhc&is_vtc=1&ocp_id=YoGuZJjaLcaJiQavzIm4AQ&cid=CAQSKQBpAlJW7FqVwFutoUBOww0cu2Ie2f37XcjsmLnGhcbwd2xEaFkr6SUJ&random=2733390270&ipr=y
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Jul 2023 10:33:06 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 12 Jul 2023 10:33:06 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/10865976765/?random=1327860346&cv=11&fst=1689157986715&bg=ffffff&guid=ON&async=1&gtm=45be37a0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&ref=https%3A%2F%2Fgroup-ib.com%2F&label=FfadCJnh_KkDEL3Lpr0o&hn=www.googleadservices.com&frm=0&tiba=Response%20to%20information%20security%20incidents%20-%20CERT-GIB&gtm_ee=1&auid=1430288399.1689157986&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOEo2NXBRWVFsNnJ2ODdHMnpfTjZFaVlBZjRkWlI5NFdBTTM3WkNFVDNSZjJUVHhkNTAxMlUtMVVyaHBTUDVaVllUZmwteVp0QkEaWENoQUk4SjY1cFFZUW9zenVuSlBxNE1vcUVpNEFsQ24zQjBvU01RTWFfVzQyY1Yxc3pXUWNENTJ6cHhWMEg2SFBScWZScVROdzIzUFhhTU9hazcxeDYwcmQiEwiYk5Tu-4iAAxXGRMIKHS9mAhc&is_vtc=1&ocp_id=YoGuZJjaLcaJiQavzIm4AQ&cid=CAQSKQBpAlJW7FqVwFutoUBOww0cu2Ie2f37XcjsmLnGhcbwd2xEaFkr6SUJ&random=2733390270&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fl
www.group-ib.com/api/ 		665 B
786 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/api/fl?u=f7a980b0-1ffa-11ee-9d24-2b6b54174851&cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24=6Jm6qF%2B%2F%2B9LD6kzOJFgTsu5GbBDYN8GhN%2B8FUpBUzHz7BzxQj6OpZ07jrRXuTawIW7%2FwVXIBbJeAuNWqjh5xaob9T22evQhAWMcmEplxtM4Lxbuad0V%2Fzxc0wCdgwAwAOLU5381Lts8muqzXhDJQl2Mrad01uHXPdthK
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
311823cddb861654f5076079fb2c136560d815cf2b398013140b8db9c996badf

Request headers

X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
MtechVEIm4h+THXyFY5UufM8hKTUQ66BdNgKBrrS1tzXncaSZ7YBIfmM0HK6goT15GfEmvcfi4UUwLYevhzsXqNAvIg7htXdlhD5jfE78NwdkLcjJv9ixEqZj0MGi1jQjQcH2GX8q6VQF3004HNfwAUjQehycOOdLLsEbM0PwWGQVfiLU+mHnwlS1xEtEynotfHhbm0P2lED/okFcNGiGlEcbyj+0chlqM/OxXRGUDAza5x+mSrFmetXUO73og==, MtechVEIm4h+THXyFY5UufM8hKTUQ66BdNgKBrrS1tzXncaSZ7YBIfmM0HK6goT15GfEmvcfi4UUwLYevhzsXqNAvIg7htXdlhD5jfE78NwdkLcjJv9ixEqZj0MGi1jQjQcH2GX8q6VQF3004HNfwAUjQehycOOdLLsEbM0PwWGQVfiLU+mHnwlS1xEtEynotfHhbm0P2lED/okFcNGiGlEcbyj+0chlqM/OxXRGUDAza5x+mSrFmetXUO73og==
Referer
https://www.group-ib.com/cert.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
UFOb81c47b4f7f586bb2ff8c8e996984aeb4b4f1, G6JP08352c2314c3b10e24ec531e5b4d6c6609fb
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 12 Jul 2023 10:33:07 GMT
content-encoding
gzip
server
istio-envoy
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.group-ib.com
cache-control
no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
img.gif
b.6sc.co/v1/beacon/ 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=e84d9c08a990af8592952e7ac9a983ad&svisitor=null&visitor=823d88e4-55b7-44e1-86a7-9c23573d7784&session=3e5c7283-d739-48ec-86e5-bd2f86b5e841&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2012%20Jul%202023%2010%3A33%3A07%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2012%20Jul%202023%2010%3A33%3A06%20GMT%22%2C%22timeSpent%22%3A%221048%22%2C%22totalTimeSpent%22%3A%221048%22%7D&isIframe=false&m=%7B%22description%22%3A%22Group-IB%20provides%20professional%20assistance%20in%20response%20to%20DDoS%20attacks%2C%20unsanctioned%20access%2C%20phishing%2C%20infection%20by%20malware%20and%20etc.%20Inform%20us%20about%20the%20incident%20and%20we%20will%20help%20you.%22%2C%22keywords%22%3A%22response%2C%20center%2C%20incident%2C%20cert%2C%20computer%2C%20emergency%2C%20SOC%2C%20team%2C%20DDoS%2C%20phishing%2C%20malware%2C%20fraud%2C%20online%22%2C%22title%22%3A%22Response%20to%20information%20security%20incidents%20-%20CERT-GIB%22%7D&cb=&r=https%3A%2F%2Fgroup-ib.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&pageViewId=7b88a800-36e0-4f6e-8bbc-0025897a74a2
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/cert.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:33:07 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 18 Feb 2023 00:49:36 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"63f020a0-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
fl
www.group-ib.com/api/ 		665 B
739 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/api/fl?u=f7a980b0-1ffa-11ee-9d24-2b6b54174851&cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24=owrpQkiuNoXR4ltscpZtoL7EXwWIyFdnI9Y7k0uZ2GnY3tRZgO0OvSCgmTHLMZi3ukTAMyBeLWGJ4AvrC%2BE%2Bg%2FXJReA%2FaFYQZs%2FYrevE5XFaAhIDYTiQ9Z6J5cyO5%2B7ktDMlPtj83JFyhQCodOy3%2Fs%2B0JUO51PBLIVPO
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e9031a39081de0fc883595e173b04e5ecf8d5320e8ca60ed8fd95b44f3e2676f

Request headers

X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
5yS1gFz1AOFMj3Xi5cjn1trDG+9cH7GFohgzl5KKumPUFoRDKfBGlOsdzADkWkVXMhgNG+/NZ0CCgsVR1/0dtfdoFoiBKxgkg4DB0elVYPk0+q7/pIH0Yc17pfdeORLV9yZT8F2Qbqqtu207Exk0usUipgozsQ5eFuQhmpx086hrBVKq53aJG0/VcCKU0NE3eJHzMUkDq3rIiAWjaedXISZKzDspdVzPifKGdPJ2h92sypLNonPXS/eg+7MkEg==, 5yS1gFz1AOFMj3Xi5cjn1trDG+9cH7GFohgzl5KKumPUFoRDKfBGlOsdzADkWkVXMhgNG+/NZ0CCgsVR1/0dtfdoFoiBKxgkg4DB0elVYPk0+q7/pIH0Yc17pfdeORLV9yZT8F2Qbqqtu207Exk0usUipgozsQ5eFuQhmpx086hrBVKq53aJG0/VcCKU0NE3eJHzMUkDq3rIiAWjaedXISZKzDspdVzPifKGdPJ2h92sypLNonPXS/eg+7MkEg==
Referer
https://www.group-ib.com/cert.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
p0JE1e19b0f423507738564e1fd4c3f2f46843fc, fZlz6a7b8ea0aad6dbf3cae680db35db45e33322
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 12 Jul 2023 10:33:07 GMT
content-encoding
gzip
server
istio-envoy
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.group-ib.com
cache-control
no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
fl
www.group-ib.com/api/ 		665 B
802 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/api/fl?u=f7a980b0-1ffa-11ee-9d24-2b6b54174851&cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24=BCXqwKycHEVzEZ5NcopouJh6SumdqHUBRLEGA9jdd2JQYjqe2TQAz5bClhYS3dh9EHSeefCoz47SW9lOxiSwZOD2pzdEQkpnDODYtHVJtzjL1eegsmKaZdOL9DMEi5JoFx24O6rFVzx7bp2nwhAWrWi%2BEF93eLboAsST
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
c5d31fa83d4c162e09ed29f5943a3bd32925a4f60f90adc7a91083e7d077dee2

Request headers

X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
gU6j6vyLKHXlH+bY3LLRhJnDh/fVOcwCf7lr7sd5WQr8r8YTYl1SI6uAXvCBcupBJr5YSZN7Lh0+JzFU35MJObuuAmIZ/+GAbG50hKNsGCRdXPjrVQT6gs0LTiyFDhPvigpCPo3g8fky7oMhiVmdlKF1LUROih4PLl7IWpr8RKJktfcy9JBa5u9VxMSroQxFow0YOfa6Atfyx8u29CRy95Cztcen3+l1MzNPXddrb7a/1LZe3GtgBBDkuRkDpQ==, gU6j6vyLKHXlH+bY3LLRhJnDh/fVOcwCf7lr7sd5WQr8r8YTYl1SI6uAXvCBcupBJr5YSZN7Lh0+JzFU35MJObuuAmIZ/+GAbG50hKNsGCRdXPjrVQT6gs0LTiyFDhPvigpCPo3g8fky7oMhiVmdlKF1LUROih4PLl7IWpr8RKJktfcy9JBa5u9VxMSroQxFow0YOfa6Atfyx8u29CRy95Cztcen3+l1MzNPXddrb7a/1LZe3GtgBBDkuRkDpQ==
Referer
https://www.group-ib.com/cert.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
g7K8b92b54d4fee24505fc227d65407b1e7f611b, cx3k17db2ce7eeed5ca595e7d9547c85d0d52ad1
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 12 Jul 2023 10:33:08 GMT
content-encoding
gzip
server
istio-envoy
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.group-ib.com
cache-control
no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
11
img.gif
b.6sc.co/v1/beacon/ 		43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=e84d9c08a990af8592952e7ac9a983ad&svisitor=null&visitor=823d88e4-55b7-44e1-86a7-9c23573d7784&session=3e5c7283-d739-48ec-86e5-bd2f86b5e841&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2012%20Jul%202023%2010%3A33%3A08%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2012%20Jul%202023%2010%3A33%3A07%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%222049%22%7D&isIframe=false&m=%7B%22description%22%3A%22Group-IB%20provides%20professional%20assistance%20in%20response%20to%20DDoS%20attacks%2C%20unsanctioned%20access%2C%20phishing%2C%20infection%20by%20malware%20and%20etc.%20Inform%20us%20about%20the%20incident%20and%20we%20will%20help%20you.%22%2C%22keywords%22%3A%22response%2C%20center%2C%20incident%2C%20cert%2C%20computer%2C%20emergency%2C%20SOC%2C%20team%2C%20DDoS%2C%20phishing%2C%20malware%2C%20fraud%2C%20online%22%2C%22title%22%3A%22Response%20to%20information%20security%20incidents%20-%20CERT-GIB%22%7D&cb=&r=https%3A%2F%2Fgroup-ib.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&pageViewId=7b88a800-36e0-4f6e-8bbc-0025897a74a2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:33:08 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60bb2e15-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/ 		43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=e84d9c08a990af8592952e7ac9a983ad&svisitor=null&visitor=823d88e4-55b7-44e1-86a7-9c23573d7784&session=3e5c7283-d739-48ec-86e5-bd2f86b5e841&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2012%20Jul%202023%2010%3A33%3A09%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2012%20Jul%202023%2010%3A33%3A08%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%223050%22%7D&isIframe=false&m=%7B%22description%22%3A%22Group-IB%20provides%20professional%20assistance%20in%20response%20to%20DDoS%20attacks%2C%20unsanctioned%20access%2C%20phishing%2C%20infection%20by%20malware%20and%20etc.%20Inform%20us%20about%20the%20incident%20and%20we%20will%20help%20you.%22%2C%22keywords%22%3A%22response%2C%20center%2C%20incident%2C%20cert%2C%20computer%2C%20emergency%2C%20SOC%2C%20team%2C%20DDoS%2C%20phishing%2C%20malware%2C%20fraud%2C%20online%22%2C%22title%22%3A%22Response%20to%20information%20security%20incidents%20-%20CERT-GIB%22%7D&cb=&r=https%3A%2F%2Fgroup-ib.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&pageViewId=7b88a800-36e0-4f6e-8bbc-0025897a74a2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:33:09 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Sat, 05 Jun 2021 07:56:05 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"60bb2e15-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
fl
www.group-ib.com/api/ 		45 B
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/api/fl?u=d5fb122505&mv=2&cfidsgib-w-group-ib=
Requested by
Host: fhp-aws-antibot-back.group-ib.com
URL: https://fhp-aws-antibot-back.group-ib.com/d/bt-autoinject.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.72.181.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-72-181-255.eu-central-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e51d180997efe01b05d525240cff9025620bf4cc3b34487c6890742a2b1ed7d4

Request headers

X-GIB-GSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
XIN3XqjndNVYTiBM6m3B0ilzFf6Boyv9H5pSAzs8nr1Gb+DXazsuGqmAUDyGAqjBrhvIwrTiXaKyx+xonZyilVpTckPmF4CrnSYtGmUYhVOdEex2Q9kSRn1zaKscmQCUtR3fa+NEyn85/ybfWUVlLabl/nvYTkusQf5ilglijHKT6ZDo7ujEOqxFI/qSGDwpX1/O9BfIsL8R7PGRnpq8XZF6XGTtPYGiqhc0uU1l84xvv6XJoX0PngGz2HpN3A==, XIN3XqjndNVYTiBM6m3B0ilzFf6Boyv9H5pSAzs8nr1Gb+DXazsuGqmAUDyGAqjBrhvIwrTiXaKyx+xonZyilVpTckPmF4CrnSYtGmUYhVOdEex2Q9kSRn1zaKscmQCUtR3fa+NEyn85/ybfWUVlLabl/nvYTkusQf5ilglijHKT6ZDo7ujEOqxFI/qSGDwpX1/O9BfIsL8R7PGRnpq8XZF6XGTtPYGiqhc0uU1l84xvv6XJoX0PngGz2HpN3A==
Referer
https://www.group-ib.com/cert.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-GIB-FGSSCgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
aOkF10e0cbaf713f05ad33de8e7d250dce7deab3, wZ4T5c85a2613c58eff6d8c04c5b5c6d4bd02a6c
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 12 Jul 2023 10:33:10 GMT
content-encoding
gzip
server
istio-envoy
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.group-ib.com
cache-control
no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
img.gif
b.6sc.co/v1/beacon/ 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.6sc.co/v1/beacon/img.gif?token=e84d9c08a990af8592952e7ac9a983ad&svisitor=null&visitor=823d88e4-55b7-44e1-86a7-9c23573d7784&session=3e5c7283-d739-48ec-86e5-bd2f86b5e841&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2012%20Jul%202023%2010%3A33%3A10%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2012%20Jul%202023%2010%3A33%3A09%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%224051%22%7D&isIframe=false&m=%7B%22description%22%3A%22Group-IB%20provides%20professional%20assistance%20in%20response%20to%20DDoS%20attacks%2C%20unsanctioned%20access%2C%20phishing%2C%20infection%20by%20malware%20and%20etc.%20Inform%20us%20about%20the%20incident%20and%20we%20will%20help%20you.%22%2C%22keywords%22%3A%22response%2C%20center%2C%20incident%2C%20cert%2C%20computer%2C%20emergency%2C%20SOC%2C%20team%2C%20DDoS%2C%20phishing%2C%20malware%2C%20fraud%2C%20online%22%2C%22title%22%3A%22Response%20to%20information%20security%20incidents%20-%20CERT-GIB%22%7D&cb=&r=https%3A%2F%2Fgroup-ib.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&pageViewId=7b88a800-36e0-4f6e-8bbc-0025897a74a2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.111.184 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-111-184.deploy.static.akamaitechnologies.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 10:33:10 GMT
x-content-type-options
nosniff
content-length
43
pragma
no-cache
last-modified
Tue, 05 Oct 2021 22:17:52 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"615ccf10-2b"
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
expires
Wed, 19 Apr 2000 11:43:00 GMT
img.gif
b.6sc.co/v1/beacon/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
b.6sc.co
URL
https://b.6sc.co/v1/beacon/img.gif?token=e84d9c08a990af8592952e7ac9a983ad&svisitor=null&visitor=823d88e4-55b7-44e1-86a7-9c23573d7784&session=3e5c7283-d739-48ec-86e5-bd2f86b5e841&event=active_time_track&q=%7B%22currentTime%22%3A%22Wed%2C%2012%20Jul%202023%2010%3A33%3A11%20GMT%22%2C%22lastTrackTime%22%3A%22Wed%2C%2012%20Jul%202023%2010%3A33%3A10%20GMT%22%2C%22timeSpent%22%3A%221001%22%2C%22totalTimeSpent%22%3A%225052%22%7D&isIframe=false&m=%7B%22description%22%3A%22Group-IB%20provides%20professional%20assistance%20in%20response%20to%20DDoS%20attacks%2C%20unsanctioned%20access%2C%20phishing%2C%20infection%20by%20malware%20and%20etc.%20Inform%20us%20about%20the%20incident%20and%20we%20will%20help%20you.%22%2C%22keywords%22%3A%22response%2C%20center%2C%20incident%2C%20cert%2C%20computer%2C%20emergency%2C%20SOC%2C%20team%2C%20DDoS%2C%20phishing%2C%20malware%2C%20fraud%2C%20online%22%2C%22title%22%3A%22Response%20to%20information%20security%20incidents%20-%20CERT-GIB%22%7D&cb=&r=https%3A%2F%2Fgroup-ib.com%2F&thirdParty=%7B%7D&v2=1&pageURL=https%3A%2F%2Fwww.group-ib.com%2Fcert.html&pageViewId=7b88a800-36e0-4f6e-8bbc-0025897a74a2

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 boolean| credentialless object| onbeforetoggle object| onscrollend object| gib boolean| __gibclatt boolean| __86a4b3f1c71b93a8cb28ae2a51a4c386__ function| gibSetAttribute function| gibSetAttributeCallback function| gibRemoveAttribute function| gibHash function| gibEncrypt string| __guc__1.0.0 object| dataLayer function| gtag function| $ function| jQuery object| conf function| fbAsyncInit object| hubspot object| HubSpotForms object| _hsq object| hbspt object| hsFormsOnReady object| google_tag_manager object| google_tag_data function| _classCallCheck function| executeFunctionByName function| _createClass object| landing object| certainDomains object| publicDomains function| Tiles function| Action object| actions function| CubicGallery function| CubicGallery2 function| Parallax function| Popup function| SelectThis function| CubicForm function| CubicSticky function| SwipeDetector function| CubicSwitcher function| CubicTabs function| ChangeForm function| Shifter function| ClipboardJS function| raf object| gacid object| gaClientId object| FB function| Accordeon function| EmailsBase function| wr function| Cookies function| CrmForm function| Marketo object| merchPop function| metrics object| LinkedIn object| News object| showMore object| News2 function| PollForm function| fillPoll function| Share function| ShowMore2 function| CubicTags function| Test function| Tumbler function| initTumbler function| Unsubscribe object| GooglebQhCsO object| _6si object| _linkedin_data_partner_ids boolean| _already_called_lintrk object| _NBSettings object| popups function| initCrmForms object| __buffer function| onYouTubeIframeAPIReady object| gaGlobal object| SENTRY_RELEASE undefined| Raven object| _nb function| __neverbounce_41122 object| MktoForms2 function| lintrk object| ziws

33 Cookies

Domain/Path Name / Value
group-ib.com/ Name: gssc213174
Value:
.group-ib.com/ Name: __zzatgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Value: MDA0dBA=Fz2+aQ==
group-ib.com/ Name: cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Value: Ga8YZyn2Z4HwwdCpO35+Uy/c6fDxXyDHGTnbS1YiLnVAy85slmP9dreXPu0N0rrnZ9KcyqMf2MV+uwkJmnkWaJzNBinFdKTeLVpuMyDGFMGQ+GuLwZdKOHiLpQxmo6ywRKK6cEV0p+eKVw1tZmFJETDCJJgnNPhTFGFy
.www.group-ib.com/ Name: __zzatgib-w-group-ib
Value: MDA0dBA=Fz2+aQ==
.group-ib.com/ Name: __zzatgib-w-group-ib
Value: MDA0dBA=Fz2+aQ==
.group-ib.com/ Name: _gcl_au
Value: 1.1.1430288399.1689157986
.app-lon09.marketo.com/ Name: __cf_bm
Value: 7_EvueKeMWmDbVqjLZIaVLQgDjtVvMxs8stMHjiJOhc-1689157986-0-AX75CvymF1JIUdEqa6QclvIOjDkKelsZVikZ+g/OsY416SOqr4cIaOFIEEl8Tt7SdLnK8bRptKckQXxPZqu0BsM=
.group-ib.com/ Name: _ga_QMES53K3Y2
Value: GS1.1.1689157986.1.0.1689157986.60.0.0
.group-ib.com/ Name: _ga
Value: GA1.1.591046217.1689157987
www.group-ib.com/ Name: _gd_visitor
Value: 823d88e4-55b7-44e1-86a7-9c23573d7784
www.group-ib.com/ Name: _gd_session
Value: 3e5c7283-d739-48ec-86e5-bd2f86b5e841
.ws.zoominfo.com/ Name: visitorId
Value: be7d7b297ab57e9a3fdd9be46eb75c5f1a752c21956e5c2aed1772803a6a64d7
.zoominfo.com/ Name: __cf_bm
Value: a0ljLv9XpPGbe2eRNrjYGm4HxP00ZR1cR_0Pv15kTvI-1689157986-0-ARScLAddtEIkF6ZL3mkajkaYlLcqCDZA6lCNeORIJmm1zR9cNNAvKjpvLnKiuydJszZm1g/aJeHCcw87jg6Mbxc=
.zoominfo.com/ Name: _cfuvid
Value: OBgwheVGSfJ30Vlh0zt.n2JCOomTvmy9vNVd498RRJg-1689157986671-0-604800000
.id.group-ib.com/ Name: gcfids
Value: AT4lPr06wHC5+TQQcNb6gxLo8bH0t+jTRQ+hySENv2a-awMLHQvCEdLPQNgNnlUwzYZ7MTSmHb55VQ+wle1GnYFoKSb5-RWqOQKcG7x+5umVPSN488lKFaZL5wso
.doubleclick.net/ Name: IDE
Value: AHWqTUlpgnPce3cRpJNJ7u-DbbbF5TSPYo1BXUpwJBFe8DLZYyWRA3CVbuMO-YSC
.6sc.co/ Name: 6suuid
Value: b8d0170264ad07006381ae64070000006b253400
www.group-ib.com/ Name: ln_or
Value: eyI0NDk2NjAxIjoiZCJ9
www.group-ib.com/ Name: gssc213174
Value:
.linkedin.com/ Name: li_sugr
Value: 4679b97c-dc0f-4dd6-802e-6902514c0378
.linkedin.com/ Name: bcookie
Value: "v=2&ef55763e-1780-4887-8495-8d1fb1cb122e"
.linkedin.com/ Name: lidc
Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3003:u=1:x=1:i=1689157987:t=1689244387:v=2:sig=AQEDKBWecHWQ5_KcR8lgvkNyLjgbZJc2"
.linkedin.com/ Name: UserMatchHistory
Value: AQLO0IZt6rG-JwAAAYlJqWwbGpC70_q2EPKmreYIdBcxTfySRML9oM-rfDdwixgj0T1xIYT6BSJZ0w
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQI7lRkoEK6DrwAAAYlJqWwbvdmpFwCepGkb8c5RqFASNzcgkXkoyLjP7fLJN8koMBt2PhLTJcxndGUgJsiwWA
.www.linkedin.com/ Name: bscookie
Value: "v=1&20230712103307d6c64033-9b97-4895-8bc0-4bc1cc20da12AQFCkyFPVKBPl8kSJtwRlVuMIZHIc-WG"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODkxNTc5ODc7MjswMjGmxdkAZNzX3rkMQlIMtOJaRkjSidtgCgLNA2Yl8L5o/Q==
www.group-ib.com/ Name: cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Value: fFOuPEv79ZWCNVXI4DT1vgzZ7pJwAXyueuZ4hC2HWCi/gjxQRussmubBa3QubayizySuyid9faChCZkvKctq/bAQpsaKj8tcRsS+jP6vFfzmxFIWzybAXaNHcjJ9gJPR8T+JqmngGVI3l8nrgI/tCMsKiilHP8kC+u3r
.www.group-ib.com/ Name: cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Value: fFOuPEv79ZWCNVXI4DT1vgzZ7pJwAXyueuZ4hC2HWCi/gjxQRussmubBa3QubayizySuyid9faChCZkvKctq/bAQpsaKj8tcRsS+jP6vFfzmxFIWzybAXaNHcjJ9gJPR8T+JqmngGVI3l8nrgI/tCMsKiilHP8kC+u3r
.group-ib.com/ Name: cfidsgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Value: fFOuPEv79ZWCNVXI4DT1vgzZ7pJwAXyueuZ4hC2HWCi/gjxQRussmubBa3QubayizySuyid9faChCZkvKctq/bAQpsaKj8tcRsS+jP6vFfzmxFIWzybAXaNHcjJ9gJPR8T+JqmngGVI3l8nrgI/tCMsKiilHP8kC+u3r
.www.group-ib.com/ Name: gsscgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Value: gU6j6vyLKHXlH+bY3LLRhJnDh/fVOcwCf7lr7sd5WQr8r8YTYl1SI6uAXvCBcupBJr5YSZN7Lh0+JzFU35MJObuuAmIZ/+GAbG50hKNsGCRdXPjrVQT6gs0LTiyFDhPvigpCPo3g8fky7oMhiVmdlKF1LUROih4PLl7IWpr8RKJktfcy9JBa5u9VxMSroQxFow0YOfa6Atfyx8u29CRy95Cztcen3+l1MzNPXddrb7a/1LZe3GtgBBDkuRkDpQ==
.group-ib.com/ Name: gsscgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Value: gU6j6vyLKHXlH+bY3LLRhJnDh/fVOcwCf7lr7sd5WQr8r8YTYl1SI6uAXvCBcupBJr5YSZN7Lh0+JzFU35MJObuuAmIZ/+GAbG50hKNsGCRdXPjrVQT6gs0LTiyFDhPvigpCPo3g8fky7oMhiVmdlKF1LUROih4PLl7IWpr8RKJktfcy9JBa5u9VxMSroQxFow0YOfa6Atfyx8u29CRy95Cztcen3+l1MzNPXddrb7a/1LZe3GtgBBDkuRkDpQ==
.www.group-ib.com/ Name: fgsscgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Value: BGor7f7ec6c8b84efdba32bb11928e533a613d07
.group-ib.com/ Name: fgsscgib-w-61354c22-16cc-40a8-a871-6901f1a76e24
Value: BGor7f7ec6c8b84efdba32bb11928e533a613d07

5 Console Messages

Source Level URL
Text
network error URL: https://group-ib.com/cert.html
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'speaker'.
security error
Message:
Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
network error URL: https://www.group-ib.com/api/fl/idgib-w-group-ib
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.group-ib.com/media/wp-admin/admin-ajax.php?action=mediaforcert
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.neverbounce.com
app-lon09.marketo.com
b.6sc.co
c.6sc.co
cdn.linkedin.oribi.io
cdn.neverbounce.com
connect.facebook.net
fhp-aws-antibot-back.group-ib.com
fonts.googleapis.com
forms-eu1.hsforms.com
forms.hsforms.com
googleads.g.doubleclick.net
group-ib.com
ipv6.6sc.co
j.6sc.co
js-eu1.hsforms.net
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
ru.id.group-ib.com
snap.licdn.com
stats.g.doubleclick.net
ws.zoominfo.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.group-ib.com
www.linkedin.com
b.6sc.co
104.16.95.80
13.107.42.14
13.225.78.65
142.250.185.226
172.65.232.43
172.65.255.172
185.17.9.185
2001:4860:4802:34::36
2600:9000:2304:fe00:2:53b2:240:93a1
2606:4700::6810:650c
2606:4700::6811:d4f3
2620:1ec:21::14
2a00:1450:4001:806::200a
2a00:1450:4001:808::2008
2a00:1450:4001:828::2004
2a00:1450:4001:829::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c07::9a
2a02:26f0:3100::1735:28f0
2a02:26f0:7100::210:172
2a03:2880:f083:100:face:b00c:0:3
3.64.98.252
3.72.181.255
34.202.212.115
95.101.111.184
01e72a9ab59f9a5263e51e8df4d54a3b5a59825eb982dea4ba4eec0a0985e021
0430dd3b974561238dac03eb963a67da014965080c3d2de38d5b7aa318f3053e
0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849
077dad3be3a10854dc97527ce83bbf6422309d807f6e4b3492de78005d786cdc
094b8f36032e6b6df897c9fc0fcc123be179fede9324a189bc1e53186f2d9b63
0ba0fdd1f4249082a8547ab87976249ef74e8f587919cea3a64ee76a60802461
0fad7c265494ea50c0917b6e30e8b40c9001d3b94bfa3fa5d476cf0f39dde120
141397708f146e91f2a8137f1897e36d558af1c3c2e552c6aeda5f5d0a7448b0
163907259fa19c5b768aea83f82db575b01aad0fd5fbf9ac448d3db383229547
1c873ebdfd85a5d07ebc31bb4070de59747bb8199a39fa74c5c24a9fdcb998a5
1cee24f869788360296866f1972d14a8b6de5f60d3507948fc643ee794b57145
206d8cf5d1a0149c666651755b0f7b0b62a50882d61a5d18eaddc7317bb92a53
2182c7c52d0d00a3867cd805e699903609504621a5088a51c9cdd07ad5a53197
2a6e794d91aceda4c875927fd8aedd9e34a9643b18f1d9893aeeecdc9e61b5cd
311823cddb861654f5076079fb2c136560d815cf2b398013140b8db9c996badf
317b79559a280536f56fe52251c981953cd99790dafa3eb04997d55f07ed3548
3cbdeb53c566f58fa2298177c12defc90c733843c50e2fd4147d9597d33a1e34
3dd4b088ab105f30c06ccea664b41ad4d8308bca0d79497bfd795113e7d616c6
3dfb83a15a1a69fb2c6355797651535983e30f2ebee4666b987b217780a18f61
48dcfb6f699f2b4601e387a2c338ecd86589342e957bdc153650df90f3c175a9
492584db86b05db92e84082fb80ac2d2944bc4c7c8d9ef82cdf8c880b7cee02d
4aec96eddab69454e554bb60664da2e5043c363ebef6921644f619523e7274d7
4f3663a053e8d7539e71ac628811d68f69d5dac8449b5546ab5ac13c2f609e4d
55023db66b5b5211f8416ea69c8786ef0ae48e1dc5a3a065869755dc1a1e2435
66d609b0c975493c48e785524fbb6cfa5d28ea59d8d7e5e12bd4a8c5b8556f67
6851043ba2503bc957301fb90e0cc3f193d3ef8b6d5695204585f59922494cc3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c180fd42d1bdcbe44770f66302e735851c26d2a79016520583e8e0118aae6ad
74711bb799e7d4712bcdc9fdf42f5acb835448d1ec23936a1d46a087e192e378
74a02ff107402492b9e19e4c7c550a9db662bfcb3a8bebc372d4ac8fb0a90fff
756fc1c26e7451568fba7f9b0e1365c1d3f3585d911c49020ee0678564da7d06
7b12bc0e3c26c7489b7b00b5eac170133e840e004baac496b88c23db28353ad4
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7df6b8c5291f0867dc7090d3db39ada9db8d4b8727d0bc7db05f26e4c700ed6c
8032f11ad394a57147c4ddfcd40dc7a1c069a7cba58522352fdb8bd8a3fb60c7
844bb56d9d924583139e6f89aa998b215f3a7516cafc5e448c64e8cde29361e5
845269483abcd5c6fadaed7ce8f503165db4f2db1045361f60e5e5b669f4ba4f
85b858c0d849f48e6f39a5e76b0ffd672135822f87d0b1ac4d643931e862e912
8b3ecc577e9722ca0bb5fd08ce6e5b800b114001af146f2a03865ab2859e9eb1
9353a3bbd5a26c02cc3014fcb55f262e233f9b875b4d91ba012deca8a76e0f07
96a6001a342e4c3f87e5bf80a35541f4967c0a2d94eb185d030a752d5b05f645
97a93f703234d95ced11934ff8da8333d27ff6974f79ce4f56c3f6af5e49b2e2
98798d0e87b53006f4a5e5225a1c3f968075937b75aa0d7cca0506bda9063e55
9e440a6c0b5763ba950460f55d677ca052ef1645ae0755d343d7d72c527146a5
9ee338bd03594461a939b661840e43fec02d7345e19e3ad12509c06ba37ad355
9f76fca582f32f2da3a5f6c1fbfd29f75a599227fc58c9a3acde24fd25550246
a138c249b501af8ef53ac907a5cc8f9ba7a7a75b35d7c4cd4951eda4c4aa6e54
aad18b84e34e15f9dddf39cc08a040e557bce50512b8689f3f7faae963f1429f
b115b87838e7ec037b880f4f0b3243546ca34e849b07e2e37129eabb753d8aa7
b45e3445db9d89e055c30a7fc09e90ecfdc0f6971d65113033beb474f7f6bb01
b6dae59b1696ffa3e74d2a5ea01c460be556d5a8cbb399c73cbcd765b812d251
ba7142b67a35b355665658ebc3e6a70f2ec8eef6cabf0df2605d87ae469a05cb
c5c82d07f8585f9fb204c3e7ad772d144ee04022adcaab154b1c7b535a4803bf
c5d31fa83d4c162e09ed29f5943a3bd32925a4f60f90adc7a91083e7d077dee2
c678f7ebeaf42ae73a6b84255ed78e47baa5f2fa1718892dd24d5064bfe67117
c99d11cb4960d6e1918ed55d5bcbb316d38b51098e2efc1201904d7274d3273e
cba8dab9146aa4c7695c71ec3c6dd57b5e7c3c26cf53709866aa9ca7da1de491
cbd38f4d44ad316257c6d3179f980798a97688e6ff1df6d94f66cad4b46945a7
d3b6086fc1ebac05142d14fbf04500c346db14ec84fa2d244ca7265e55df0625
dad70b7676cc28cac775ec7c5063ab0f81fe7f63bd6ff2ecb708cd4508675ad3
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dfef3b3b725657391e24cf6811a83b43162d15068bc0ce8544e88f06512b9450
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51d180997efe01b05d525240cff9025620bf4cc3b34487c6890742a2b1ed7d4
e7b8b47c2e1dbda0ccfb9d5b4e71ac859d165493f408bfe746325e0d929a3921
e879f79cf3432a5c0e30fe7ff7bbbccf97fb8adf675ea88a3349f22936b73a9d
e9031a39081de0fc883595e173b04e5ecf8d5320e8ca60ed8fd95b44f3e2676f
ed8be858616fadd04b8af9579ce6bd3b62a54b50d930b530dce028aef297f716
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e95c3c56d79dd5f88d2bd71e644847e54f09230c790fce8f404577b6ac581f
f861bad7e2c91ffabeed5b2eceeb943001ebe1c4ff4fa131a2b574e1a6c34b1a
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fe04a9dc88d3f3be8d4f6bc63a9a80f45a4c6d8460e7551dab849457c091920a
fe9a7ca1e475140e6b37fbc86a5efcd3251be4348137aa07231bd91ee8678b7c
ff95cae331e15782a6bf52e6420f680468e814292683674e664de85228388ab2