sso.group-ib.com Open in urlscan Pro
94.130.48.226 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bt.group-ib.com/taxii/services/poll
Effective URL:
https://sso.group-ib.com/
Submission Tags: falconsandbox
Submission: On June 03 via api (June 3rd 2021, 6:46:27 am UTC) from US

Summary HTTP 13 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 13 HTTP transactions. The main IP is 94.130.48.226, located in Bad Orb, Germany and belongs to HETZNER-AS, DE. The main domain is sso.group-ib.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 1st 2020. Valid for: a year.

This is the only time sso.group-ib.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	148.251.221.102 148.251.221.102	24940 (HETZNER-AS) (HETZNER-AS)
2 15	94.130.48.226 94.130.48.226	24940 (HETZNER-AS) (HETZNER-AS)
13	1

2 148.251.221.102 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: bt.group-ib.com

bt.group-ib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 94.130.48.226 (Bad Orb, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.226.48.130.94.clients.your-server.de

sso.group-ib.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	group-ib.com 4 redirects bt.group-ib.com sso.group-ib.com	3 MB
13	1

	Domain	Requested by
15	sso.group-ib.com	2 redirects sso.group-ib.com
2	bt.group-ib.com	2 redirects
13	2

This site contains links to these domains. Also see Links.

Domain
group-ib.com
www.group-ib.com

Subject Issuer	Validity	Valid
*.group-ib.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-01` - `2021-07-04`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://sso.group-ib.com/
Frame ID: BAC88C05CADF5946A73DF37F68C8A7A3
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://bt.group-ib.com/taxii/services/poll HTTP 301
https://bt.group-ib.com/taxii/services/poll HTTP 302
https://sso.group-ib.com/forbidden/ci HTTP 302
http://sso.group-ib.com/ HTTP 301
https://sso.group-ib.com/ Page URL

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

2573 kB
Transfer

2570 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://group-ib.com/

Search URL Search Domain Scan URL

URL: https://www.group-ib.com/tds.html
Title: Try demo

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bt.group-ib.com/taxii/services/poll HTTP 301
https://bt.group-ib.com/taxii/services/poll HTTP 302
https://sso.group-ib.com/forbidden/ci HTTP 302
http://sso.group-ib.com/ HTTP 301
https://sso.group-ib.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response sso.group-ib.com/ Redirect Chain http://bt.group-ib.com/taxii/services/poll https://bt.group-ib.com/taxii/services/poll https://sso.group-ib.com/forbidden/ci http://sso.group-ib.com/ https://sso.group-ib.com/	3 KB 1 KB	75ms 75ms	Document text/html	94.130.48.226 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sso.group-ib.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.130.48.226 Bad Orb, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.226.48.130.94.clients.your-server.de Software istio-envoy / PHP/7.4.18 Resource Hash `13ab246e98d7288d3147a84cf94f4660bbf654e0d4758141321770757207c9d8` Request headers :method GET :authority sso.group-ib.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US cookie PHPSESSID=4d891abad9002592d3512d6b848152f7 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers server istio-envoy date Thu, 03 Jun 2021 06:46:10 GMT content-type text/html; charset=UTF-8 content-length 1483 allow GET cache-control max-age=0, must-revalidate, private content-encoding gzip expires Thu, 03 Jun 2021 06:46:10 GMT x-powered-by PHP/7.4.18 x-envoy-upstream-service-time 36 Redirect headers location https://sso.group-ib.com/ date Thu, 03 Jun 2021 06:46:10 GMT server istio-envoy content-length 0
GET H2	200	2.8b295a65.chunk.css sso.group-ib.com/static/css/	50 KB 50 KB	112ms 111ms	Stylesheet text/css	94.130.48.226 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sso.group-ib.com/static/css/2.8b295a65.chunk.css Requested by Host: sso.group-ib.com URL: https://sso.group-ib.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.130.48.226 Bad Orb, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.226.48.130.94.clients.your-server.de Software istio-envoy / Resource Hash `58a85b3a2da321f7ab59cfc54972176466c3678445bc208fe242a8f1421bf3aa` Request headers :path /static/css/2.8b295a65.chunk.css pragma no-cache cookie PHPSESSID=4d891abad9002592d3512d6b848152f7 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority sso.group-ib.com referer https://sso.group-ib.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://sso.group-ib.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 06:46:10 GMT last-modified Fri, 14 May 2021 14:36:14 GMT server istio-envoy etag "609e8ade-c7ec" content-type text/css x-envoy-upstream-service-time 12 accept-ranges bytes content-length 51180
GET H2	200	main.5c1adad1.chunk.css sso.group-ib.com/static/css/	10 KB 10 KB	48ms 47ms	Stylesheet text/css	94.130.48.226 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sso.group-ib.com/static/css/main.5c1adad1.chunk.css Requested by Host: sso.group-ib.com URL: https://sso.group-ib.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.130.48.226 Bad Orb, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.226.48.130.94.clients.your-server.de Software istio-envoy / Resource Hash `e91dab340da6e3ca27d8e7936c5b295c90b4a924d05c1a5f792628bd75de2806` Request headers :path /static/css/main.5c1adad1.chunk.css pragma no-cache cookie PHPSESSID=4d891abad9002592d3512d6b848152f7 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority sso.group-ib.com referer https://sso.group-ib.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://sso.group-ib.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 06:46:10 GMT last-modified Fri, 14 May 2021 14:36:14 GMT server istio-envoy etag "609e8ade-298d" content-type text/css x-envoy-upstream-service-time 7 accept-ranges bytes content-length 10637
GET H2	200	main_114_20082214_601_1817.js Show response sso.group-ib.com/js/	284 KB 284 KB	46ms 45ms	Script application/javascript	94.130.48.226 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sso.group-ib.com/js/main_114_20082214_601_1817.js Requested by Host: sso.group-ib.com URL: https://sso.group-ib.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.130.48.226 Bad Orb, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.226.48.130.94.clients.your-server.de Software istio-envoy / Resource Hash `81f8ab7f66624b896e4189edfdf0441a1f6990ffab82ff31978eb2448263ad22` Request headers :path /js/main_114_20082214_601_1817.js pragma no-cache cookie PHPSESSID=4d891abad9002592d3512d6b848152f7 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority sso.group-ib.com referer https://sso.group-ib.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://sso.group-ib.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 06:46:10 GMT last-modified Tue, 25 May 2021 13:24:08 GMT server istio-envoy etag "60acfa78-46f61" content-type application/javascript x-envoy-upstream-service-time 7 accept-ranges bytes content-length 290657
GET H2	200	2.265a2aef.chunk.js Show response sso.group-ib.com/static/js/	385 KB 385 KB	85ms 84ms	Script application/javascript	94.130.48.226 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sso.group-ib.com/static/js/2.265a2aef.chunk.js Requested by Host: sso.group-ib.com URL: https://sso.group-ib.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.130.48.226 Bad Orb, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.226.48.130.94.clients.your-server.de Software istio-envoy / Resource Hash `fdac8116dc77405ba0818150d9b4d3cb6f81946040c1952e219912e3e4dbf23b` Request headers :path /static/js/2.265a2aef.chunk.js pragma no-cache cookie PHPSESSID=4d891abad9002592d3512d6b848152f7 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority sso.group-ib.com referer https://sso.group-ib.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://sso.group-ib.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 06:46:10 GMT last-modified Fri, 14 May 2021 17:19:55 GMT server istio-envoy etag "609eb13b-602ae" content-type application/javascript x-envoy-upstream-service-time 9 accept-ranges bytes content-length 393902
GET H2	200	main.e249ac56.chunk.js Show response sso.group-ib.com/static/js/	95 KB 96 KB	67ms 67ms	Script application/javascript	94.130.48.226 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sso.group-ib.com/static/js/main.e249ac56.chunk.js Requested by Host: sso.group-ib.com URL: https://sso.group-ib.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.130.48.226 Bad Orb, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.226.48.130.94.clients.your-server.de Software istio-envoy / Resource Hash `f654f8808db8ba87a355b99a60ad87e48e54e3114d58abefdcafe87d3505e675` Request headers :path /static/js/main.e249ac56.chunk.js pragma no-cache cookie PHPSESSID=4d891abad9002592d3512d6b848152f7 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority sso.group-ib.com referer https://sso.group-ib.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://sso.group-ib.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 06:46:10 GMT last-modified Fri, 28 May 2021 12:25:21 GMT server istio-envoy etag "60b0e131-17d5e" content-type application/javascript x-envoy-upstream-service-time 7 accept-ranges bytes content-length 97630
GET H2	200	Roboto-Bold.ee7b96fa.ttf sso.group-ib.com/static/media/	167 KB 167 KB	55ms 55ms	Font application/octet-stream	94.130.48.226 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sso.group-ib.com/static/media/Roboto-Bold.ee7b96fa.ttf Requested by Host: sso.group-ib.com URL: https://sso.group-ib.com/static/css/main.5c1adad1.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.130.48.226 Bad Orb, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.226.48.130.94.clients.your-server.de Software istio-envoy / Resource Hash `7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86` Request headers sec-fetch-mode cors origin https://sso.group-ib.com accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest font cookie PHPSESSID=4d891abad9002592d3512d6b848152f7 :path /static/media/Roboto-Bold.ee7b96fa.ttf pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept / cache-control no-cache :authority sso.group-ib.com referer https://sso.group-ib.com/static/css/main.5c1adad1.chunk.css :scheme https sec-fetch-site same-origin :method GET Origin https://sso.group-ib.com Referer https://sso.group-ib.com/static/css/main.5c1adad1.chunk.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 06:46:11 GMT last-modified Fri, 09 Apr 2021 14:13:42 GMT server istio-envoy etag "60706116-29b08" content-type application/octet-stream x-envoy-upstream-service-time 11 accept-ranges bytes content-length 170760
GET H2	200	Roboto-Regular.3e1af3ef.ttf sso.group-ib.com/static/media/	168 KB 168 KB	49ms 49ms	Font application/octet-stream	94.130.48.226 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sso.group-ib.com/static/media/Roboto-Regular.3e1af3ef.ttf Requested by Host: sso.group-ib.com URL: https://sso.group-ib.com/static/css/main.5c1adad1.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.130.48.226 Bad Orb, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.226.48.130.94.clients.your-server.de Software istio-envoy / Resource Hash `79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95` Request headers sec-fetch-mode cors origin https://sso.group-ib.com accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest font cookie PHPSESSID=4d891abad9002592d3512d6b848152f7 :path /static/media/Roboto-Regular.3e1af3ef.ttf pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept / cache-control no-cache :authority sso.group-ib.com referer https://sso.group-ib.com/static/css/main.5c1adad1.chunk.css :scheme https sec-fetch-site same-origin :method GET Origin https://sso.group-ib.com Referer https://sso.group-ib.com/static/css/main.5c1adad1.chunk.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 06:46:11 GMT last-modified Fri, 09 Apr 2021 14:13:42 GMT server istio-envoy etag "60706116-29e9c" content-type application/octet-stream x-envoy-upstream-service-time 6 accept-ranges bytes content-length 171676
GET H2	200	Roboto-Medium.d0884059.ttf sso.group-ib.com/static/media/	168 KB 168 KB	45ms 45ms	Font application/octet-stream	94.130.48.226 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sso.group-ib.com/static/media/Roboto-Medium.d0884059.ttf Requested by Host: sso.group-ib.com URL: https://sso.group-ib.com/static/css/main.5c1adad1.chunk.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.130.48.226 Bad Orb, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.226.48.130.94.clients.your-server.de Software istio-envoy / Resource Hash `f205cc511821ea56078a105557fcea6253129404d411c997e1866fbd006abb68` Request headers sec-fetch-mode cors origin https://sso.group-ib.com accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest font cookie PHPSESSID=4d891abad9002592d3512d6b848152f7 :path /static/media/Roboto-Medium.d0884059.ttf pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept / cache-control no-cache :authority sso.group-ib.com referer https://sso.group-ib.com/static/css/main.5c1adad1.chunk.css :scheme https sec-fetch-site same-origin :method GET Origin https://sso.group-ib.com Referer https://sso.group-ib.com/static/css/main.5c1adad1.chunk.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 06:46:11 GMT last-modified Fri, 09 Apr 2021 14:13:42 GMT server istio-envoy etag "60706116-2a020" content-type application/octet-stream x-envoy-upstream-service-time 3 accept-ranges bytes content-length 172064
GET H2	200	TI.b9ebd0f0.png sso.group-ib.com/static/media/	592 KB 593 KB	44ms 44ms	Image image/png	94.130.48.226 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sso.group-ib.com/static/media/TI.b9ebd0f0.png Requested by Host: sso.group-ib.com URL: https://sso.group-ib.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.130.48.226 Bad Orb, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.226.48.130.94.clients.your-server.de Software istio-envoy / Resource Hash `09a369e7d3f02fc409cc737d1548bf380911f11568e9bd9c21f224739ca35848` Request headers :path /static/media/TI.b9ebd0f0.png pragma no-cache cookie PHPSESSID=4d891abad9002592d3512d6b848152f7 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority sso.group-ib.com referer https://sso.group-ib.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://sso.group-ib.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 06:46:11 GMT last-modified Fri, 14 May 2021 14:36:14 GMT server istio-envoy etag "609e8ade-93efe" content-type image/png x-envoy-upstream-service-time 6 accept-ranges bytes content-length 605950
GET H2	200	idgib-w-sso Show response sso.group-ib.com/api/fl/	205 B 617 B	244ms 243ms	XHR text/plain	94.130.48.226 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sso.group-ib.com/api/fl/idgib-w-sso Requested by Host: sso.group-ib.com URL: https://sso.group-ib.com/js/main_114_20082214_601_1817.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.130.48.226 Bad Orb, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.226.48.130.94.clients.your-server.de Software istio-envoy / Resource Hash `303e9a76f505039f55f1ba5147d6cc83409906adcfb9fee2024795d6e98ae8a3` Request headers sec-fetch-mode cors accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest empty cookie PHPSESSID=4d891abad9002592d3512d6b848152f7 :path /api/fl/idgib-w-sso pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 x-cfids - accept / cache-control no-cache :authority sso.group-ib.com referer https://sso.group-ib.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://sso.group-ib.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 x-cfids - Response headers date Thu, 03 Jun 2021 06:46:11 GMT content-encoding gzip server istio-envoy etag W/"6dmc3cEjPe0xZmL1JvSJqbgSQPwThjD+9oPHXwU+aXtN8qAUjhYC4tLfCD0vfjctzTtHzSbMPpiHjdmg+OSMQPPbxTnzkcgQpr6eCFgEhSDTlc8rjmtumJ8pLH7aEJs6zNgxhFtf5SXAIGgmzXr34KDF" vary Accept-Encoding,Accept-Encoding content-type text/plain; charset=utf-8 cache-control no-cache x-envoy-upstream-service-time 204 set-cookie cfidsgib-w-sso=6dmc3cEjPe0xZmL1JvSJqbgSQPwThjD+9oPHXwU+aXtN8qAUjhYC4tLfCD0vfjctzTtHzSbMPpiHjdmg+OSMQPPbxTnzkcgQpr6eCFgEhSDTlc8rjmtumJ8pLH7aEJs6zNgxhFtf5SXAIGgmzXr34KDF; Path=/; Expires=Fri, 03 Jun 2022 06:46:11 GMT; Secure; SameSite=None
POST H2	200	fl Show response sso.group-ib.com/api/	677 B 957 B	202ms 202ms	XHR text/plain	94.130.48.226 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sso.group-ib.com/api/fl?u=2008221405&mv=2&cfidsgib-w-sso=6dmc3cEjPe0xZmL1JvSJqbgSQPwThjD%2B9oPHXwU%2BaXtN8qAUjhYC4tLfCD0vfjctzTtHzSbMPpiHjdmg%2BOSMQPPbxTnzkcgQpr6eCFgEhSDTlc8rjmtumJ8pLH7aEJs6zNgxhFtf5SXAIGgmzXr34KDF Requested by Host: sso.group-ib.com URL: https://sso.group-ib.com/js/main_114_20082214_601_1817.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.130.48.226 Bad Orb, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.226.48.130.94.clients.your-server.de Software istio-envoy / Resource Hash `e5d948e8b6edf52d12b778eab68091097af43c8a04a69d5ec928ac914dfcfa60` Request headers sec-fetch-mode cors origin https://sso.group-ib.com accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest empty cookie PHPSESSID=4d891abad9002592d3512d6b848152f7; cfidsgib-w-sso=6dmc3cEjPe0xZmL1JvSJqbgSQPwThjD+9oPHXwU+aXtN8qAUjhYC4tLfCD0vfjctzTtHzSbMPpiHjdmg+OSMQPPbxTnzkcgQpr6eCFgEhSDTlc8rjmtumJ8pLH7aEJs6zNgxhFtf5SXAIGgmzXr34KDF; cfidsgib-w-sso=6dmc3cEjPe0xZmL1JvSJqbgSQPwThjD+9oPHXwU+aXtN8qAUjhYC4tLfCD0vfjctzTtHzSbMPpiHjdmg+OSMQPPbxTnzkcgQpr6eCFgEhSDTlc8rjmtumJ8pLH7aEJs6zNgxhFtf5SXAIGgmzXr34KDF; cfidsgib-w-sso=6dmc3cEjPe0xZmL1JvSJqbgSQPwThjD+9oPHXwU+aXtN8qAUjhYC4tLfCD0vfjctzTtHzSbMPpiHjdmg+OSMQPPbxTnzkcgQpr6eCFgEhSDTlc8rjmtumJ8pLH7aEJs6zNgxhFtf5SXAIGgmzXr34KDF; __zzatgib-w-sso=MDA0dBA=Fz2+aQ==; __zzatgib-w-sso=MDA0dBA=Fz2+aQ== content-length 4308 :path /api/fl?u=2008221405&mv=2&cfidsgib-w-sso=6dmc3cEjPe0xZmL1JvSJqbgSQPwThjD%2B9oPHXwU%2BaXtN8qAUjhYC4tLfCD0vfjctzTtHzSbMPpiHjdmg%2BOSMQPPbxTnzkcgQpr6eCFgEhSDTlc8rjmtumJ8pLH7aEJs6zNgxhFtf5SXAIGgmzXr34KDF pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type text/plain;charset=UTF-8 accept / cache-control no-cache :authority sso.group-ib.com referer https://sso.group-ib.com/ :scheme https sec-fetch-site same-origin :method POST Referer https://sso.group-ib.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 03 Jun 2021 06:46:12 GMT content-encoding gzip server istio-envoy vary Accept-Encoding,Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type text/plain; charset=utf-8 access-control-allow-origin https://sso.group-ib.com cache-control no-store access-control-allow-credentials true x-envoy-upstream-service-time 162 set-cookie cfidsgib-w-sso=PkbaSBkLg0z3FPS9b80LDy3U3kbI+HGCJyqme/LTi4DQtTIsTjex0oDzsSTbs4xu8wkUKocU7J+up209CaVuMAQO3TFGxCR3jWj+8L/6P0tRg1j0sNIZ0LC2tllsSo3LM7vgdQeR4DAJFudaZsXa/iZjFrTFmn9QkFZm; Path=/; Expires=Fri, 03 Jun 2022 06:46:12 GMT; Secure; SameSite=None gssc114=; Path=/; Expires=Thu, 03 Jun 2021 06:46:22 GMT; Secure; SameSite=None access-control-allow-headers Accept,DNT,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Origin,ETag,If-None-Match,X-Cfids
GET H2	200	TDS.32301d03.png sso.group-ib.com/static/media/	647 KB 648 KB	43ms 43ms	Image image/png	94.130.48.226 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sso.group-ib.com/static/media/TDS.32301d03.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.130.48.226 Bad Orb, Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.226.48.130.94.clients.your-server.de Software istio-envoy / Resource Hash `171bb62a59e8df4de1b4bea59861f19e9498adaa4de9f353abcca70ef2cfa393` Request headers :path /static/media/TDS.32301d03.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority sso.group-ib.com referer https://sso.group-ib.com/ :scheme https sec-fetch-site same-origin :method GET Referer https://sso.group-ib.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 03 Jun 2021 06:46:18 GMT last-modified Fri, 09 Apr 2021 14:13:42 GMT server istio-envoy etag "60706116-a1db5" content-type image/png x-envoy-upstream-service-time 5 accept-ranges bytes content-length 662965

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			sso.group-ib.com/	1970-01-19 18:46:29	Name: PHPSESSID Value: 4d891abad9002592d3512d6b848152f7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bt.group-ib.com
sso.group-ib.com
148.251.221.102
94.130.48.226
09a369e7d3f02fc409cc737d1548bf380911f11568e9bd9c21f224739ca35848
13ab246e98d7288d3147a84cf94f4660bbf654e0d4758141321770757207c9d8
171bb62a59e8df4de1b4bea59861f19e9498adaa4de9f353abcca70ef2cfa393
303e9a76f505039f55f1ba5147d6cc83409906adcfb9fee2024795d6e98ae8a3
58a85b3a2da321f7ab59cfc54972176466c3678445bc208fe242a8f1421bf3aa
79e851404657dac2106b3d22ad256d47824a9a5765458edb72c9102a45816d95
7d0b991ee3e0be7af01ad7ea8cd2beea6c00a25e679a0226b6737f079aafff86
81f8ab7f66624b896e4189edfdf0441a1f6990ffab82ff31978eb2448263ad22
e5d948e8b6edf52d12b778eab68091097af43c8a04a69d5ec928ac914dfcfa60
e91dab340da6e3ca27d8e7936c5b295c90b4a924d05c1a5f792628bd75de2806
f205cc511821ea56078a105557fcea6253129404d411c997e1866fbd006abb68
f654f8808db8ba87a355b99a60ad87e48e54e3114d58abefdcafe87d3505e675
fdac8116dc77405ba0818150d9b4d3cb6f81946040c1952e219912e3e4dbf23b

sso.group-ib.com Open in urlscan Pro 94.130.48.226 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

13 Requests

100 %HTTPS

0 %IPv6

1 Domains

2 Subdomains

1 IPs

1 Countries

2573 kBTransfer

2570 kBSize

1 Cookies

2 Outgoing links

Page URL History

Redirected requests

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

1 Cookies

Indicators

sso.group-ib.com Open in urlscan Pro
94.130.48.226 Public Scan

Screenshot
Live screenshot

Full Image

13
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

2
Subdomains

1
IPs

1
Countries

2573 kB
Transfer

2570 kB
Size

1
Cookies

13 HTTP transactions
0 data transactions