Group-IB Intelligence

the group ib intelligence connector enables seamless integration with swimlane turbine, allowing users to access a wide range of cyber threat intelligence directly within their security automation workflows group ib intelligence is a comprehensive threat intelligence platform that provides actionable insights into cyber threats and fraud by integrating with swimlane turbine, users can automate the retrieval of intelligence data such as compromised credentials, phishing campaigns, and indicators of compromise (iocs) this connector enables security teams to enhance their threat detection and response capabilities by leveraging group ib's extensive dark web monitoring and analysis the streamlined access to group ib's intelligence within swimlane turbine's low code environment empowers users to proactively defend against evolving cyber threats and reduce incident response times prerequisites to effectively utilize the group ib intelligence connector within swimlane turbine, ensure you have the following prerequisites http basic authentication with the following parameters url the endpoint url for the group ib intelligence api username your group ib intelligence account username api key a valid api key provided by group ib intelligence for secure access asset the group ib connector requires username and api key group ib accepts connections only from whitelisted ip addresses if a customer is using swimlane on cloud solution, they should contact the swimlane infrastructure team to get the public ips of the instance and whitelist them in group ib portal group ib has strict rate limiting and raises 429 client error too many requests for url the customer should wait for at least 15sec before making another request capabilities the group ib intelligence connector provides the following capabilities get access get account group get bank card group get breached get discord get git repository get ioc common list get masked card get messenger get phishing info get phishing kit info get public leak get reaper get updated items(apt threat) get updated items(ioccommon) and so on notes api documentation https //tap group ib com/hc/api configurations http basic authentication authenticates using username and password configuration parameters parameter description type required url a url to the target host string required username username string required password api key string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions get access retrieve the latest compromised data intelligence from dark web marketplaces using group ib intelligence endpoint url /api/v2/compromised/access/updated method get input argument name type required description parameters sequpdate number optional sequence update number parameters limit number optional limit the amount of returned data for this collection parameters apply hunting rules number optional parameters for the get access action input example {"parameters" {"sequpdate" 0,"limit" 10,"apply hunting rules" 1}} output parameter type description status code number http status code of the response reason string response reason phrase items array output field items items accesstype string type of the resource items cnc object output field items cnc items cnc cnc string output field items cnc cnc items cnc domain string output field items cnc domain items cnc ipv4 object output field items cnc ipv4 items cnc ipv4 asn string output field items cnc ipv4 asn items cnc ipv4 city string output field items cnc ipv4 city items cnc ipv4 countrycode string output field items cnc ipv4 countrycode items cnc ipv4 countryname string name of the resource items cnc ipv4 ip string output field items cnc ipv4 ip items cnc ipv4 provider string unique identifier items cnc ipv4 region string output field items cnc ipv4 region items cnc ipv6 object output field items cnc ipv6 items cnc ipv6 asn string output field items cnc ipv6 asn items cnc ipv6 city string output field items cnc ipv6 city items cnc ipv6 countrycode string output field items cnc ipv6 countrycode items cnc ipv6 countryname string name of the resource items cnc ipv6 ip string output field items cnc ipv6 ip items cnc ipv6 provider string unique identifier items cnc ipv6 region string output field items cnc ipv6 region items cnc url string url endpoint for the request items datecompromised string output field items datecompromised output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"items" \[{}],"count" 1}} get account group retrieve the latest account group information from group ib intelligence for up to date data access endpoint url /api/v2/compromised/account group/updated method get input argument name type required description parameters sequpdate number optional sequence update number parameters limit number optional limit the amount of returned data for this collection parameters apply hunting rules number optional parameters for the get account group action input example {"parameters" {"sequpdate" 0,"limit" 10,"apply hunting rules" 1}} output parameter type description status code number http status code of the response reason string response reason phrase items array output field items items datefirstcompromised string output field items datefirstcompromised items datefirstseen string output field items datefirstseen items datelastcompromised string output field items datelastcompromised items datelastseen string output field items datelastseen items displayoptions object output field items displayoptions items evaluation object output field items evaluation items evaluation admiraltycode string output field items evaluation admiraltycode items evaluation credibility number output field items evaluation credibility items evaluation reliability number output field items evaluation reliability items evaluation severity string output field items evaluation severity items evaluation tlp string output field items evaluation tlp items evaluation ttl number output field items evaluation ttl items eventcount number count value items events array output field items events items events client object output field items events client items events client ipv4 object output field items events client ipv4 items events client ipv4 asn string output field items events client ipv4 asn items events client ipv4 city string output field items events client ipv4 city items events client ipv4 countrycode string output field items events client ipv4 countrycode items events client ipv4 countryname string name of the resource items events client ipv4 ip string output field items events client ipv4 ip items events client ipv4 provider string unique identifier output example {"items" \[{"datefirstcompromised" "string","datefirstseen" "string","datelastcompromised" "string","datelastseen" "string","displayoptions" {},"evaluation" {},"eventcount" 123,"events" \[],"id" "12345678 1234 1234 1234 123456789abc","login" "string","malware" \[],"parsedlogin" {},"password" "string","port" 123,"sequpdate" 123}],"count" 123} get bank card group retrieve grouped data on compromised bank cards from various sources as collected by group ib intelligence endpoint url /api/v2/compromised/bank card group/updated method get input argument name type required description parameters sequpdate number optional parameters for the get bank card group action parameters limit number optional parameters for the get bank card group action parameters apply hunting rules number optional parameters for the get bank card group action input example {"parameters" {"sequpdate" 0,"limit" 10,"apply hunting rules" 1}} output parameter type description status code number http status code of the response reason string response reason phrase items array output field items items basename string name of the resource items cardinfo object output field items cardinfo items cardinfo bin array output field items cardinfo bin items cardinfo issuer object output field items cardinfo issuer items cardinfo issuer countrycode string output field items cardinfo issuer countrycode items cardinfo issuer countryname string name of the resource items cardinfo issuer issuer string output field items cardinfo issuer issuer items cardinfo number string output field items cardinfo number items cardinfo system string output field items cardinfo system items cardinfo type string type of the resource items datefirstcompromised string output field items datefirstcompromised items datefirstseen string output field items datefirstseen items datelastcompromised string output field items datelastcompromised items datelastseen string output field items datelastseen items displayoptions object output field items displayoptions items evaluation object output field items evaluation items evaluation admiraltycode string output field items evaluation admiraltycode items evaluation credibility number output field items evaluation credibility items evaluation reliability number output field items evaluation reliability items evaluation severity string output field items evaluation severity items evaluation tlp string output field items evaluation tlp items evaluation ttl number output field items evaluation ttl output example {"items" \[{"basename" "example name","cardinfo" {},"datefirstcompromised" "string","datefirstseen" "string","datelastcompromised" "string","datelastseen" "string","displayoptions" {},"evaluation" {},"eventcount" 123,"events" \[],"id" "12345678 1234 1234 1234 123456789abc","malware" \[],"sequpdate" 123,"servicecode" "string","source" \[]}],"count" 123} get breached obtain a list of breached items from group ib intelligence, offering insights into compromised data endpoint url /api/v2/compromised/breached method get input argument name type required description parameters q string optional search query parameters df string optional date from parameters dt string optional date to parameters limit number optional limit the number of results parameters resultid string optional result id is to get the next data chunk parameters apply hunting rules number optional parameters for the get breached action input example {"parameters" {"q" "test","df" "2019 08 20t14 15 22z","dt" "2019 08 24t14 15 22z","limit" 10,"resultid" "1234567890","apply hunting rules" 1}} output parameter type description status code number http status code of the response reason string response reason phrase resultid string unique identifier items array output field items items addinfo object output field items addinfo items email array output field items email items evaluation object output field items evaluation items evaluation admiraltycode string output field items evaluation admiraltycode items evaluation credibility number output field items evaluation credibility items evaluation reliability number output field items evaluation reliability items evaluation severity string output field items evaluation severity items evaluation tlp string output field items evaluation tlp items evaluation ttl number output field items evaluation ttl items id array unique identifier items leakname string name of the resource items password array output field items password items updatetime string time value items uploadtime string time value count number count value output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"resultid" "1234567890","items" \[{}],"count" 0}} get discord retrieve discord related threat intelligence data from group ib intelligence, with no specific input parameters needed endpoint url /api/v2/compromised/discord/updated method get input argument name type required description parameters sequpdate number optional sequence update number parameters limit number optional limit the amount of returned data for this collection parameters apply hunting rules number optional parameters for the get discord action input example {"parameters" {"sequpdate" 0,"limit" 10,"apply hunting rules" 1}} output parameter type description status code number http status code of the response reason string response reason phrase items array output field items items author object output field items author items author avatar string output field items author avatar items author discriminator string output field items author discriminator items author id string unique identifier items author name string name of the resource items channel object output field items channel items channel avatar string output field items channel avatar items channel description object output field items channel description items channel description topic string output field items channel description topic items channel id string unique identifier items channel name string name of the resource items channel parsedcounters object output field items channel parsedcounters items channel parsedcounters channels number output field items channel parsedcounters channels items channel parsedcounters domain number output field items channel parsedcounters domain items channel parsedcounters files number output field items channel parsedcounters files items channel parsedcounters ip number output field items channel parsedcounters ip items channel parsedcounters links number output field items channel parsedcounters links items channel parsedcounters media number output field items channel parsedcounters media items channel server string output field items channel server items channel serverid string unique identifier items channel stat object output field items channel stat items channel stat firstmessagedate string response message output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"items" \[{}],"count" 1}} get git repository retrieve the latest updates from a specified git repository within the group ib intelligence platform endpoint url /api/v2/osi/git repository/updated method get input argument name type required description parameters sequpdate number optional sequence update number parameters limit number optional limit the amount of returned data for this collection parameters apply hunting rules number optional parameters for the get git repository action input example {"parameters" {"sequpdate" 0,"limit" 10,"apply hunting rules" 1}} output parameter type description status code number http status code of the response reason string response reason phrase items array output field items items contributors array output field items contributors items contributors authoremail string output field items contributors authoremail items contributors authorname string name of the resource items datafound object response data items datafound property1 number response data items datafound property2 number response data items datecreated string output field items datecreated items datedetected string output field items datedetected items evaluation object output field items evaluation items evaluation admiraltycode string output field items evaluation admiraltycode items evaluation credibility number output field items evaluation credibility items evaluation reliability number output field items evaluation reliability items evaluation severity string output field items evaluation severity items evaluation tlp string output field items evaluation tlp items evaluation ttl number output field items evaluation ttl items files array output field items files items files datafound object response data items files datecreated string output field items files datecreated items files datedetected string output field items files datedetected items files evaluation object output field items files evaluation items files evaluation admiraltycode string output field items files evaluation admiraltycode items files evaluation credibility number output field items files evaluation credibility output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"items" \[{}],"count" 1}} get ioc common list retrieve a list of common indicators of compromise (iocs) from group ib intelligence endpoint url api/v2/ioc/common method get input argument name type required description parameters q string optional parameters for the get ioc common list action parameters df string optional parameters for the get ioc common list action parameters dt string optional parameters for the get ioc common list action parameters resultid string optional parameters for the get ioc common list action input example {"parameters" {"q" "string","df" "string","dt" "string","resultid" "string"}} output parameter type description status code number http status code of the response reason string response reason phrase resultid string unique identifier items array output field items items threatactorlist array output field items threatactorlist items threatactorlist id string unique identifier items threatactorlist isapt boolean output field items threatactorlist isapt items threatactorlist name string name of the resource items datefirstseen string output field items datefirstseen items datelastseen string output field items datelastseen items domain string output field items domain items hash array output field items hash items id string unique identifier items ip array output field items ip items malwarelist array output field items malwarelist items malwarelist category array output field items malwarelist category items malwarelist class string output field items malwarelist class items malwarelist id string unique identifier items malwarelist name string name of the resource items malwarelist platform array output field items malwarelist platform items malwarelist stixguid string unique identifier items malwarelist threatlevel string output field items malwarelist threatlevel items sequpdate number date value items sources object output field items sources items sources additionalprop1 object output field items sources additionalprop1 output example {"status code" 200,"response headers" {"allow" "get","cache control" "no cache, private","content encoding" "gzip","content security policy" "frame ancestors 'self';","content type" "application/json","date" "fri, 29 sep 2023 06 22 29 gmt","feature policy" "camera 'none';microphone 'none';geolocation 'none';encrypted media 'none';paymen ","permissions policy" "camera=(),microphone=(),geolocation=(),encrypted media=(),payment=(),speaker=(), ","referrer policy" "strict origin when cross origin get masked card retrieves details on compromised masked cards from various sources within group ib intelligence endpoint url /api/v2/compromised/masked card/updated method get input argument name type required description parameters sequpdate number optional parameters for the get masked card action parameters limit number optional parameters for the get masked card action parameters apply hunting rules number optional parameters for the get masked card action input example {"parameters" {"sequpdate" 0,"limit" 10,"apply hunting rules" 1}} output parameter type description status code number http status code of the response reason string response reason phrase items array output field items items basename string name of the resource items cardinfo object output field items cardinfo items cardinfo cvv string output field items cardinfo cvv items cardinfo dump string output field items cardinfo dump items cardinfo issuer object output field items cardinfo issuer items cardinfo issuer countrycode string output field items cardinfo issuer countrycode items cardinfo issuer countryname string name of the resource items cardinfo issuer issuer string output field items cardinfo issuer issuer items cardinfo number string output field items cardinfo number items cardinfo pin string output field items cardinfo pin items cardinfo system string output field items cardinfo system items cardinfo type string type of the resource items cardinfo validthru string unique identifier items client object output field items client items client ipv4 object output field items client ipv4 items client ipv4 asn string output field items client ipv4 asn items client ipv4 city string output field items client ipv4 city items client ipv4 countrycode string output field items client ipv4 countrycode items client ipv4 countryname string name of the resource items client ipv4 ip string output field items client ipv4 ip items client ipv4 provider string unique identifier items client ipv4 region string output field items client ipv4 region output example {"items" \[{"basename" "example name","cardinfo" {},"client" {},"cnc" {},"datecompromised" "string","datedetected" "string","evaluation" {},"externalid" "string","id" "12345678 1234 1234 1234 123456789abc","malware" {},"oldid" "string","owner" {},"price" {},"sequpdate" 123,"servicecode" "string"}],"count" 123} get messenger retrieve messenger related intelligence, including account details and associated data from group ib intelligence endpoint url /api/v2/compromised/messenger/updated method get input argument name type required description parameters sequpdate number optional sequence update number parameters limit number optional limit the amount of returned data for this collection parameters apply hunting rules number optional parameters for the get messenger action input example {"parameters" {"sequpdate" 0,"limit" 10,"apply hunting rules" 1}} output parameter type description status code number http status code of the response reason string response reason phrase items array output field items items author object output field items author items author id string unique identifier items author username string name of the resource items chatstat object output field items chatstat items chatstat avatar object output field items chatstat avatar items chatstat avatar detected string output field items chatstat avatar detected items chatstat avatar hash string output field items chatstat avatar hash items chatstat avatar id string unique identifier items chatstat firstmessagets string response message items chatstat id number unique identifier items chatstat lastmessagets string response message items chatstat messagenum number response message items chatstat name string name of the resource items chatstat title string output field items chatstat title items chatstat type string type of the resource items chatstat usernum number output field items chatstat usernum items edits object output field items edits items highlight array output field items highlight items id string unique identifier items isreply boolean output field items isreply items lasteditts string output field items lasteditts items message string response message output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"items" \[{}],"count" 1}} get phishing retrieve detailed phishing campaign data from group ib intelligence, including threat actor details and attack vectors endpoint url api/v2/attacks/phishing method get input argument name type required description parameters q string optional parameters for the get phishing action parameters df string optional parameters for the get phishing action parameters dt string optional parameters for the get phishing action parameters resultid string optional parameters for the get phishing action input example {"parameters" {"q" "string","df" "string","dt" "string","resultid" "string"}} output parameter type description status code number http status code of the response reason string response reason phrase resultid string unique identifier count number count value items array output field items items file name string name of the resource items file string output field items file output example {"status code" 200,"response headers" {"allow" "get","cache control" "max age=0, must revalidate, private","content encoding" "gzip","content security policy" "frame ancestors 'self';","content type" "application/json","date" "fri, 29 sep 2023 03 57 56 gmt","expires" "fri, 29 sep 2023 03 57 56 gmt","feature policy" "camera 'none';microphone 'none';geolocation 'none';encrypted media 'none';paymen ","permissions policy" "camera=(),microphone=(),geolocation=(),encrypted media=(),payment=(),speake get phishing kit retrieve detailed information about phishing kits from group ib intelligence for analysis and threat response endpoint url api/v2/attacks/phishing kit method get input argument name type required description parameters q string optional parameters for the get phishing kit action parameters df string optional parameters for the get phishing kit action parameters dt string optional parameters for the get phishing kit action parameters resultid string optional parameters for the get phishing kit action input example {"parameters" {"q" "string","df" "string","dt" "string","resultid" "string"}} output parameter type description status code number http status code of the response reason string response reason phrase resultid string unique identifier count number count value items array output field items items datedetected string output field items datedetected items datefirstseen string output field items datefirstseen items datelastseen string output field items datelastseen items downloadedfrom array output field items downloadedfrom items downloadedfrom date string date value items downloadedfrom url string url endpoint for the request items downloadedfrom domain string output field items downloadedfrom domain items downloadedfrom filename object name of the resource items emails array output field items emails items evaluation object output field items evaluation items evaluation admiraltycode string output field items evaluation admiraltycode items evaluation credibility number output field items evaluation credibility items evaluation reliability number output field items evaluation reliability items evaluation severity string output field items evaluation severity items evaluation tlp string output field items evaluation tlp items evaluation ttl number output field items evaluation ttl items hash string output field items hash items id string unique identifier items isfavourite boolean output field items isfavourite items ishidden boolean unique identifier output example {"resultid" "string","count" 123,"items" \[{"datedetected" "string","datefirstseen" "string","datelastseen" "string","downloadedfrom" \[],"emails" \[],"evaluation" {},"hash" "string","id" "12345678 1234 1234 1234 123456789abc","isfavourite"\ true,"ishidden"\ true,"oldid" "string","path" "string","portallink" "string","sequpdate" 123,"targetbrand" \[]}]} get public leak retrieve details and metadata of a public data leak from group ib intelligence endpoint url /api/v2/osi/public leak/updated method get input argument name type required description parameters sequpdate number optional sequence update number parameters limit number optional limit the amount of returned data for this collection parameters apply hunting rules number optional parameters for the get public leak action input example {"parameters" {"sequpdate" 0,"limit" 10,"apply hunting rules" 1}} output parameter type description status code number http status code of the response reason string response reason phrase items array output field items items bind array output field items bind items bind id string unique identifier items bind key string output field items bind key items bind rulevalue string value for the parameter items bind type string type of the resource items created string output field items created items data string response data items displayoptions object output field items displayoptions items evaluation object output field items evaluation items evaluation admiraltycode string output field items evaluation admiraltycode items evaluation credibility number output field items evaluation credibility items evaluation reliability number output field items evaluation reliability items evaluation severity string output field items evaluation severity items evaluation tlp string output field items evaluation tlp items evaluation ttl number output field items evaluation ttl items hash string output field items hash items id string unique identifier items language string output field items language items linklist array output field items linklist items linklist author string output field items linklist author items linklist datedetected string output field items linklist datedetected items linklist datepublished string output field items linklist datepublished output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"items" \[{}],"count" 1}} get reaper retrieve messages from the reaper collection in group ib intelligence, encompassing closed forum communications for cybercriminal attack planning endpoint url /api/v2/compromised/reaper method get input argument name type required description parameters q string optional search query parameters df string optional date from parameters dt string optional date to parameters limit number optional limit the number of results parameters resultid string optional result id is to get the next data chunk parameters apply hunting rules number optional parameters for the get reaper action input example {"parameters" {"q" "test","df" "2019 08 20t14 15 22z","dt" "2019 08 24t14 15 22z","limit" 10,"resultid" "1234567890","apply hunting rules" 1}} output parameter type description status code number http status code of the response reason string response reason phrase resultid string unique identifier items array output field items items id string unique identifier items topic string output field items topic items topichash string output field items topichash items message string response message items message hash string response message items lang object output field items lang items lang detected string output field items lang detected items lang confidence number unique identifier items message lang object response message items message lang detected string response message items message lang confidence number unique identifier items message len number response message items datetime string time value items last post string output field items last post items first post boolean output field items first post items forum string output field items forum items domain string output field items domain items url string url endpoint for the request items nickname string name of the resource items nicknameurl string url endpoint for the request items uploadtime string time value output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"resultid" "res 7fa921bc","items" \[{}],"count" 1}} get updated items apt threat retrieve the latest apt threat intelligence updates from group ib intelligence endpoint url api/v2/apt/threat/updated method get input argument name type required description parameters limit number optional parameters for the get updated items apt threat action input example {"parameters" {"limit" 25}} output parameter type description status code number http status code of the response reason string response reason phrase items array output field items items contacts array output field items contacts items contacts account string count value items contacts flag string output field items contacts flag items contacts service string output field items contacts service items contacts type string type of the resource items countries string output field items countries items createdat string output field items createdat items cvelist array output field items cvelist items cvelist name string name of the resource items datefirstseen string output field items datefirstseen items datelastseen string output field items datelastseen items datepublished string output field items datepublished items description string output field items description items displayoptions object output field items displayoptions items evaluation object output field items evaluation items evaluation admiraltycode string output field items evaluation admiraltycode items evaluation credibility number output field items evaluation credibility items evaluation reliability number output field items evaluation reliability items evaluation severity string output field items evaluation severity items evaluation tlp string output field items evaluation tlp items evaluation ttl number output field items evaluation ttl items expertise array output field items expertise output example {"status code" 200,"response headers" {"cache control" "no cache, private","content encoding" "gzip","content security policy" "frame ancestors 'self';","content type" "application/json","date" "tue, 09 jan 2024 09 06 07 gmt","feature policy" "camera 'none';microphone 'none';geolocation 'none';encrypted media 'none';paymen ","permissions policy" "camera=(),microphone=(),geolocation=(),encrypted media=(),payment=(),speaker=(), ","referrer policy" "strict origin when cross origin","server" "is get updated items ioccommon retrieve the latest updates for ioccommon items from group ib intelligence, ensuring current threat intelligence endpoint url api/v2/ioc/common/updated method get input argument name type required description parameters sequpdate number optional parameters for the get updated items ioccommon action parameters limit number optional parameters for the get updated items ioccommon action input example {"parameters" {"sequpdate" 1,"limit" 25}} output parameter type description status code number http status code of the response reason string response reason phrase items array output field items items threatactorlist array output field items threatactorlist items threatactorlist id string unique identifier items threatactorlist isapt boolean output field items threatactorlist isapt items threatactorlist name string name of the resource items datefirstseen string output field items datefirstseen items datelastseen string output field items datelastseen items domain string output field items domain items hash array output field items hash items id string unique identifier items ip array output field items ip items malwarelist array output field items malwarelist items malwarelist category array output field items malwarelist category items malwarelist class string output field items malwarelist class items malwarelist id string unique identifier items malwarelist name string name of the resource items malwarelist platform array output field items malwarelist platform items malwarelist stixguid string unique identifier items malwarelist threatlevel string output field items malwarelist threatlevel items sequpdate number date value items sources object output field items sources items threatlist array output field items threatlist items threatlist name string name of the resource output example {"status code" 200,"response headers" {"cache control" "no cache, private","content encoding" "gzip","content security policy" "frame ancestors 'self';","content type" "application/json","date" "tue, 09 jan 2024 09 06 07 gmt","feature policy" "camera 'none';microphone 'none';geolocation 'none';encrypted media 'none';paymen ","permissions policy" "camera=(),microphone=(),geolocation=(),encrypted media=(),payment=(),speaker=(), ","referrer policy" "strict origin when cross origin","server" "is search api retrieve search results from group ib intelligence using specified query parameters endpoint url api/v2/search method get input argument name type required description parameters q string optional parameters for the search api action parameters lang string optional parameters for the search api action input example {"parameters" {"q" "","lang" ""}} output parameter type description status code number http status code of the response reason string response reason phrase output example {"status code" 200,"response headers" {"cache control" "no cache, private","content encoding" "gzip","content security policy" "frame ancestors 'self';","content type" "application/json","date" "tue, 09 jan 2024 09 06 07 gmt","feature policy" "camera 'none';microphone 'none';geolocation 'none';encrypted media 'none';paymen ","permissions policy" "camera=(),microphone=(),geolocation=(),encrypted media=(),payment=(),speaker=(), ","referrer policy" "strict origin when cross origin","server" "is response headers header description example allow http response header allow get cache control directives for caching mechanisms max age=0, must revalidate, private content encoding http response header content encoding gzip content security policy http response header content security policy frame ancestors 'self'; content type the media type of the resource application/json date the date and time at which the message was originated fri, 29 sep 2023 03 57 56 gmt expires the date/time after which the response is considered stale fri, 29 sep 2023 03 57 56 gmt feature policy http response header feature policy camera 'none';microphone 'none';geolocation 'none';encrypted media 'none';payment 'none';speaker 'none';usb 'none'; permissions policy http response header permissions policy camera=(),microphone=(),geolocation=(),encrypted media=(),payment=(),speaker=(),usb=(), referrer policy http response header referrer policy strict origin when cross origin server information about the software used by the origin server istio envoy strict transport security http response header strict transport security max age=31536000; includesubdomains transfer encoding http response header transfer encoding chunked vary http response header vary accept encoding x content type options http response header x content type options nosniff x dns prefetch control http response header x dns prefetch control off x download options http response header x download options noopen x frame options http response header x frame options sameorigin x xss protection http response header x xss protection 1; mode=block