urlscan.io logo urlscan.io
SecurityTrails logo

www.group-ib.com Open in urlscan Pro
178.248.235.63  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://lnkd.in/dYN7v_M
Effective URL: https://www.group-ib.com/media/gib-report-2020/
Submission: On November 25 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 8 countries across 20 domains to perform 105 HTTP transactions. The main IP is 178.248.235.63, located in Russian Federation and belongs to QRATOR, RU. The main domain is www.group-ib.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 28th 2020. Valid for: 9 months.
This is the only time www.group-ib.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 108.174.10.10 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
15 178.248.235.63 197068 (QRATOR)
3 87.240.190.78 47541 (VKONTAKTE...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
9 2606:2800:234... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f01... 32934 (FACEBOOK)
5 104.16.94.80 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:eb:... 20940 (AKAMAI-ASN1)
2 104.109.95.62 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:134... 15133 (EDGECAST)
3 7 2a02:6b8::1:119 13238 (YANDEX)
1 2a05:f500:11:... 14413 (LINKEDIN)
30 2606:2800:134... 15133 (EDGECAST)
6 2606:2800:233... 15133 (EDGECAST)
7 2a03:2880:f11... 32934 (FACEBOOK)
1 134.213.193.62 15395 (RACKSPACE...)
1 185.17.9.182 49505 (SELECTEL)
3 185.17.9.175 49505 (SELECTEL)
2 2606:2800:233... 15133 (EDGECAST)
1 1 104.244.42.200 13414 (TWITTER)
105 25
1    108.174.10.10 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-10.fwd.linkedin.com
lnkd.in
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
15    178.248.235.63 (Russian Federation)

ASN197068 (QRATOR, RU)
www.group-ib.com
3    87.240.190.78 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
PTR: srv78-190-240-87.vk.com
vk.com
1    2a02:26f0:6c00::210:ba20 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
platform.linkedin.com
9    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    104.16.94.80 (United States)

ASN13335 (CLOUDFLARENET, US)
app-lon09.marketo.com
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a02:26f0:eb:3a3::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
snap.licdn.com
2    104.109.95.62 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-95-62.deploy.static.akamaitechnologies.com
munchkin.marketo.net
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
1    2a05:f500:11:101::b93f:9005 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
30    2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)
pbs.twimg.com
6    2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)
abs.twimg.com
7    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    134.213.193.62 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)
689-lre-818.mktoresp.com
1    185.17.9.182 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)
ru.id.group-ib.com
3    185.17.9.175 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)
sbbe.group-ib.ru
2    2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)
ton.twimg.com
1    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
Domain Requested by
30 pbs.twimg.com www.group-ib.com
platform.twitter.com
15 www.group-ib.com www.group-ib.com
www.googletagmanager.com
9 platform.twitter.com www.group-ib.com
platform.twitter.com
7 www.facebook.com www.group-ib.com
connect.facebook.net
6 abs.twimg.com www.group-ib.com
platform.twitter.com
5 mc.yandex.ru 2 redirects www.group-ib.com
5 app-lon09.marketo.com www.group-ib.com
app-lon09.marketo.com
5 connect.facebook.net www.group-ib.com
connect.facebook.net
3 sbbe.group-ib.ru www.group-ib.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.group-ib.com
3 vk.com www.group-ib.com
vk.com
2 ton.twimg.com platform.twitter.com
2 mc.yandex.com 1 redirects www.group-ib.com
2 munchkin.marketo.net www.group-ib.com
munchkin.marketo.net
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
1 syndication.twitter.com 1 redirects
1 ru.id.group-ib.com www.group-ib.com
1 689-lre-818.mktoresp.com www.group-ib.com
1 px.ads.linkedin.com www.group-ib.com
1 cdn.syndication.twimg.com platform.twitter.com
1 www.google.de www.group-ib.com
1 www.google.com www.group-ib.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com www.group-ib.com
1 platform.linkedin.com www.group-ib.com
1 www.linkedin.com 1 redirects
1 lnkd.in 1 redirects
105 27
Subject Issuer Validity Valid
group-ib.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-28 -
2021-06-17		 9 months crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-09 -
2022-06-10		 2 years crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-07-03 -
2022-07-08		 2 years crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-11-02 -
2021-01-30		 3 months crt.sh
app-lon09.marketo.com
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA		 2020-03-14 -
2021-04-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2020-09-29 -
2021-03-11		 5 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-08-05 -
2021-02-05		 6 months crt.sh
*.mktoresp.com
DigiCert SHA2 Secure Server CA		 2020-01-17 -
2022-01-21		 2 years crt.sh
*.id.group-ib.com
Thawte RSA CA 2018		 2020-04-17 -
2021-04-17		 a year crt.sh
*.group-ib.ru
Sectigo RSA Domain Validation Secure Server CA		 2020-09-20 -
2021-05-04		 7 months crt.sh

This page contains 10 frames:

Primary Page: https://www.group-ib.com/media/gib-report-2020/
Frame ID: 5B4F72F0B55E0732E1099C9E59D59D01
Requests: 62 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.group-ib.com
Frame ID: 151208BE00248F8FB4A49B947B6B2E75
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
Frame ID: 31D9215F9244EDE9B6C4631CC2E05C7A
Requests: 1 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1331633082684887040/pcyHXMdM?format=jpg&name=600x314
Frame ID: 5A09CEACA9F6637C51D8D1F8FB8809AB
Requests: 45 HTTP requests in this frame

Frame: https://ru.id.group-ib.com/id.html
Frame ID: B56CEEB4C17E66848AD071291C807DC2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3546882da90278%26domain%3Dwww.group-ib.com%26origin%3Dhttps%253A%252F%252Fwww.group-ib.com%252Ff17662abfbcd458%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&layout=button_count&locale=ru_RU&sdk=joey&share=false&show_faces=true
Frame ID: CAC28240BE89ACF4A545421CBE8C2E7B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: CB781D2DCFAF77D0178CBD4991AC6976
Requests: 1 HTTP requests in this frame

Frame: https://app-lon09.marketo.com/index.php/form/XDFrame
Frame ID: 50D62454D66848DB100FBBCAA9401C77
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 624C570B3BBCB5B719F7883332466A46
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 49F70F8278B2A74FB7C3AA753C751D91
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://lnkd.in/dYN7v_M HTTP 301
    https://www.linkedin.com/slink?code=dYN7v_M HTTP 301
    https://www.group-ib.com/media/gib-report-2020/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

105
Requests

100 %
HTTPS

67 %
IPv6

20
Domains

27
Subdomains

25
IPs

8
Countries

2510 kB
Transfer

5437 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lnkd.in/dYN7v_M HTTP 301
    https://www.linkedin.com/slink?code=dYN7v_M HTTP 301
    https://www.group-ib.com/media/gib-report-2020/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A1045%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A282%3Acn%3A2%3Adp%3A0%3Als%3A0%3Ahid%3A503326654%3Az%3A60%3Ai%3A20201125181549%3Aet%3A1606324550%3Ac%3A1%3Arn%3A134301660%3Arqn%3A1%3Au%3A1606324550110852890%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1606324548447%3Ads%3A14%2C39%2C207%2C1%2C451%2C0%2C%2C465%2C3%2C%2C%2C%2C1182%3Adsn%3A13%2C40%2C206%2C1%2C451%2C0%2C%2C469%2C3%2C%2C%2C%2C1181%3Ati%3A1%3Ast%3A1606324550 HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A1045%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A282%3Acn%3A2%3Adp%3A0%3Als%3A0%3Ahid%3A503326654%3Az%3A60%3Ai%3A20201125181549%3Aet%3A1606324550%3Ac%3A1%3Arn%3A134301660%3Arqn%3A1%3Au%3A1606324550110852890%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1606324548447%3Ads%3A14%2C39%2C207%2C1%2C451%2C0%2C%2C465%2C3%2C%2C%2C%2C1182%3Adsn%3A13%2C40%2C206%2C1%2C451%2C0%2C%2C469%2C3%2C%2C%2C%2C1181%3Ati%3A1%3Ast%3A1606324550
Request Chain 61
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9103.DbmsAwmWHm_1GPcxNJHqUVhSR2rgF7Ybmcv3VB4FdgaYGz6MhH5fcndUFCldqoJD.VaA2m6nPd08IUG8-iukgBUwxed0%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9103.MboLGD57FLluLGi9WE6If1gaEV8U4Ii6WVQ-eLRUVpj8FWFcqMVxK6paKgp3BMbdDaBzg1fRGJPSxID5k9Mb1_87dc-KIkuKufXqm7oa5Wc%2C.hV_BOfdarUqhW_pjLHcfUi5E8lk%2C
Request Chain 113
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html

105 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.group-ib.com/media/gib-report-2020/
Redirect Chain
  • https://lnkd.in/dYN7v_M
  • https://www.linkedin.com/slink?code=dYN7v_M
  • https://www.group-ib.com/media/gib-report-2020/
46 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/media/gib-report-2020/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
b8604bd5c7e49a84eed6c9fab81f966e85556c8eaf806005bce35d84cc8de640
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Host
www.group-ib.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
QRATOR
Date
Wed, 25 Nov 2020 17:15:49 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Link
<https://www.group-ib.com/media/wp-json/>; rel="https://api.w.org/" <https://www.group-ib.com/media/?p=6807>; rel=shortlink
Pragma
no-cache
Set-Cookie
PHPSESSID=4hnn8lal4jjhrr1r2ajrrkad87; path=/
Strict-Transport-Security
max-age=15724800; includeSubDomains

Redirect headers

cache-control
no-cache, no-store
pragma
no-cache
content-encoding
gzip
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://www.group-ib.com/media/gib-report-2020/
vary
Accept-Encoding
set-cookie
bcookie="v=2&bb041499-5a94-4d64-889f-0006f556c7c5"; Domain=.linkedin.com; Expires=Sat, 26-Nov-2022 04:53:20 GMT; Path=/; Secure; SameSite=None bscookie="v=1&20201125171548abcb1131-9cf5-43d3-8f2d-f4553935a1b2AQEU6tVRZJYl9Dhbkij6jGwNDLLZDb3H"; Domain=.www.linkedin.com; Expires=Sat, 26-Nov-2022 04:53:20 GMT; Path=/; HttpOnly; Secure; SameSite=None lissc=1; Domain=.linkedin.com; Expires=Thu, 25-Nov-2021 17:15:48 GMT; Path=/; Secure; SameSite=None li_gc=MTswOzE2MDYzMjQ1NDg7MjswMjHna0smkiWGoDNGc9Kk1f4KtAYsb6KhTdcz5TlhF4yKkg==; Domain=.linkedin.com; Expires=Fri, 18 Nov 2022 17:26:06 GMT; Path=/; Secure; SameSite=None lidc="b=VGST07:s=V:r=V:g=1947:u=1:i=1606324548:t=1606410948:v=1:sig=AQGC4iiTKrQG9P9mzkf-et-pCpoZrk8n"; Expires=Thu, 26 Nov 2020 17:15:48 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-xss-protection
1; mode=block
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-frame-options
sameorigin
x-content-type-options
nosniff
strict-transport-security
max-age=2592000
x-li-fabric
prod-lva1
x-li-pop
afd-prod-lva1
x-li-proto
http/2
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-uuid
zNmQnqrPShaAjMvgpCsAAA==
x-msedge-ref
Ref A: CD1D2F4494AE485488D4428852CE66B6 Ref B: FRAEDGE1312 Ref C: 2020-11-25T17:15:48Z
date
Wed, 25 Nov 2020 17:15:48 GMT
share.js
vk.com/js/api/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/share.js?93
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv78-190-240-87.vk.com
Software
kittenx /
Resource Hash
0b28a2aa8ae2cc469fc77cde60ed83fd6176df58e4d15558e5dbbf690e8dedd8

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:49 GMT
content-encoding
gzip
x-frontend
front213210
last-modified
Tue, 22 Sep 2020 20:30:00 GMT
server
kittenx
etag
"5f6a5ec8-dce"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
3534
expires
Sun, 29 Nov 2020 17:15:49 GMT
all-e0df8e6d.css
www.group-ib.com/stylesheets/ 		1 MB
206 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/stylesheets/all-e0df8e6d.css?ver=4.7.6
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
cc2d91f3eaa2c1037b18d840715213dbb5104b015b8f9c04f0189358d12d3622
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Nov 2020 20:53:58 GMT
Server
QRATOR
Etag
W/"5fb2e6e6-11fe0b"
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/css
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15724800; includeSubDomains
Keep-Alive
timeout=15
Expires
Wed, 02 Dec 2020 17:15:49 GMT
style.css
www.group-ib.com/media/wp-content/themes/gib/ 		899 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/media/wp-content/themes/gib/style.css?ver=4.7.6
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
95e20d6a24cc4fcf6e88ce4d1bea86310f2716a0192c6b143ae5657a3fcaa886
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:49 GMT
Vary
Accept-Encoding
Last-Modified
Mon, 15 Apr 2019 12:35:22 GMT
Server
QRATOR
Etag
"5cb47a8a-383"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
899
Expires
Wed, 02 Dec 2020 17:15:49 GMT
jquery-96f076a3.js
www.group-ib.com/javascripts/ 		85 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/javascripts/jquery-96f076a3.js?ver=4.7.6
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
fe9a7ca1e475140e6b37fbc86a5efcd3251be4348137aa07231bd91ee8678b7c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Aug 2020 21:45:03 GMT
Server
QRATOR
Etag
W/"5f3afa5f-1550b"
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15724800; includeSubDomains
Keep-Alive
timeout=15
Expires
Wed, 02 Dec 2020 17:15:49 GMT
jquery-migrate.min.js
www.group-ib.com/media/wp-includes/js/jquery/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/media/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Feb 2017 18:11:26 GMT
Server
QRATOR
Etag
W/"5898bc4e-2748"
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15724800; includeSubDomains
Keep-Alive
timeout=15
Expires
Wed, 02 Dec 2020 17:15:49 GMT
picturefill.min.js
www.group-ib.com/media/wp-content/plugins/wp-retina-2x/js/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/media/wp-content/plugins/wp-retina-2x/js/picturefill.min.js?ver=3.0.1
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
028adedcb988349acdd0154c1db43e1ed2f1ee23271c887ff2f93c4312b78fb2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Sep 2016 16:53:59 GMT
Server
QRATOR
Etag
W/"57e55e27-2c89"
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15724800; includeSubDomains
Keep-Alive
timeout=15
Expires
Wed, 02 Dec 2020 17:15:49 GMT
in.js
platform.linkedin.com/ 		181 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin.com/in.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Play /
Resource Hash
2c666864babd01234e141cf63de6d7144ab88d53652d619869ec3a6adbc6fae8

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:49 GMT
Content-Encoding
gzip
NEL
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-CDN
AKAM
Connection
keep-alive
Content-Length
55604
X-LI-UUID
t3WjCjbPShYQPoxiZSsAAA==
Server
Play
X-Li-Pop
prod-ech2
X-CDN-CLIENT-IP-VERSION
IPV6
Vary
Accept-Encoding
Report-To
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
Content-Type
text/javascript; charset=UTF-8
Cache-Control
public, max-age=3600
X-LI-Proto
http/1.1
X-Li-Fabric
prod-lva1
Expires
Wed, 25 Nov 2020 18:07:28 GMT
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40E9) /
Resource Hash
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:49 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
1036
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length
28698
x-tw-cdn
VZ
Last-Modified
Thu, 01 Oct 2020 21:52:09 GMT
Server
ECS (fcn/40E9)
Etag
"a671d4d584ef50954e5cebb21da17065+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
all-3e59e9cb.js
www.group-ib.com/javascripts/ 		196 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/javascripts/all-3e59e9cb.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
eded72ddc3199149be1270f20297765a9a5f6071eac65a0c86d947035ba4e7ea
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 May 2020 11:44:17 GMT
Server
QRATOR
Etag
W/"5eb3f491-3117b"
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15724800; includeSubDomains
Keep-Alive
timeout=15
Expires
Wed, 02 Dec 2020 17:15:49 GMT
gtm.js
www.googletagmanager.com/ 		152 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PW7265
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a7aa4cbfba80df455a6273f3f7ebcaa904f904640ef4f1d757c45c7bb12032ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51011
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 25 Nov 2020 17:15:49 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7c2c4c206afbf58c99d00b6ae13ade4da48ffda9ca822200bcdc92a61ef455d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
dw2W91RUNN2GInSW5OLE5w==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
etag
"d2c99db33979302c8485c3acda87828e"
x-fb-debug
7Yl9kEKoUWKg43UGQw0nbAXY6wqCQMf2WBt36FBi3oWzVTpP7rCd1pd98A7RFj1k4lsrLwqTcxywKR1e1NcN1g==
x-fb-trip-id
664085054
x-fb-content-md5
e0051c399305d75671d9c9f2128d4aba
x-frame-options
DENY
date
Wed, 25 Nov 2020 17:15:49 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 25 Nov 2020 17:33:44 GMT
icons.svg
www.group-ib.com/images/ 		387 KB
140 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/images/icons.svg
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
4b9de56ce2f53cfb77829e17f6b7e3b1a27d3ca089cff5c34646ab69eab10aa3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Nov 2020 09:59:37 GMT
Server
QRATOR
Etag
W/"5fbe2b09-60cb4"
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
image/svg+xml
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15724800; includeSubDomains
Keep-Alive
timeout=15
Expires
Wed, 02 Dec 2020 17:15:49 GMT
truncated
/ 		121 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ee338bd03594461a939b661840e43fec02d7345e19e3ad12509c06ba37ad355

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
163cfcbd5a50639aa755d8eabd17f5d736f0d8d5a51989bd0540a05012427c9d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
main-cover126.jpg
www.group-ib.com/images/covers/ 		219 KB
220 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.group-ib.com/images/covers/main-cover126.jpg
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
9b459480e76b0d675482760b3d9534e849ff58dca908849165a7d8595ad73622
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:49 GMT
Last-Modified
Wed, 25 Nov 2020 14:45:15 GMT
Server
QRATOR
Etag
"5fbe6dfb-36d5a"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
224602
Expires
Wed, 02 Dec 2020 17:15:49 GMT
truncated
/ 		143 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad457d24d3f2048db9c3a15f3f6c129529e4d354c2325b09ad3d8ef5b4da1397

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
SFUIDisplayMedium.woff2
www.group-ib.com/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/fonts/SFUIDisplayMedium.woff2
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
14b2afcf8da0215e557f8695dd0ffeb7af71aea988af0e528e3b0715a907e39b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Origin
https://www.group-ib.com
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:49 GMT
Last-Modified
Mon, 08 Feb 2016 09:30:02 GMT
Server
QRATOR
Etag
"56b8601a-bf44"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/octet-stream
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
48964
Expires
Thu, 25 Nov 2021 17:15:49 GMT
SFUIDisplayLight.woff2
www.group-ib.com/fonts/ 		48 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/fonts/SFUIDisplayLight.woff2
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
68b344470a99a316db16a9e3a89db1a8ec1c5d99162a1dc96f3033241db3d106
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Origin
https://www.group-ib.com
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:49 GMT
Last-Modified
Mon, 08 Feb 2016 09:30:02 GMT
Server
QRATOR
Etag
"56b8601a-c090"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/octet-stream
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
49296
Expires
Thu, 25 Nov 2021 17:15:49 GMT
HelveticaNeueLTW1GLt.woff2
www.group-ib.com/fonts/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/fonts/HelveticaNeueLTW1GLt.woff2
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
396c8d58f2858e194e9d4c4a7fbab20e0017aa3576b2cc93d3beb31ebb0974df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Origin
https://www.group-ib.com
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:49 GMT
Last-Modified
Mon, 08 Feb 2016 09:30:01 GMT
Server
QRATOR
Etag
"56b86019-6938"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/octet-stream
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
26936
Expires
Thu, 25 Nov 2021 17:15:49 GMT
SFUIDisplayThin.woff2
www.group-ib.com/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/fonts/SFUIDisplayThin.woff2
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
a59ad2854b743e12bb04283571254154fecdc226b97b65662670768af88a7491
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Origin
https://www.group-ib.com
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:49 GMT
Last-Modified
Mon, 08 Feb 2016 09:30:03 GMT
Server
QRATOR
Etag
"56b8601b-c040"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/octet-stream
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
49216
Expires
Thu, 25 Nov 2021 17:15:49 GMT
share.php
vk.com/ 		21 B
436 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/share.php?act=count&index=0&url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F
Requested by
Host: vk.com
URL: https://vk.com/js/api/share.js?93
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv78-190-240-87.vk.com
Software
kittenx / KPHP/7.4.105023
Resource Hash
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:49 GMT
content-encoding
gzip
x-frontend
front213210
server
kittenx
x-powered-by
KPHP/7.4.105023
strict-transport-security
max-age=15768000
content-type
text/html; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
41
like_widget.png
vk.com/images/icons/ 		538 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/images/icons/like_widget.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
srv78-190-240-87.vk.com
Software
kittenx /
Resource Hash
3795726557f64bf66677a94511e34f7d67dd58c73baef60ddb3f9a0cb8f38c1e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:49 GMT
x-frontend
front213210
last-modified
Tue, 22 Sep 2020 20:29:56 GMT
server
kittenx
etag
"5f6a5ec4-21a"
strict-transport-security
max-age=15768000
content-type
image/png
access-control-expose-headers
X-Frontend
cache-control
max-age=604800
accept-ranges
bytes
content-length
538
expires
Wed, 02 Dec 2020 17:15:49 GMT
truncated
/ 		273 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bdf008140cb9fb1f8a566f08c41e56801d474a5c4e8745073d5c32bd3b363db

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
sdk.js
connect.facebook.net/ru_RU/ 		195 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js?hash=118d9dcb5e21ba0d88956e18eb06fc69&ua=modern_es6
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/javascripts/all-3e59e9cb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2ff7a0eb41c8462ce197a2d18fca55455710b0c15bbb32d4c13ffe92c3d8b7df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.group-ib.com
Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
etPl895TgB2CSj2BttNCWQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
60159
etag
"51fc22e8d2e196538c389281946e2d3a"
x-fb-debug
vYFxr58U2DUkUXV5FtxIWoDk2dI/uGpcT3OmyNF9YVCjWnw9W/LhCorznnJ63DVShPdJHhAdsYZhz1VP0UrE9g==
x-fb-trip-id
664085054
x-fb-content-md5
69382c97ecba4c800657255cdd2d2e46
x-frame-options
DENY
date
Wed, 25 Nov 2020 17:15:49 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Thu, 18 Nov 2021 02:11:51 GMT
forms2.min.js
app-lon09.marketo.com/js/forms2/js/ 		205 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-lon09.marketo.com/js/forms2/js/forms2.min.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/javascripts/all-3e59e9cb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.94.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dde2a7cd4331f78a4b35dca9aa2e716fc3d0c83ba0f855f0812cbfae4a27a805
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
3335
strict-transport-security
max-age=63113904
cf-request-id
06a20090f00000c7915b873000000001
last-modified
Mon, 12 Oct 2020 17:13:35 GMT
server
cloudflare
etag
"d81683-33245-5b17c6b21edc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
5f7d0394bce8c791-AMS
expires
Wed, 25 Nov 2020 21:15:49 GMT
widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame 1512 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.group-ib.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40B4) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.group-ib.com/media/gib-report-2020/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.group-ib.com/media/gib-report-2020/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Age
83535
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 25 Nov 2020 17:15:49 GMT
Etag
"9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified
Thu, 01 Oct 2020 21:50:01 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40B4)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
5825
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PW7265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
5185
date
Wed, 25 Nov 2020 15:49:24 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Wed, 25 Nov 2020 17:49:24 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		965 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PW7265
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb:3a3::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Sep 2020 22:01:48 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=22912
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
448
watch.js
www.group-ib.com/javascripts/ 		116 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/javascripts/watch.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
a3d540bcf52bc00d9470eb0c36ab43c540627263bce11720ad2a6c1bb25cf8fe
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:49 GMT
Content-Encoding
gzip
Last-Modified
Sat, 21 Nov 2020 18:08:42 GMT
Server
QRATOR
Etag
W/"5fb957aa-1cf11"
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15724800; includeSubDomains
Keep-Alive
timeout=15
Expires
Wed, 02 Dec 2020 17:15:49 GMT
fbevents.js
connect.facebook.net/en_US/ 		89 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23320
x-xss-protection
0
pragma
public
x-fb-debug
XP9wAYKfr/UPfsaM52WHZ6Qwx4snkqDJJNmuBDlDgADRMD7h9hELgO1R5BhrhhyFxw23sqtaRW9HYtGrEX3hhg==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 25 Nov 2020 17:15:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
munchkin.js
munchkin.marketo.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-95-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:49 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Aug 2020 03:11:00 GMT
Server
AkamaiNetStorage
ETag
"a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
752
main_26755_76942213_449_1578.js
www.group-ib.com/ 		234 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/main_26755_76942213_449_1578.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PW7265
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
ca0e3beb032aacff54341082165a5d660ce9a87ffe5a97c731ab624783289842
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:49 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Nov 2020 15:24:35 GMT
Server
QRATOR
Etag
W/"5fa024b3-3a86b"
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15724800; includeSubDomains
Keep-Alive
timeout=15
Expires
Wed, 02 Dec 2020 17:15:49 GMT
moment~timeline~tweet.ae149926685a43cb146e35371430188e.js
platform.twitter.com/js/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/moment~timeline~tweet.ae149926685a43cb146e35371430188e.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/418E) /
Resource Hash
a22958981751f2a55d6622e5abfaa5918fb411eb01bc5d9b446c081dd7c3d18d

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Oct 2020 21:49:52 GMT
Server
ECS (fcn/418E)
Age
83537
Etag
"e124818066aeec3e87b656a0a1df57e4+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
7650
timeline.687eed636a16648c9f0b1f72d7fa68bd.js
platform.twitter.com/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/timeline.687eed636a16648c9f0b1f72d7fa68bd.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40E9) /
Resource Hash
2469ab70d8030e7579c18bf90247092020fc57e16e60a1212d591a9399bad33a

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Oct 2020 21:49:52 GMT
Server
ECS (fcn/40E9)
Age
83535
Etag
"4802138c5d5b0d168458837da333276e+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
6648
button.63c51c903061d0dbd843c41e8a00aa5a.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.63c51c903061d0dbd843c41e8a00aa5a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40E9) /
Resource Hash
e0a70c5d116d9c823c7d7958ecea2a7926315fac156e390bd7dc8a5fa088cdc3

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Oct 2020 21:49:51 GMT
Server
ECS (fcn/40E9)
Age
83536
Etag
"62d4b0301f07768d13f3ee5de8633739+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2294
collect
stats.g.doubleclick.net/j/ 		4 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-25492706-2&cid=2046068789.1606324550&jid=1058526910&gjid=185105133&_gid=753244616.1606324550&_u=YGBAgAADQAAAAE~&z=332619087
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 25 Nov 2020 17:15:49 GMT
content-type
text/plain
access-control-allow-origin
https://www.group-ib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		82 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-W6XV92M&t=gtm3&cid=2046068789.1606324550
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2c0597ede3783f1bb0e1ac2593f64146c29a97730bd491b16fb46c3d4fe61bc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:49 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33042
x-xss-protection
0
last-modified
Wed, 25 Nov 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 25 Nov 2020 17:15:49 GMT
collect
www.google-analytics.com/ 		35 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=1116218927&t=pageview&_s=1&dl=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&ul=en-us&de=UTF-8&dt=Group-IB%20reveals%20its%20cyberthreat%20forecast%20for%20the%20coming%20year%20%E2%80%93%20Global%20Cyber%20Security%20Company%20%E2%80%93%20Group-IB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAADQ~&jid=1058526910&gjid=185105133&cid=2046068789.1606324550&tid=UA-25492706-2&_gid=753244616.1606324550&gtm=2wgb41PW7265&cg1=COM%3A%20Blog%20and%20Media&cd1=2046068789.1606324550&z=1093516023
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Nov 2020 04:03:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
47527
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
2069478869985463
connect.facebook.net/signals/config/ 		238 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2069478869985463?v=2.9.29&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e5ab88bf9c41e5fb24ce3ba38f812f90007bd11eeaf77fcf2f14f162d7da6d6a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
e3RKGDjSbjug9aSa2wtqIa2WVvpyj4+vsnWnNU/fcJ2umpNSks4XZRBZIYBBXfos+fj7QmJyCDIxjg5FtLlytw==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 25 Nov 2020 17:15:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
836970913
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.beta.min.js
snap.licdn.com/li.lms-analytics/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:eb:3a3::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Sep 2020 22:01:48 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=31872
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1799
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-25492706-2&cid=2046068789.1606324550&jid=1058526910&_u=YGBAgAADQAAAAE~&z=99667258
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Nov 2020 17:15:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-25492706-2&cid=2046068789.1606324550&jid=1058526910&_u=YGBAgAADQAAAAE~&z=99667258
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Nov 2020 17:15:49 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
profile
cdn.syndication.twimg.com/timeline/ 		148 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_GroupIB_GIB_old&dnt=false&domain=www.group-ib.com&lang=en&screen_name=GroupIB_GIB&suppress_response_codes=true&t=1784805&tz=GMT%2B0100&with_replies=false
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lcy/1D42) /
Resource Hash
df15179f27436251a1cb3a432e21d9a793fee1a81ee284094634b14335068138
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23
x-cache
HIT
content-disposition
attachment; filename=jsonp.jsonp
access-control-allow-methods
GET
vary
Accept-Encoding
content-length
11802
x-xss-protection
0
x-response-time
203
last-modified
Wed, 25 Nov 2020 17:15:27 GMT
server
ECS (lcy/1D42)
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
application/javascript;charset=utf-8
expires
Wed, 25 Nov 2020 17:20:49 GMT
cache-control
must-revalidate, max-age=300
x-connection-hash
93d798754c86d83bcc64408b4744881e
accept-ranges
bytes
timing-allow-origin
*
x-transaction
00849cdb00781b81
access-contol-allow-origin
platform.twitter.com
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A1045%3...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A1045%...
35 B
141 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A1045%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A282%3Acn%3A2%3Adp%3A0%3Als%3A0%3Ahid%3A503326654%3Az%3A60%3Ai%3A20201125181549%3Aet%3A1606324550%3Ac%3A1%3Arn%3A134301660%3Arqn%3A1%3Au%3A1606324550110852890%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1606324548447%3Ads%3A14%2C39%2C207%2C1%2C451%2C0%2C%2C465%2C3%2C%2C%2C%2C1182%3Adsn%3A13%2C40%2C206%2C1%2C451%2C0%2C%2C469%2C3%2C%2C%2C%2C1181%3Ati%3A1%3Ast%3A1606324550
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
last-modified
Wed, 25-Nov-2020 17:15:50 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.group-ib.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
35
x-xss-protection
1; mode=block
expires
Wed, 25-Nov-2020 17:15:50 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Nov 2020 17:15:49 GMT
last-modified
Wed, 25-Nov-2020 17:15:49 GMT
location
/watch/3/1?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A1045%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A282%3Acn%3A2%3Adp%3A0%3Als%3A0%3Ahid%3A503326654%3Az%3A60%3Ai%3A20201125181549%3Aet%3A1606324550%3Ac%3A1%3Arn%3A134301660%3Arqn%3A1%3Au%3A1606324550110852890%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1606324548447%3Ads%3A14%2C39%2C207%2C1%2C451%2C0%2C%2C465%2C3%2C%2C%2C%2C1182%3Adsn%3A13%2C40%2C206%2C1%2C451%2C0%2C%2C469%2C3%2C%2C%2C%2C1181%3Ati%3A1%3Ast%3A1606324550
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.group-ib.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Wed, 25-Nov-2020 17:15:49 GMT
munchkin.js
munchkin.marketo.net/159/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/159/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-95-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 May 2020 02:24:14 GMT
Server
AkamaiNetStorage
ETag
"79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
4810
Expires
Fri, 05 Mar 2021 17:15:49 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:49 GMT
last-modified
Wed, 25 Nov 2020 10:41:32 GMT
etag
"5fbe2e7b-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 25 Nov 2020 18:15:49 GMT
tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
platform.twitter.com/widgets/ Frame 31D9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40E9) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.group-ib.com/media/gib-report-2020/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.group-ib.com/media/gib-report-2020/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
83536
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 25 Nov 2020 17:15:49 GMT
Etag
"076dccdedb34f3771be52190b917884e+gzip"
Last-Modified
Thu, 01 Oct 2020 21:49:58 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40E9)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12263
collect
px.ads.linkedin.com/ 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=71960&time=1606324549994&url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
0
x-li-uuid
5kqm56rPShZAHarq6CoAAA==
pcyHXMdM
pbs.twimg.com/card_img/1331633082684887040/ Frame 5A09 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331633082684887040/pcyHXMdM?format=jpg&name=600x314
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40EB) /
Resource Hash
4bdf9be793229209430b0d3aac7ecf804e8bf65e40c5e845387c63ae9073e58c
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
3171
x-cache
HIT
content-length
22388
x-response-time
153
surrogate-key
card_img card_img/bucket/9 card_img/1331633082684887040
last-modified
Wed, 25 Nov 2020 16:15:22 GMT
server
ECS (fcn/40EB)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
b55ee6c1725e63ea40100001dfc2840e
accept-ranges
bytes
33-20e3.png
abs.twimg.com/emoji/v2/72x72/ Frame 5A09 		546 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/33-20e3.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F0A) /
Resource Hash
4ed5ae53456d55cc365d347c56a9296e8fb677e9d28a489204bc206b821d553f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
9067826
x-ton-expected-size
546
x-cache
HIT
content-length
546
x-response-time
12
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:30:44 GMT
server
ECAcc (frc/8F0A)
etag
"rhyQaw3vYbRqfZmOnRB2Aw=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
9fef9e508d7181fe243fb9dcad2b7b15
accept-ranges
bytes
expires
Thu, 25 Nov 2021 17:15:50 GMT
MR-k5bw6
pbs.twimg.com/card_img/1331606359629049856/ Frame 5A09 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331606359629049856/MR-k5bw6?format=jpg&name=600x314
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40F7) /
Resource Hash
76b58d4dfb551f4b8987d5deb3b0438c7a27fae9d020b924c96db8314560aea9
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
9850
x-cache
HIT
content-length
55301
x-response-time
190
surrogate-key
card_img card_img/bucket/8 card_img/1331606359629049856
last-modified
Wed, 25 Nov 2020 14:29:10 GMT
server
ECS (fcn/40F7)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
1dbfdf3fb6e0d6ce74bc7a61f0404d03
accept-ranges
bytes
1f53d.png
abs.twimg.com/emoji/v2/72x72/ Frame 5A09 		367 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f53d.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F21) /
Resource Hash
b1a70b88b8e804f974e49f25a9a77cb06938ada16b3cb8d69721fbae77091add
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
9067820
x-ton-expected-size
367
x-cache
HIT
content-length
367
x-response-time
13
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:30:26 GMT
server
ECAcc (frc/8F21)
etag
"2K3dLw1z6lsRyi05BpUoKw=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
30148c21f6823e890b839378bc0af07c
accept-ranges
bytes
expires
Thu, 25 Nov 2021 17:15:50 GMT
HRVaYj87
pbs.twimg.com/card_img/1331504616907943944/ Frame 5A09 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331504616907943944/HRVaYj87?format=jpg&name=144x144_2
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40EB) /
Resource Hash
764cb9ee5ec87067ed22a08d0d1688546abc6eb1efc6cf816c0cdd2865371d33
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
21511
x-cache
HIT
content-length
6029
x-response-time
137
surrogate-key
card_img card_img/bucket/1 card_img/1331504616907943944
last-modified
Wed, 25 Nov 2020 07:44:53 GMT
server
ECS (fcn/40EB)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
b56a5616d824bd1709490c06f9e7ce05
accept-ranges
bytes
GsrKwD6s
pbs.twimg.com/card_img/1331600680285564928/ Frame 5A09 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331600680285564928/GsrKwD6s?format=jpg&name=280x280
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40D0) /
Resource Hash
7c3a49cd0ba5e1e990db284ef3ddeb1a7ddbda60383ae5ec58b61d8f4b69198e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
11207
x-cache
HIT
content-length
11663
x-response-time
146
surrogate-key
card_img card_img/bucket/9 card_img/1331600680285564928
last-modified
Wed, 25 Nov 2020 14:06:36 GMT
server
ECS (fcn/40D0)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
84e501036b297da910d071eadcdd0e73
accept-ranges
bytes
Os-O8ZiR
pbs.twimg.com/card_img/1331539263331078154/ Frame 5A09 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331539263331078154/Os-O8ZiR?format=png&name=144x144_2
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40FC) /
Resource Hash
7ed0024999a8771f7887d341f39d47ce56a124fe0de9c233fa749f1e137025c2
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
25675
x-cache
HIT
content-length
2696
x-response-time
132
surrogate-key
card_img card_img/bucket/6 card_img/1331539263331078154
last-modified
Wed, 25 Nov 2020 10:02:33 GMT
server
ECS (fcn/40FC)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
00e57d55fbb65bfc09279a0e13c5dfde
accept-ranges
bytes
2b07.png
abs.twimg.com/emoji/v2/72x72/ Frame 5A09 		388 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/2b07.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F53) /
Resource Hash
11fc3f4ae99586ae01aec05dcf1954dc95024f8d63776d220a3b0187873e6eb0
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
12717916
x-ton-expected-size
388
x-cache
HIT
content-length
388
x-response-time
11
surrogate-key
twitter-assets
last-modified
Thu, 16 Apr 2020 17:04:17 GMT
server
ECAcc (frc/8F53)
etag
"SALAWUsBYUywup5sSvc+YQ=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
519d9c76a258adffbd641a83d7c0abf4
accept-ranges
bytes
expires
Thu, 25 Nov 2021 17:15:50 GMT
timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ Frame 5A09 		53 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4195) /
Resource Hash
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Oct 2020 21:49:48 GMT
Server
ECS (fcn/4195)
Age
83538
Etag
"fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Content-Length
12144
timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4195) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Oct 2020 21:49:48 GMT
Server
ECS (fcn/4195)
Age
83538
Etag
"fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Content-Length
12144
545899479446758
connect.facebook.net/signals/config/ 		239 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/545899479446758?v=2.9.29&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
65579b2f0b8b8ad97c53d391e1326e506adda47662d2318218ca7ceff95f859d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
ywXjl1zCyBPKUXxvVOdK65kjvTyKdI+RkBkwv31R7+Yhr/gnz09KkuWKe3CCoz3XisfVeAqQXEn0QzVtm1WRGQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 25 Nov 2020 17:15:50 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
205006343
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2069478869985463&ev=PageView&dl=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&rl=&if=false&ts=1606324550178&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1606324550175.25513214&it=1606324549817&coo=false&rqm=GET
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 25 Nov 2020 17:15:50 GMT
visitWebPage
689-lre-818.mktoresp.com/webevents/ 		2 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://689-lre-818.mktoresp.com/webevents/visitWebPage?_mchNc=1606324550187&_mchCn=&_mchId=689-LRE-818&_mchTk=_mch-group-ib.com-1606324550186-14563&_mchHo=www.group-ib.com&_mchPo=&_mchRu=%2Fmedia%2Fgib-report-2020%2F&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/main_26755_76942213_449_1578.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.213.193.62 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 17:15:50 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Request-Id
578d69cf-65b4-4bb4-9cac-f5383fdda391
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9103.DbmsAwmWHm_1GPcxNJHqUVhSR2rgF7Ybmcv3VB4FdgaYGz6MhH5fcndUFCldqoJD.VaA2m6nPd08IUG8-iukgBUwxed0%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9103.MboLGD57FLluLGi9WE6If1gaEV8U4Ii6WVQ-eLRUVpj8FWFcqMVxK6paKgp3BMbdDaBzg1fRGJPSxID5k9Mb1_87dc-KIkuKufXqm7oa5Wc%2C.hV_BOfdarUqhW_pjLHcfUi5E8lk%2C
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9103.MboLGD57FLluLGi9WE6If1gaEV8U4Ii6WVQ-eLRUVpj8FWFcqMVxK6paKgp3BMbdDaBzg1fRGJPSxID5k9Mb1_87dc-KIkuKufXqm7oa5Wc%2C.hV_BOfdarUqhW_pjLHcfUi5E8lk%2C
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9103.MboLGD57FLluLGi9WE6If1gaEV8U4Ii6WVQ-eLRUVpj8FWFcqMVxK6paKgp3BMbdDaBzg1fRGJPSxID5k9Mb1_87dc-KIkuKufXqm7oa5Wc%2C.hV_BOfdarUqhW_pjLHcfUi5E8lk%2C
date
Wed, 25 Nov 2020 17:15:50 GMT
strict-transport-security
max-age=31536000
content-length
0
x-xss-protection
1; mode=block
Cookie set id.html
ru.id.group-ib.com/ Frame B56C 		598 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ru.id.group-ib.com/id.html
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/main_26755_76942213_449_1578.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.17.9.182 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
c1926db7e73203140d89be9a6b0f2f02dd2a65207a218b27a17e0e981603b2d7

Request headers

Host
ru.id.group-ib.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.group-ib.com/media/gib-report-2020/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bpmRef=; bpmHref=https://www.group-ib.com/media/gib-report-2020/; bpmTrackingId=9d86f587-dc87-a38f-fe05-3291eaf29ab3; _ga=GA1.2.2046068789.1606324550; _gid=GA1.2.753244616.1606324550; _dc_gtm_UA-25492706-2=1; _ym_uid=1606324550110852890; _ym_d=1606324550; _fbp=fb.1.1606324550175.25513214; _mkto_trk=id:689-LRE-818&token:_mch-group-ib.com-1606324550186-14563; _ym_isad=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.group-ib.com/media/gib-report-2020/

Response headers

Server
nginx
Date
Wed, 25 Nov 2020 17:15:50 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-cache
Etag
W/"ApqLFHNb9HH+-Tclb6LJkmB8GBeNfwEW2rr5PqnpfzwFcOxFfeaJb+edIhSwHVEMAv-4iUqKwrCgq5rlxm8XG01fp4GlJyZNwgpkoJxxtIgZUlWB8slbNfTchJ2M"
Set-Cookie
gcfids=ApqLFHNb9HH+-Tclb6LJkmB8GBeNfwEW2rr5PqnpfzwFcOxFfeaJb+edIhSwHVEMAv-4iUqKwrCgq5rlxm8XG01fp4GlJyZNwgpkoJxxtIgZUlWB8slbNfTchJ2M; Path=/; Domain=id.group-ib.com; Expires=Thu, 25 Nov 2021 17:15:50 GMT; Secure; SameSite=None
Content-Encoding
gzip
getForm
app-lon09.marketo.com/index.php/form/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-lon09.marketo.com/index.php/form/getForm?munchkinId=689-LRE-818&form=1673&url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&callback=jQuery112405112094398918721_1606324550022&_=1606324550023
Requested by
Host: app-lon09.marketo.com
URL: https://app-lon09.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.94.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08e7c12dfc137c65fdf4d5026095f8dae7f4fc17087c91496987d89096275e29
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cached
false
strict-transport-security
max-age=63113904
cf-ray
5f7d0396fa70c791-AMS
cf-request-id
06a20092600000c7918f3b1000000001
idgib-w-group-ib
sbbe.group-ib.ru/api/fl/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://sbbe.group-ib.ru/api/fl/idgib-w-group-ib
Protocol
HTTP/1.1
Server
185.17.9.175 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-cfids
Origin
https://www.group-ib.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Wed, 25 Nov 2020 17:15:50 GMT
Content-Type
text/plain
Content-Length
0
Connection
close
Access-Control-Allow-Origin
https://www.group-ib.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
Accept,DNT,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Origin,ETag,If-None-Match,X-Cfids
idgib-w-group-ib
sbbe.group-ib.ru/api/fl/ 		205 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sbbe.group-ib.ru/api/fl/idgib-w-group-ib
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/main_26755_76942213_449_1578.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.17.9.175 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
5404e3f97ceceed6fe0c4cf7f09c8431ebe7afeeb197513249f11962776ffbbb

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
x-cfids
-

Response headers

Date
Wed, 25 Nov 2020 17:15:50 GMT
Content-Encoding
gzip
Server
nginx
Etag
W/"vDEg3km2KwVh4KgJuVODPzRKeUyLHmBjLMDo3o06zAze56fPVZsnvgRDEc3ERgpGG9S99+VM5n+hRuTlGfmzp8QCMYz5Qwx0x30AwFC0odw3uxdFfFlwoMg2zP2XrO1Vk1j/3sU8xfXOE+HVj+IV0AI4"
Vary
Accept-Encoding, Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://www.group-ib.com
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
close
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept,DNT,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Origin,ETag,If-None-Match,X-Cfids
pcyHXMdM
pbs.twimg.com/card_img/1331633082684887040/ Frame 5A09 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331633082684887040/pcyHXMdM?format=jpg&name=600x314
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ae149926685a43cb146e35371430188e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40EB) /
Resource Hash
4bdf9be793229209430b0d3aac7ecf804e8bf65e40c5e845387c63ae9073e58c
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
3171
x-cache
HIT
content-length
22388
x-response-time
153
surrogate-key
card_img card_img/bucket/9 card_img/1331633082684887040
last-modified
Wed, 25 Nov 2020 16:15:22 GMT
server
ECS (fcn/40EB)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
b55ee6c1725e63ea40100001dfc2840e
accept-ranges
bytes
33-20e3.png
abs.twimg.com/emoji/v2/72x72/ Frame 5A09 		546 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/33-20e3.png
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ae149926685a43cb146e35371430188e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F0A) /
Resource Hash
4ed5ae53456d55cc365d347c56a9296e8fb677e9d28a489204bc206b821d553f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
9067826
x-ton-expected-size
546
x-cache
HIT
content-length
546
x-response-time
12
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:30:44 GMT
server
ECAcc (frc/8F0A)
etag
"rhyQaw3vYbRqfZmOnRB2Aw=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
9fef9e508d7181fe243fb9dcad2b7b15
accept-ranges
bytes
expires
Thu, 25 Nov 2021 17:15:50 GMT
MR-k5bw6
pbs.twimg.com/card_img/1331606359629049856/ Frame 5A09 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331606359629049856/MR-k5bw6?format=jpg&name=600x314
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ae149926685a43cb146e35371430188e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40F7) /
Resource Hash
76b58d4dfb551f4b8987d5deb3b0438c7a27fae9d020b924c96db8314560aea9
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
9850
x-cache
HIT
content-length
55301
x-response-time
190
surrogate-key
card_img card_img/bucket/8 card_img/1331606359629049856
last-modified
Wed, 25 Nov 2020 14:29:10 GMT
server
ECS (fcn/40F7)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
1dbfdf3fb6e0d6ce74bc7a61f0404d03
accept-ranges
bytes
1f53d.png
abs.twimg.com/emoji/v2/72x72/ Frame 5A09 		367 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f53d.png
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ae149926685a43cb146e35371430188e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F21) /
Resource Hash
b1a70b88b8e804f974e49f25a9a77cb06938ada16b3cb8d69721fbae77091add
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
9067820
x-ton-expected-size
367
x-cache
HIT
content-length
367
x-response-time
13
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:30:26 GMT
server
ECAcc (frc/8F21)
etag
"2K3dLw1z6lsRyi05BpUoKw=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
30148c21f6823e890b839378bc0af07c
accept-ranges
bytes
expires
Thu, 25 Nov 2021 17:15:50 GMT
HRVaYj87
pbs.twimg.com/card_img/1331504616907943944/ Frame 5A09 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331504616907943944/HRVaYj87?format=jpg&name=144x144_2
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ae149926685a43cb146e35371430188e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40EB) /
Resource Hash
764cb9ee5ec87067ed22a08d0d1688546abc6eb1efc6cf816c0cdd2865371d33
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
21511
x-cache
HIT
content-length
6029
x-response-time
137
surrogate-key
card_img card_img/bucket/1 card_img/1331504616907943944
last-modified
Wed, 25 Nov 2020 07:44:53 GMT
server
ECS (fcn/40EB)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
b56a5616d824bd1709490c06f9e7ce05
accept-ranges
bytes
GsrKwD6s
pbs.twimg.com/card_img/1331600680285564928/ Frame 5A09 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331600680285564928/GsrKwD6s?format=jpg&name=280x280
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ae149926685a43cb146e35371430188e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40D0) /
Resource Hash
7c3a49cd0ba5e1e990db284ef3ddeb1a7ddbda60383ae5ec58b61d8f4b69198e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
11207
x-cache
HIT
content-length
11663
x-response-time
146
surrogate-key
card_img card_img/bucket/9 card_img/1331600680285564928
last-modified
Wed, 25 Nov 2020 14:06:36 GMT
server
ECS (fcn/40D0)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
84e501036b297da910d071eadcdd0e73
accept-ranges
bytes
Os-O8ZiR
pbs.twimg.com/card_img/1331539263331078154/ Frame 5A09 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331539263331078154/Os-O8ZiR?format=png&name=144x144_2
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ae149926685a43cb146e35371430188e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40FC) /
Resource Hash
7ed0024999a8771f7887d341f39d47ce56a124fe0de9c233fa749f1e137025c2
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
25675
x-cache
HIT
content-length
2696
x-response-time
132
surrogate-key
card_img card_img/bucket/6 card_img/1331539263331078154
last-modified
Wed, 25 Nov 2020 10:02:33 GMT
server
ECS (fcn/40FC)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
00e57d55fbb65bfc09279a0e13c5dfde
accept-ranges
bytes
2b07.png
abs.twimg.com/emoji/v2/72x72/ Frame 5A09 		388 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/2b07.png
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ae149926685a43cb146e35371430188e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F53) /
Resource Hash
11fc3f4ae99586ae01aec05dcf1954dc95024f8d63776d220a3b0187873e6eb0
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
12717916
x-ton-expected-size
388
x-cache
HIT
content-length
388
x-response-time
11
surrogate-key
twitter-assets
last-modified
Thu, 16 Apr 2020 17:04:17 GMT
server
ECAcc (frc/8F53)
etag
"SALAWUsBYUywup5sSvc+YQ=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
519d9c76a258adffbd641a83d7c0abf4
accept-ranges
bytes
expires
Thu, 25 Nov 2021 17:15:50 GMT
PhjI9vq2_normal.jpg
pbs.twimg.com/profile_images/1318237034704719872/ Frame 5A09 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1318237034704719872/PhjI9vq2_normal.jpg
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40D1) /
Resource Hash
4cdb19491bc8a38d4f6b45be91e4897cc54cb3942ea6a5ae99d2af2cd54d3138
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
171645
x-cache
HIT
content-length
2263
x-response-time
117
surrogate-key
profile_images profile_images/bucket/1 profile_images/1318237034704719872
last-modified
Mon, 19 Oct 2020 17:04:15 GMT
server
ECS (fcn/40D1)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
549c919ed70c683ca590c05866625348
accept-ranges
bytes
ugonNwz9_normal.png
pbs.twimg.com/profile_images/1119139400988811264/ Frame 5A09 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1119139400988811264/ugonNwz9_normal.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/41A2) /
Resource Hash
8f1980b715a96136c4974af52e4690e681329bb92ce80af1f52d1e4aeeeb8f68
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
72629
x-cache
HIT
content-length
3023
x-response-time
119
surrogate-key
profile_images profile_images/bucket/4 profile_images/1119139400988811264
last-modified
Fri, 19 Apr 2019 07:21:20 GMT
server
ECS (fcn/41A2)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
92de6c64cd6e078761a491d6234efd82
accept-ranges
bytes
yOwTDF9G_normal.jpg
pbs.twimg.com/profile_images/1308106203860529152/ Frame 5A09 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1308106203860529152/yOwTDF9G_normal.jpg
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40AD) /
Resource Hash
31507f73a2c904e73317979e82c8c4531befda90852ca9681ce9fd0a64f7c3f6
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
169552
x-cache
HIT
content-length
1883
x-response-time
119
surrogate-key
profile_images profile_images/bucket/8 profile_images/1308106203860529152
last-modified
Mon, 21 Sep 2020 18:07:57 GMT
server
ECS (fcn/40AD)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
ebf84fad526820495e52e8603b2da845
accept-ranges
bytes
4ae724ea6ed248d871bc9d523ae1c24e_normal.png
pbs.twimg.com/profile_images/3703513695/ Frame 5A09 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/3703513695/4ae724ea6ed248d871bc9d523ae1c24e_normal.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4191) /
Resource Hash
c8d20f2ec4e0562596cd22bc91b00586d7fe77152cbfeb81db48b38274fdaf18
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
25095
x-cache
HIT
content-length
7190
x-response-time
125
surrogate-key
profile_images profile_images/bucket/2 profile_images/3703513695
last-modified
Thu, 04 Nov 2010 01:42:54 GMT
server
ECS (fcn/4191)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
4a7286bfcac75857ea04d911f2d5872d
accept-ranges
bytes
EnrYNrQXMAcrsSB
pbs.twimg.com/media/ Frame 5A09 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/EnrYNrQXMAcrsSB?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/418B) /
Resource Hash
db16c9ed3e4d3740ae92e0df4761e733bf86f44501f77d6866bc1f66d0247cc0
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
7940
x-cache
HIT
content-length
75154
x-response-time
127
surrogate-key
media media/bucket/9 media/1331614369302654983
last-modified
Wed, 25 Nov 2020 15:01:00 GMT
server
ECS (fcn/418B)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
5688c86653c6bb97ec63bb287c2ee954
accept-ranges
bytes
EnrWnhZW8AAn8rm
pbs.twimg.com/media/ Frame 5A09 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/EnrWnhZW8AAn8rm?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/41A7) /
Resource Hash
3af71b5d6657a687e21ee317f55052b8f7b4eb3d6af688911f750bc292e85fa7
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
8338
x-cache
HIT
content-length
31836
x-response-time
120
surrogate-key
media media/bucket/4 media/1331612614309376000
last-modified
Wed, 25 Nov 2020 14:54:02 GMT
server
ECS (fcn/41A7)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
268b0f3792bda56992c55c8efb24bea1
accept-ranges
bytes
EnrU6XjXUAUhtBR
pbs.twimg.com/media/ Frame 5A09 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/EnrU6XjXUAUhtBR?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4185) /
Resource Hash
486215088c2b2b8c4fe720eb678ad73d3f96cd7736226eadd94ce9fbba688438
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
8759
x-cache
HIT
content-length
46092
x-response-time
130
surrogate-key
media media/bucket/4 media/1331610739061248005
last-modified
Wed, 25 Nov 2020 14:46:34 GMT
server
ECS (fcn/4185)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
906c9d976cba2336a0b64cc7117eae9c
accept-ranges
bytes
EnqdxaBW4AAT8rn
pbs.twimg.com/media/ Frame 5A09 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/EnqdxaBW4AAT8rn?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/418B) /
Resource Hash
2ce88a4c132fa899f9ad519e9fec4b46fa5b060fb977451ce535c1cd44e6badd
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
23247
x-cache
HIT
content-length
59317
x-response-time
122
surrogate-key
media media/bucket/7 media/1331550111965569024
last-modified
Wed, 25 Nov 2020 10:45:40 GMT
server
ECS (fcn/418B)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
329c5d2f488cd59d070a9d941d947395
accept-ranges
bytes
Enp4M8mXcAELYN3
pbs.twimg.com/media/ Frame 5A09 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Enp4M8mXcAELYN3?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4193) /
Resource Hash
602e880b343fb1c79ae40912708cdd09282facc224e40a28ffab9c65e1304ed2
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
33085
x-cache
HIT
content-length
41037
x-response-time
121
surrogate-key
media media/bucket/8 media/1331508803662213121
last-modified
Wed, 25 Nov 2020 08:01:31 GMT
server
ECS (fcn/4193)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
bc00466e646e5998aaedb4440887b635
accept-ranges
bytes
Enp0LqkXYAApEXY
pbs.twimg.com/media/ Frame 5A09 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Enp0LqkXYAApEXY?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/41AE) /
Resource Hash
d50052ffc71a6ae9ca82c4075b0247e6c8777b93d14dc9f00da20ae88a4c6b7d
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
34158
x-cache
HIT
content-length
48245
x-response-time
128
surrogate-key
media media/bucket/4 media/1331504383595601920
last-modified
Wed, 25 Nov 2020 07:43:57 GMT
server
ECS (fcn/41AE)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
dc00ed1962efcf0c1a725f2158436084
accept-ranges
bytes
Enpz7QfWMAApSLX
pbs.twimg.com/media/ Frame 5A09 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Enpz7QfWMAApSLX?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/41AA) /
Resource Hash
2681ca9cb433647fe4b52cb847f5b1429af46ef6c49344885e7bd9503513af1b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
34228
x-cache
HIT
content-length
31672
x-response-time
116
surrogate-key
media media/bucket/6 media/1331504101717323776
last-modified
Wed, 25 Nov 2020 07:42:50 GMT
server
ECS (fcn/41AA)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
7af52fc5b3597ad9ff0283b95c7c92cd
accept-ranges
bytes
EnpzpspXMAAQEVG
pbs.twimg.com/media/ Frame 5A09 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/EnpzpspXMAAQEVG?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40EA) /
Resource Hash
9a53ec39604c2dd9a71ccae40d6b605145706d246cb6a56c8458edc04cd7a073
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
34298
x-cache
HIT
content-length
39777
x-response-time
114
surrogate-key
media media/bucket/2 media/1331503800037879808
last-modified
Wed, 25 Nov 2020 07:41:38 GMT
server
ECS (fcn/40EA)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
5e6d7cf6a67bf509be4894c05e7a6fc0
accept-ranges
bytes
Enpy3MfXEAE7Vc4
pbs.twimg.com/media/ Frame 5A09 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Enpy3MfXEAE7Vc4?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4192) /
Resource Hash
85489b6d743b3eb8eaf407d1f53d6e09220a8992ede1027a71c7aecc390059c1
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
34484
x-cache
HIT
content-length
45899
x-response-time
130
surrogate-key
media media/bucket/2 media/1331502932412534785
last-modified
Wed, 25 Nov 2020 07:38:11 GMT
server
ECS (fcn/4192)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
3f0308a6dcf446cfdb1298543816b0b4
accept-ranges
bytes
Enpyoz_XEAEmALG
pbs.twimg.com/media/ Frame 5A09 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Enpyoz_XEAEmALG?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40B6) /
Resource Hash
3a4b2b4b5d39f970e20b721a6744a3ebe517a573422f92a7e1e09d613a86e3a3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
34582
x-cache
HIT
content-length
42645
x-response-time
119
surrogate-key
media media/bucket/4 media/1331502685317697537
last-modified
Wed, 25 Nov 2020 07:37:12 GMT
server
ECS (fcn/40B6)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
a29d39178fa33780b2c177819fa5f609
accept-ranges
bytes
Enpyc6LXEAE5Dtb
pbs.twimg.com/media/ Frame 5A09 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Enpyc6LXEAE5Dtb?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40E6) /
Resource Hash
07ea5ec32802e3cbaa6e3de28ceff317b02a08f9590bdfddcc6f4c147d951106
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
34622
x-cache
HIT
content-length
54772
x-response-time
130
surrogate-key
media media/bucket/0 media/1331502480820211713
last-modified
Wed, 25 Nov 2020 07:36:24 GMT
server
ECS (fcn/40E6)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
90ef10d0645acabb13c437a7194d38d9
accept-ranges
bytes
EnpyEViXMAEmyQ1
pbs.twimg.com/media/ Frame 5A09 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/EnpyEViXMAEmyQ1?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4197) /
Resource Hash
c01844f5065f09e3173e5aea1e16252e4373b05c751651908ef272b6bb33fdbc
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
34691
x-cache
HIT
content-length
39635
x-response-time
120
surrogate-key
media media/bucket/2 media/1331502058667716609
last-modified
Wed, 25 Nov 2020 07:34:43 GMT
server
ECS (fcn/4197)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
7058aa73d97f85f76922b40de3c85b57
accept-ranges
bytes
syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame 5A09 		44 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FC6) /
Resource Hash
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
600511
x-ton-expected-size
45170
x-cache
HIT
vary
Accept-Encoding
content-length
6839
x-response-time
8
surrogate-key
tfw
last-modified
Tue, 14 May 2019 18:53:54 GMT
server
ECAcc (frc/8FC6)
etag
"4mhImCFS9rptiUICNnLD1g=="
strict-transport-security
max-age=631138519
content-type
text/css
access-control-allow-origin
*
x-connection-hash
20d7f24a83ba564692ad892413299ad4
accept-ranges
bytes
expires
Wed, 02 Dec 2020 17:15:50 GMT
syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FC6) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
600511
x-ton-expected-size
45170
x-cache
HIT
vary
Accept-Encoding
content-length
6839
x-response-time
8
surrogate-key
tfw
last-modified
Tue, 14 May 2019 18:53:54 GMT
server
ECAcc (frc/8FC6)
etag
"4mhImCFS9rptiUICNnLD1g=="
strict-transport-security
max-age=631138519
content-type
text/css
access-control-allow-origin
*
x-connection-hash
20d7f24a83ba564692ad892413299ad4
accept-ranges
bytes
expires
Wed, 02 Dec 2020 17:15:50 GMT
truncated
/ Frame 5A09 		512 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 5A09 		825 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 5A09 		572 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 5A09 		644 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 5A09 		739 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 5A09 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame 5A09 		607 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
/
www.facebook.com/tr/ 		44 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=545899479446758&ev=PageView&dl=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&rl=&if=false&ts=1606324550600&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1606324550175.25513214&it=1606324549817&coo=false&rqm=GET
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 25 Nov 2020 17:15:50 GMT
forms2.css
app-lon09.marketo.com/js/forms2/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-lon09.marketo.com/js/forms2/css/forms2.css
Requested by
Host: app-lon09.marketo.com
URL: https://app-lon09.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.94.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
3725
vary
Accept-Encoding
content-length
2623
cf-request-id
06a20093e90000c791500bd000000001
last-modified
Mon, 12 Oct 2020 17:13:35 GMT
server
cloudflare
etag
"d8167a-3437-5b17c6b21edc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63113904
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
5f7d039978fac791-AMS
expires
Wed, 25 Nov 2020 21:15:50 GMT
forms2-theme-simple.css
app-lon09.marketo.com/js/forms2/css/ 		826 B
393 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-lon09.marketo.com/js/forms2/css/forms2-theme-simple.css
Requested by
Host: app-lon09.marketo.com
URL: https://app-lon09.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.94.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
6394
vary
Accept-Encoding
content-length
242
cf-request-id
06a20093e90000c7912d3cf000000001
last-modified
Mon, 12 Oct 2020 17:13:35 GMT
server
cloudflare
etag
"d8167e-33a-5b17c6b21edc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63113904
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
5f7d039978fdc791-AMS
expires
Wed, 25 Nov 2020 21:15:50 GMT
25634039
mc.yandex.ru/watch/ 		167 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/25634039?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A1045%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A282%3Acn%3A1%3Adp%3A0%3Als%3A0%3Ahid%3A503326654%3Az%3A60%3Ai%3A20201125181549%3Aet%3A1606324550%3Ac%3A1%3Arn%3A339367218%3Arqn%3A1%3Au%3A1606324550110852890%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1606324548447%3Ads%3A14%2C39%2C207%2C1%2C451%2C0%2C%2C465%2C3%2C%2C%2C%2C1182%3Adsn%3A13%2C40%2C206%2C1%2C451%2C0%2C%2C469%2C3%2C%2C%2C%2C1181%3Arqnl%3A1%3Aadb%3A2%3App%3A%3Ati%3A1%3Ast%3A1606324551%3At%3AGroup-IB%20reveals%20its%20cyberthreat%20forecast%20for%20the%20coming%20year%20%E2%80%93%20Global%20Cyber%20Security%20Company%20%E2%80%93%20Group-IB
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/main_26755_76942213_449_1578.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
f10af0f9f1114d7b234cb396a16bd880d455d967020940f4d5aa9175c2b08bf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
last-modified
Wed, 25-Nov-2020 17:15:50 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.group-ib.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Wed, 25-Nov-2020 17:15:50 GMT
pcyHXMdM
pbs.twimg.com/card_img/1331633082684887040/ Frame 5A09 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331633082684887040/pcyHXMdM?format=jpg&name=600x314
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40EB) /
Resource Hash
4bdf9be793229209430b0d3aac7ecf804e8bf65e40c5e845387c63ae9073e58c
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
3171
x-cache
HIT
content-length
22388
x-response-time
153
surrogate-key
card_img card_img/bucket/9 card_img/1331633082684887040
last-modified
Wed, 25 Nov 2020 16:15:22 GMT
server
ECS (fcn/40EB)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
b55ee6c1725e63ea40100001dfc2840e
accept-ranges
bytes
/
www.facebook.com/tr/ 		0
84 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/main_26755_76942213_449_1578.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary6MuNIBRZ1opBV0G4

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Wed, 25 Nov 2020 17:15:50 GMT
content-type
text/plain
access-control-allow-origin
https://www.group-ib.com
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
like.php
www.facebook.com/v2.3/plugins/ Frame CAC2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3546882da90278%26domain%3Dwww.group-ib.com%26origin%3Dhttps%253A%252F%252Fwww.group-ib.com%252Ff17662abfbcd458%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&layout=button_count&locale=ru_RU&sdk=joey&share=false&show_faces=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js?hash=118d9dcb5e21ba0d88956e18eb06fc69&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3546882da90278%26domain%3Dwww.group-ib.com%26origin%3Dhttps%253A%252F%252Fwww.group-ib.com%252Ff17662abfbcd458%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&layout=button_count&locale=ru_RU&sdk=joey&share=false&show_faces=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.group-ib.com/media/gib-report-2020/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
fr=03q3sHXGxl2Jqk9Y0..BfvpFG...1.0.BfvpFG.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.group-ib.com/media/gib-report-2020/

Response headers

vary
Accept-Encoding
pragma
no-cache
x-content-type-options
nosniff
content-encoding
br
strict-transport-security
max-age=15552000; preload
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v3.2
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
x-fb-debug
b7oFmVVeM7yRvkQmzLOV3UwQX0UjWs3/4wcCJykRAfzBS0W9eIjESnRa8CLmIUe4GyF5wufSulqSPxx4DFLaUQ==
date
Wed, 25 Nov 2020 17:15:50 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
MR-k5bw6
pbs.twimg.com/card_img/1331606359629049856/ Frame 5A09 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331606359629049856/MR-k5bw6?format=jpg&name=600x314
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40F7) /
Resource Hash
76b58d4dfb551f4b8987d5deb3b0438c7a27fae9d020b924c96db8314560aea9
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
9850
x-cache
HIT
content-length
55301
x-response-time
190
surrogate-key
card_img card_img/bucket/8 card_img/1331606359629049856
last-modified
Wed, 25 Nov 2020 14:29:10 GMT
server
ECS (fcn/40F7)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
1dbfdf3fb6e0d6ce74bc7a61f0404d03
accept-ranges
bytes
/
www.facebook.com/tr/ Frame CB78 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
3458
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.group-ib.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.group-ib.com/media/gib-report-2020/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
fr=03q3sHXGxl2Jqk9Y0..BfvpFG...1.0.BfvpFG.
Upgrade-Insecure-Requests
1
Origin
https://www.group-ib.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.group-ib.com/media/gib-report-2020/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.group-ib.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
date
Wed, 25 Nov 2020 17:15:50 GMT
HRVaYj87
pbs.twimg.com/card_img/1331504616907943944/ Frame 5A09 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331504616907943944/HRVaYj87?format=jpg&name=144x144_2
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40EB) /
Resource Hash
764cb9ee5ec87067ed22a08d0d1688546abc6eb1efc6cf816c0cdd2865371d33
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
21511
x-cache
HIT
content-length
6029
x-response-time
137
surrogate-key
card_img card_img/bucket/1 card_img/1331504616907943944
last-modified
Wed, 25 Nov 2020 07:44:53 GMT
server
ECS (fcn/40EB)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
b56a5616d824bd1709490c06f9e7ce05
accept-ranges
bytes
XDFrame
app-lon09.marketo.com/index.php/form/ Frame 50D6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app-lon09.marketo.com/index.php/form/XDFrame
Requested by
Host: app-lon09.marketo.com
URL: https://app-lon09.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.94.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
app-lon09.marketo.com
:scheme
https
:path
/index.php/form/XDFrame
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.group-ib.com/media/gib-report-2020/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cf_bm=ab005641d8b8f65d594131e3f769dc764295c142-1606324549-1800-AWz9BMVBmkXqDzI8q3j34b7fMDlhcvCQstLvfKP7waqVh02cg2CVOvARB/wNdTVHcU6ELSIeMewkIzAnCEPpvSU=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.group-ib.com/media/gib-report-2020/

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
content-type
text/html; charset=utf-8
content-length
653
set-cookie
__cfduid=df8c3460a189852140eb3fd67b69d54c81606324550; expires=Fri, 25-Dec-20 17:15:50 GMT; path=/; domain=.app-lon09.marketo.com; HttpOnly; SameSite=Lax RSMKTO1=3204520876.47617.0000; path=/; Httponly; Secure
cache-control
max-age=3600
strict-transport-security
max-age=63113904
x-content-type-options
nosniff
vary
Accept-Encoding
content-encoding
gzip
cf-cache-status
DYNAMIC
cf-request-id
06a20094960000c79159a8c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5f7d039a8bf7c791-AMS
Os-O8ZiR
pbs.twimg.com/card_img/1331539263331078154/ Frame 5A09 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331539263331078154/Os-O8ZiR?format=png&name=144x144_2
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40FC) /
Resource Hash
7ed0024999a8771f7887d341f39d47ce56a124fe0de9c233fa749f1e137025c2
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 17:15:50 GMT
x-content-type-options
nosniff
age
25675
x-cache
HIT
content-length
2696
x-response-time
132
surrogate-key
card_img card_img/bucket/6 card_img/1331539263331078154
last-modified
Wed, 25 Nov 2020 10:02:33 GMT
server
ECS (fcn/40FC)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
00e57d55fbb65bfc09279a0e13c5dfde
accept-ranges
bytes
/
www.facebook.com/tr/ 		0
53 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/main_26755_76942213_449_1578.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarylwz2acqovQXRku9w

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Wed, 25 Nov 2020 17:15:51 GMT
content-type
text/plain
access-control-allow-origin
https://www.group-ib.com
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
/
www.facebook.com/tr/ Frame 624C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
3457
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.group-ib.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.group-ib.com/media/gib-report-2020/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
fr=03q3sHXGxl2Jqk9Y0..BfvpFG...1.0.BfvpFG.
Upgrade-Insecure-Requests
1
Origin
https://www.group-ib.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.group-ib.com/media/gib-report-2020/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.group-ib.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
date
Wed, 25 Nov 2020 17:15:51 GMT
jot.html
platform.twitter.com/ Frame 49F7
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/jot.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40B5) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
https://www.group-ib.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
83539
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 25 Nov 2020 17:15:52 GMT
Etag
"d9592a6c704736fa4da218d4357976dd"
Last-Modified
Thu, 01 Oct 2020 21:52:09 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40B5)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
80

Redirect headers

cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length
0
content-type
text/html;charset=utf-8
date
Wed, 25 Nov 2020 17:15:51 GMT
expires
Tue, 31 Mar 1981 05:00:00 GMT
last-modified
Wed, 25 Nov 2020 17:15:51 GMT
location
https://platform.twitter.com/jot.html
pragma
no-cache
server
tsa_o
status
302 Found
strict-transport-security
max-age=631138519
x-connection-hash
f4c069a872f08f3b9b625108becdee59
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-response-time
137
x-transaction
00367c06005ddc16
x-tsa-request-body-time
1
x-twitter-response-tags
BouncerCompliant
x-xss-protection
0
fl
sbbe.group-ib.ru/api/ 		677 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sbbe.group-ib.ru/api/fl?u=7694221310&mv=2&cfidsgib-w-group-ib=vDEg3km2KwVh4KgJuVODPzRKeUyLHmBjLMDo3o06zAze56fPVZsnvgRDEc3ERgpGG9S99%2BVM5n%2BhRuTlGfmzp8QCMYz5Qwx0x30AwFC0odw3uxdFfFlwoMg2zP2XrO1Vk1j%2F3sU8xfXOE%2BHVj%2BIV0AI4
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/main_26755_76942213_449_1578.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.17.9.175 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
1686d283490c0a24a47a298b104cc11822f9bac9e6d0e54dfd27b2720db58c54

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 25 Nov 2020 17:15:51 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://www.group-ib.com
Cache-Control
no-store
Transfer-Encoding
chunked
Connection
close
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept,DNT,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Origin,ETag,If-None-Match,X-Cfids

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| VK function| $ function| jQuery object| picturefillCFG function| picturefill object| conf object| __core-js_shared__ object| Sslac object| IN object| __twttrll object| twttr object| __twttr object| google_tag_manager function| _classCallCheck function| executeFunctionByName function| _createClass object| landing object| competitorDomains object| publicDomains function| Tiles function| Action object| actions function| CubicGallery function| CubicGallery2 function| Parallax function| Popup function| SelectThis function| CubicForm function| CubicSticky function| SwipeDetector function| CubicSwitcher function| CubicTabs function| ChangeForm function| ClipboardJS function| raf object| gacid object| gaClientId object| FB function| Accordeon function| EmailsBase function| wr function| Cookies function| CrmForm function| Marketo function| metrics object| News object| showMore object| News2 function| PollForm function| fillPoll function| share_vacancy_fb function| share_vacancy_tw function| ShowMore2 function| CubicTags function| Test function| Tumbler function| initTumbler function| Unsubscribe object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| fbq function| _fbq object| popups function| initCrmForms object| gaplugins object| gaGlobal object| gaData object| Ya object| yaCounter25634039 function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin boolean| __c4e38641cee8933a85d80167b637f7b5__ function| gibSetAttribute function| gibSetAttributeCallback function| gibRemoveAttribute function| gibHash function| gibEncrypt object| gib string| __guc__1.0.0 function| lintrk boolean| _already_called_lintrk object| MktoForms2 object| marketoForms object| google_optimize object| MunchkinTracker object| _this object| jQuery112405112094398918721

14 Cookies

Domain/Path Name / Value
.group-ib.com/ Name: _ym_visorc
Value: w
.group-ib.com/ Name: _ym_d
Value: 1606324550
.id.group-ib.com/ Name: gcfids
Value: ApqLFHNb9HH+-Tclb6LJkmB8GBeNfwEW2rr5PqnpfzwFcOxFfeaJb+edIhSwHVEMAv-4iUqKwrCgq5rlxm8XG01fp4GlJyZNwgpkoJxxtIgZUlWB8slbNfTchJ2M
.group-ib.com/ Name: _ym_uid
Value: 1606324550110852890
.group-ib.com/ Name: _fbp
Value: fb.1.1606324550175.25513214
.group-ib.com/ Name: _gid
Value: GA1.2.753244616.1606324550
.group-ib.com/ Name: bpmTrackingId
Value: 9d86f587-dc87-a38f-fe05-3291eaf29ab3
.group-ib.com/ Name: _mkto_trk
Value: id:689-LRE-818&token:_mch-group-ib.com-1606324550186-14563
.group-ib.com/ Name: _dc_gtm_UA-25492706-2
Value: 1
.group-ib.com/ Name: _ga
Value: GA1.2.2046068789.1606324550
.group-ib.com/ Name: _ym_isad
Value: 2
.group-ib.com/ Name: bpmHref
Value: https://www.group-ib.com/media/gib-report-2020/
.group-ib.com/ Name: bpmRef
Value:
www.group-ib.com/ Name: PHPSESSID
Value: 4hnn8lal4jjhrr1r2ajrrkad87

2 Console Messages

Source Level URL
Text
console-api log URL: https://www.group-ib.com/media/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api warning URL: https://www.group-ib.com/javascripts/all-3e59e9cb.js(Line 26)
Message:
The Facebook JSSDK is more than 7 days old.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

689-lre-818.mktoresp.com
abs.twimg.com
app-lon09.marketo.com
cdn.syndication.twimg.com
connect.facebook.net
lnkd.in
mc.yandex.com
mc.yandex.ru
munchkin.marketo.net
pbs.twimg.com
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
ru.id.group-ib.com
sbbe.group-ib.ru
snap.licdn.com
stats.g.doubleclick.net
syndication.twitter.com
ton.twimg.com
vk.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.group-ib.com
www.linkedin.com
104.109.95.62
104.16.94.80
104.244.42.200
108.174.10.10
134.213.193.62
178.248.235.63
185.17.9.175
185.17.9.182
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:59:254c:406:2366:268c
2620:1ec:21::14
2a00:1450:4001:802::2004
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:81d::2003
2a00:1450:4001:824::200e
2a00:1450:400c:c0c::9c
2a02:26f0:6c00::210:ba20
2a02:26f0:eb:3a3::25ea
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
87.240.190.78
028adedcb988349acdd0154c1db43e1ed2f1ee23271c887ff2f93c4312b78fb2
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
07ea5ec32802e3cbaa6e3de28ceff317b02a08f9590bdfddcc6f4c147d951106
08e7c12dfc137c65fdf4d5026095f8dae7f4fc17087c91496987d89096275e29
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
0b28a2aa8ae2cc469fc77cde60ed83fd6176df58e4d15558e5dbbf690e8dedd8
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11fc3f4ae99586ae01aec05dcf1954dc95024f8d63776d220a3b0187873e6eb0
14b2afcf8da0215e557f8695dd0ffeb7af71aea988af0e528e3b0715a907e39b
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
163cfcbd5a50639aa755d8eabd17f5d736f0d8d5a51989bd0540a05012427c9d
1686d283490c0a24a47a298b104cc11822f9bac9e6d0e54dfd27b2720db58c54
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
2469ab70d8030e7579c18bf90247092020fc57e16e60a1212d591a9399bad33a
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2681ca9cb433647fe4b52cb847f5b1429af46ef6c49344885e7bd9503513af1b
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
2c0597ede3783f1bb0e1ac2593f64146c29a97730bd491b16fb46c3d4fe61bc4
2c666864babd01234e141cf63de6d7144ab88d53652d619869ec3a6adbc6fae8
2ce88a4c132fa899f9ad519e9fec4b46fa5b060fb977451ce535c1cd44e6badd
2ff7a0eb41c8462ce197a2d18fca55455710b0c15bbb32d4c13ffe92c3d8b7df
31507f73a2c904e73317979e82c8c4531befda90852ca9681ce9fd0a64f7c3f6
3795726557f64bf66677a94511e34f7d67dd58c73baef60ddb3f9a0cb8f38c1e
396c8d58f2858e194e9d4c4a7fbab20e0017aa3576b2cc93d3beb31ebb0974df
3a4b2b4b5d39f970e20b721a6744a3ebe517a573422f92a7e1e09d613a86e3a3
3af71b5d6657a687e21ee317f55052b8f7b4eb3d6af688911f750bc292e85fa7
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
486215088c2b2b8c4fe720eb678ad73d3f96cd7736226eadd94ce9fbba688438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b9de56ce2f53cfb77829e17f6b7e3b1a27d3ca089cff5c34646ab69eab10aa3
4bdf008140cb9fb1f8a566f08c41e56801d474a5c4e8745073d5c32bd3b363db
4bdf9be793229209430b0d3aac7ecf804e8bf65e40c5e845387c63ae9073e58c
4cdb19491bc8a38d4f6b45be91e4897cc54cb3942ea6a5ae99d2af2cd54d3138
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
4ed5ae53456d55cc365d347c56a9296e8fb677e9d28a489204bc206b821d553f
5404e3f97ceceed6fe0c4cf7f09c8431ebe7afeeb197513249f11962776ffbbb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
602e880b343fb1c79ae40912708cdd09282facc224e40a28ffab9c65e1304ed2
65579b2f0b8b8ad97c53d391e1326e506adda47662d2318218ca7ceff95f859d
68b344470a99a316db16a9e3a89db1a8ec1c5d99162a1dc96f3033241db3d106
764cb9ee5ec87067ed22a08d0d1688546abc6eb1efc6cf816c0cdd2865371d33
76b58d4dfb551f4b8987d5deb3b0438c7a27fae9d020b924c96db8314560aea9
7c2c4c206afbf58c99d00b6ae13ade4da48ffda9ca822200bcdc92a61ef455d2
7c3a49cd0ba5e1e990db284ef3ddeb1a7ddbda60383ae5ec58b61d8f4b69198e
7ed0024999a8771f7887d341f39d47ce56a124fe0de9c233fa749f1e137025c2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85489b6d743b3eb8eaf407d1f53d6e09220a8992ede1027a71c7aecc390059c1
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8f1980b715a96136c4974af52e4690e681329bb92ce80af1f52d1e4aeeeb8f68
95e20d6a24cc4fcf6e88ce4d1bea86310f2716a0192c6b143ae5657a3fcaa886
9a53ec39604c2dd9a71ccae40d6b605145706d246cb6a56c8458edc04cd7a073
9b459480e76b0d675482760b3d9534e849ff58dca908849165a7d8595ad73622
9ee338bd03594461a939b661840e43fec02d7345e19e3ad12509c06ba37ad355
a22958981751f2a55d6622e5abfaa5918fb411eb01bc5d9b446c081dd7c3d18d
a3d540bcf52bc00d9470eb0c36ab43c540627263bce11720ad2a6c1bb25cf8fe
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a59ad2854b743e12bb04283571254154fecdc226b97b65662670768af88a7491
a7aa4cbfba80df455a6273f3f7ebcaa904f904640ef4f1d757c45c7bb12032ad
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
ad457d24d3f2048db9c3a15f3f6c129529e4d354c2325b09ad3d8ef5b4da1397
b1a70b88b8e804f974e49f25a9a77cb06938ada16b3cb8d69721fbae77091add
b8604bd5c7e49a84eed6c9fab81f966e85556c8eaf806005bce35d84cc8de640
c01844f5065f09e3173e5aea1e16252e4373b05c751651908ef272b6bb33fdbc
c1926db7e73203140d89be9a6b0f2f02dd2a65207a218b27a17e0e981603b2d7
c8d20f2ec4e0562596cd22bc91b00586d7fe77152cbfeb81db48b38274fdaf18
ca0e3beb032aacff54341082165a5d660ce9a87ffe5a97c731ab624783289842
cc2d91f3eaa2c1037b18d840715213dbb5104b015b8f9c04f0189358d12d3622
d50052ffc71a6ae9ca82c4075b0247e6c8777b93d14dc9f00da20ae88a4c6b7d
db16c9ed3e4d3740ae92e0df4761e733bf86f44501f77d6866bc1f66d0247cc0
dde2a7cd4331f78a4b35dca9aa2e716fc3d0c83ba0f855f0812cbfae4a27a805
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
df15179f27436251a1cb3a432e21d9a793fee1a81ee284094634b14335068138
e0a70c5d116d9c823c7d7958ecea2a7926315fac156e390bd7dc8a5fa088cdc3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e5ab88bf9c41e5fb24ce3ba38f812f90007bd11eeaf77fcf2f14f162d7da6d6a
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
eded72ddc3199149be1270f20297765a9a5f6071eac65a0c86d947035ba4e7ea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f10af0f9f1114d7b234cb396a16bd880d455d967020940f4d5aa9175c2b08bf0
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
fe9a7ca1e475140e6b37fbc86a5efcd3251be4348137aa07231bd91ee8678b7c