urlscan.io logo urlscan.io
SecurityTrails logo

www.group-ib.com Open in urlscan Pro
178.248.235.63  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hubspot.fedscoop.com/e2t/tc/VWv-KC1dWnlfW66SH8c5dhFz5W8wLjj94jRGkDN3X6VGh2-GZwV1-WJV7CgVykW1xtm4D6by3Q3W6WpqYQ5sCs7jW...
Effective URL: https://www.group-ib.com/media/gib-report-2020/
Submission: On November 25 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 25 IPs in 9 countries across 20 domains to perform 103 HTTP transactions. The main IP is 178.248.235.63, located in Russian Federation and belongs to QRATOR, RU. The main domain is www.group-ib.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 28th 2020. Valid for: 9 months.
This is the only time www.group-ib.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 199.60.103.31 209242 (CLOUDFLAR...)
15 178.248.235.63 197068 (QRATOR)
3 93.186.225.208 47541 (VKONTAKTE...)
1 2606:2800:233... 15133 (EDGECAST)
9 2606:2800:234... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a03:2880:f01... 32934 (FACEBOOK)
5 104.16.92.80 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 104.109.95.62 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
31 2606:2800:134... 15133 (EDGECAST)
1 2 2a05:f500:11:... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
3 7 2a02:6b8::1:119 13238 (YANDEX)
1 185.17.9.182 49505 (SELECTEL)
3 178.132.201.236 49505 (SELECTEL)
1 134.213.193.62 15395 (RACKSPACE...)
3 2606:2800:233... 15133 (EDGECAST)
7 2a03:2880:f11... 32934 (FACEBOOK)
2 2606:2800:233... 15133 (EDGECAST)
1 1 104.244.42.136 13414 (TWITTER)
103 25
2    199.60.103.31 (Canada)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., GB)
hubspot.fedscoop.com
15    178.248.235.63 (Russian Federation)

ASN197068 (QRATOR, RU)
www.group-ib.com
3    93.186.225.208 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU)
vk.com
1    2606:2800:233:66b5:799a:7cd3:f74d:7071 (United States)

ASN15133 (EDGECAST, US)
platform.linkedin.com
9    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    104.16.92.80 (United States)

ASN13335 (CLOUDFLARENET, US)
app-lon09.marketo.com
1    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
snap.licdn.com
2    104.109.95.62 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-95-62.deploy.static.akamaitechnologies.com
munchkin.marketo.net
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
31    2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
pbs.twimg.com
2    2a05:f500:11:101::b93f:9005 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
1    185.17.9.182 (Moscow, Russian Federation)

ASN49505 (SELECTEL, RU)
ru.id.group-ib.com
3    178.132.201.236 (Russian Federation)

ASN49505 (SELECTEL, RU)
sbbe.group-ib.ru
1    134.213.193.62 (United Kingdom)

ASN15395 (RACKSPACE-LON, GB)
689-lre-818.mktoresp.com
3    2606:2800:233:8173:898f:63b3:95c3:79d2 (United States)

ASN15133 (EDGECAST, US)
abs.twimg.com
7    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2606:2800:233:7ee2:97c:ab4c:6c70:be36 (United States)

ASN15133 (EDGECAST, US)
ton.twimg.com
1    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
Domain Requested by
30 pbs.twimg.com www.group-ib.com
platform.twitter.com
15 www.group-ib.com hubspot.fedscoop.com
www.group-ib.com
www.googletagmanager.com
9 platform.twitter.com www.group-ib.com
platform.twitter.com
7 www.facebook.com www.group-ib.com
connect.facebook.net
5 mc.yandex.ru 2 redirects www.group-ib.com
5 app-lon09.marketo.com www.group-ib.com
app-lon09.marketo.com
5 connect.facebook.net www.group-ib.com
hubspot.fedscoop.com
connect.facebook.net
3 abs.twimg.com www.group-ib.com
3 sbbe.group-ib.ru www.group-ib.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.group-ib.com
3 vk.com www.group-ib.com
vk.com
2 ton.twimg.com platform.twitter.com
2 mc.yandex.com 1 redirects www.group-ib.com
2 px.ads.linkedin.com 1 redirects www.group-ib.com
2 munchkin.marketo.net hubspot.fedscoop.com
munchkin.marketo.net
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 hubspot.fedscoop.com 1 redirects
1 syndication.twitter.com 1 redirects
1 689-lre-818.mktoresp.com www.group-ib.com
1 ru.id.group-ib.com www.group-ib.com
1 www.linkedin.com 1 redirects
1 cdn.syndication.twimg.com platform.twitter.com
1 www.google.de www.group-ib.com
1 www.google.com www.group-ib.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com www.group-ib.com
1 platform.linkedin.com www.group-ib.com
103 27
Subject Issuer Validity Valid
hubspot.fedscoop.com
Cloudflare Inc ECC CA-3		 2020-07-17 -
2021-07-17		 a year crt.sh
group-ib.com
Sectigo RSA Domain Validation Secure Server CA		 2020-09-28 -
2021-06-17		 9 months crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-09 -
2022-06-10		 2 years crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA		 2019-10-10 -
2021-10-14		 2 years crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-11-02 -
2021-01-30		 3 months crt.sh
app-lon09.marketo.com
Cloudflare Inc ECC CA-3		 2020-07-01 -
2021-07-01		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA		 2020-03-14 -
2021-04-13		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-08-05 -
2021-02-05		 6 months crt.sh
mc.yandex.ru
Yandex CA		 2020-09-29 -
2021-03-11		 5 months crt.sh
*.id.group-ib.com
Thawte RSA CA 2018		 2020-04-17 -
2021-04-17		 a year crt.sh
*.group-ib.ru
Sectigo RSA Domain Validation Secure Server CA		 2020-09-20 -
2021-05-04		 7 months crt.sh
*.mktoresp.com
DigiCert SHA2 Secure Server CA		 2020-01-17 -
2022-01-21		 2 years crt.sh

This page contains 10 frames:

Primary Page: https://www.group-ib.com/media/gib-report-2020/
Frame ID: 01693D5F0237E6D8F65EF87F0C6CCAA3
Requests: 63 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.group-ib.com
Frame ID: 69312180A7D75074B95FAD6F81EB93BF
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
Frame ID: 7A2A713DE26BF565BF4EBFE55DFED328
Requests: 1 HTTP requests in this frame

Frame: https://ru.id.group-ib.com/id.html
Frame ID: E68AC012CB9B84061D42CA28FA578FF2
Requests: 1 HTTP requests in this frame

Frame: https://pbs.twimg.com/card_img/1331633082684887040/pcyHXMdM?format=jpg&name=600x314
Frame ID: CEF618A7C7F6B7BBE128471A94818359
Requests: 42 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 647E44BB70634AF2DF40F12DEB76D219
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 98A088CB3BECC77DD28A1881782695A5
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 4D65579ED272C8FC0E369614352E2EB9
Requests: 1 HTTP requests in this frame

Frame: https://app-lon09.marketo.com/index.php/form/XDFrame
Frame ID: E42E2F126A4D76C23D02ABE654975557
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df251d77613c1e9%26domain%3Dwww.group-ib.com%26origin%3Dhttps%253A%252F%252Fwww.group-ib.com%252Ff142f6771f7eeb%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&layout=button_count&locale=ru_RU&sdk=joey&share=false&show_faces=true
Frame ID: 2547409CC85941B41932E402BD9E6158
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://hubspot.fedscoop.com/e2t/tc/VWv-KC1dWnlfW66SH8c5dhFz5W8wLjj94jRGkDN3X6VGh2-GZwV1-WJV7CgVykW1xtm4D... Page URL
  2. https://hubspot.fedscoop.com/events/public/v1/track/tc/VWv-KC1dWnlfW66SH8c5dhFz5W8wLjj94jRGkDN3X6VGh2-GZw... HTTP 307
    https://www.group-ib.com/media/gib-report-2020/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

103
Requests

100 %
HTTPS

65 %
IPv6

20
Domains

27
Subdomains

25
IPs

9
Countries

2511 kB
Transfer

5446 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hubspot.fedscoop.com/e2t/tc/VWv-KC1dWnlfW66SH8c5dhFz5W8wLjj94jRGkDN3X6VGh2-GZwV1-WJV7CgVykW1xtm4D6by3Q3W6WpqYQ5sCs7jW4vyj9P4xMcWfVK270y3J6x3kW2x4dKp6_Ww1rW7RPvCY128P-bW8FsZ3s72GhHZW8x1P_72xDCSxN53ThmrRyhtPW8wqsML8Jl_gYW9m57g-3q1rLNW4_fzgs5RsV2yW63zF_V57ZcV5N1kRdSbM1RQXW5_4KVn3YsP9BW442KNz6LY7SG3qdm1 Page URL
  2. https://hubspot.fedscoop.com/events/public/v1/track/tc/VWv-KC1dWnlfW66SH8c5dhFz5W8wLjj94jRGkDN3X6VGh2-GZwV1-WJV7CgVykW1xtm4D6by3Q3W6WpqYQ5sCs7jW4vyj9P4xMcWfVK270y3J6x3kW2x4dKp6_Ww1rW7RPvCY128P-bW8FsZ3s72GhHZW8x1P_72xDCSxN53ThmrRyhtPW8wqsML8Jl_gYW9m57g-3q1rLNW4_fzgs5RsV2yW63zF_V57ZcV5N1kRdSbM1RQXW5_4KVn3YsP9BW442KNz6LY7SG3qdm1?_ud=a7e90356-1800-440c-8788-6de27dfbf593&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
    https://www.group-ib.com/media/gib-report-2020/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=71960&time=1606327316871&url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D71960%26time%3D1606327316871%26url%3Dhttps%253A%252F%252Fwww.group-ib.com%252Fmedia%252Fgib-report-2020%252F%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=71960&time=1606327316871&url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&liSync=true
Request Chain 46
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A780%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A282%3Acn%3A2%3Adp%3A0%3Als%3A0%3Ahid%3A47540071%3Az%3A60%3Ai%3A20201125190156%3Aet%3A1606327317%3Ac%3A1%3Arn%3A14262292%3Arqn%3A1%3Au%3A16063273171014210371%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1606327315886%3Ads%3A11%2C63%2C201%2C2%2C209%2C0%2C%2C358%2C2%2C%2C%2C%2C849%3Adsn%3A11%2C64%2C201%2C1%2C209%2C0%2C%2C362%2C2%2C%2C%2C%2C850%3Ati%3A1%3Ast%3A1606327317 HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A780%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A282%3Acn%3A2%3Adp%3A0%3Als%3A0%3Ahid%3A47540071%3Az%3A60%3Ai%3A20201125190156%3Aet%3A1606327317%3Ac%3A1%3Arn%3A14262292%3Arqn%3A1%3Au%3A16063273171014210371%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1606327315886%3Ads%3A11%2C63%2C201%2C2%2C209%2C0%2C%2C358%2C2%2C%2C%2C%2C849%3Adsn%3A11%2C64%2C201%2C1%2C209%2C0%2C%2C362%2C2%2C%2C%2C%2C850%3Ati%3A1%3Ast%3A1606327317
Request Chain 65
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9103.deR3axWI8hdMlLYt1ycDIwHi33gL7GNVj5_w-X_Mo-wNPxZNsez4yM_yoR2Dep3S.gsIB6_cRu87jReRGrvq3tIadJTc%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9103.eoxbJOHdVSmwn6GK9f7CzHyIqVr6UBCWNl9udeWF9-WME9zHGB1GVr9zXHkLeVYkaewzP-b2DIE_5brGp5jWtcFQjqQVyx64a5IAsPsksh4%2C.4jNCKPe6DY6g1JaIKUMl2Hw6J1E%2C
Request Chain 109
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html

103 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VWv-KC1dWnlfW66SH8c5dhFz5W8wLjj94jRGkDN3X6VGh2-GZwV1-WJV7CgVykW1xtm4D6by3Q3W6WpqYQ5sCs7jW4vyj9P4xMcWfVK270y3J6x3kW2x4dKp6_Ww1rW7RPvCY128P-bW8FsZ3s72GhHZW8x1P_72xDCSxN53ThmrRyhtPW8wqsML8Jl_gYW9m57g-...
hubspot.fedscoop.com/e2t/tc/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hubspot.fedscoop.com/e2t/tc/VWv-KC1dWnlfW66SH8c5dhFz5W8wLjj94jRGkDN3X6VGh2-GZwV1-WJV7CgVykW1xtm4D6by3Q3W6WpqYQ5sCs7jW4vyj9P4xMcWfVK270y3J6x3kW2x4dKp6_Ww1rW7RPvCY128P-bW8FsZ3s72GhHZW8x1P_72xDCSxN53ThmrRyhtPW8wqsML8Jl_gYW9m57g-3q1rLNW4_fzgs5RsV2yW63zF_V57ZcV5N1kRdSbM1RQXW5_4KVn3YsP9BW442KNz6LY7SG3qdm1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.31 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., GB),
Reverse DNS
Software
cloudflare /
Resource Hash
bf0000f37a73211832cf330d9c56e6db977a8ab6790418e6cb908431a9aa47e0

Request headers

:method
GET
:authority
hubspot.fedscoop.com
:scheme
https
:path
/e2t/tc/VWv-KC1dWnlfW66SH8c5dhFz5W8wLjj94jRGkDN3X6VGh2-GZwV1-WJV7CgVykW1xtm4D6by3Q3W6WpqYQ5sCs7jW4vyj9P4xMcWfVK270y3J6x3kW2x4dKp6_Ww1rW7RPvCY128P-bW8FsZ3s72GhHZW8x1P_72xDCSxN53ThmrRyhtPW8wqsML8Jl_gYW9m57g-3q1rLNW4_fzgs5RsV2yW63zF_V57ZcV5N1kRdSbM1RQXW5_4KVn3YsP9BW442KNz6LY7SG3qdm1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:55 GMT
content-type
text/html;charset=utf-8
set-cookie
__cfduid=de56510c1b2adabd006351c7ef5c54d9c1606327315; expires=Fri, 25-Dec-20 18:01:55 GMT; path=/; domain=.hubspot.fedscoop.com; HttpOnly; SameSite=Lax __cfruid=28ee9224534dc667c7ec8469cb53733de6deb4f5-1606327315; path=/; domain=.hubspot.fedscoop.com; HttpOnly; Secure; SameSite=None
cf-ray
5f7d471bad9832aa-CDG
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
06a22ac547000032aa598c1000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
server
cloudflare
content-encoding
br
Primary Request Cookie set /
www.group-ib.com/media/gib-report-2020/
Redirect Chain
  • https://hubspot.fedscoop.com/events/public/v1/track/tc/VWv-KC1dWnlfW66SH8c5dhFz5W8wLjj94jRGkDN3X6VGh2-GZwV1-WJV7CgVykW1xtm4D6by3Q3W6WpqYQ5sCs7jW4vyj9P4xMcWfVK270y3J6x3kW2x4dKp6_Ww1rW7RPvCY128P-bW8F...
  • https://www.group-ib.com/media/gib-report-2020/
46 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/media/gib-report-2020/
Requested by
Host: hubspot.fedscoop.com
URL: https://hubspot.fedscoop.com/e2t/tc/VWv-KC1dWnlfW66SH8c5dhFz5W8wLjj94jRGkDN3X6VGh2-GZwV1-WJV7CgVykW1xtm4D6by3Q3W6WpqYQ5sCs7jW4vyj9P4xMcWfVK270y3J6x3kW2x4dKp6_Ww1rW7RPvCY128P-bW8FsZ3s72GhHZW8x1P_72xDCSxN53ThmrRyhtPW8wqsML8Jl_gYW9m57g-3q1rLNW4_fzgs5RsV2yW63zF_V57ZcV5N1kRdSbM1RQXW5_4KVn3YsP9BW442KNz6LY7SG3qdm1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
b8604bd5c7e49a84eed6c9fab81f966e85556c8eaf806005bce35d84cc8de640
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Host
www.group-ib.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://hubspot.fedscoop.com/e2t/tc/VWv-KC1dWnlfW66SH8c5dhFz5W8wLjj94jRGkDN3X6VGh2-GZwV1-WJV7CgVykW1xtm4D6by3Q3W6WpqYQ5sCs7jW4vyj9P4xMcWfVK270y3J6x3kW2x4dKp6_Ww1rW7RPvCY128P-bW8FsZ3s72GhHZW8x1P_72xDCSxN53ThmrRyhtPW8wqsML8Jl_gYW9m57g-3q1rLNW4_fzgs5RsV2yW63zF_V57ZcV5N1kRdSbM1RQXW5_4KVn3YsP9BW442KNz6LY7SG3qdm1

Response headers

Server
QRATOR
Date
Wed, 25 Nov 2020 18:01:56 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=15
Cache-Control
no-store, no-cache, must-revalidate
Content-Encoding
gzip
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Link
<https://www.group-ib.com/media/wp-json/>; rel="https://api.w.org/" <https://www.group-ib.com/media/?p=6807>; rel=shortlink
Pragma
no-cache
Set-Cookie
PHPSESSID=noo6f38o5uko0kim2s6gjudmg3; path=/
Strict-Transport-Security
max-age=15724800; includeSubDomains

Redirect headers

date
Wed, 25 Nov 2020 18:01:56 GMT
location
https://www.group-ib.com/media/gib-report-2020/
cf-ray
5f7d471c5fbc32aa-CDG
link
<https://www.group-ib.com/media/gib-report-2020/>; rel="canonical"
vary
Accept-Encoding
cf-cache-status
MISS
access-control-allow-credentials
false
cf-request-id
06a22ac5b7000032aa5481a000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy
no-referrer
x-robots-tag
none
server
cloudflare
share.js
vk.com/js/api/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/share.js?93
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
Software
kittenx /
Resource Hash
0b28a2aa8ae2cc469fc77cde60ed83fd6176df58e4d15558e5dbbf690e8dedd8

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:56 GMT
content-encoding
gzip
x-frontend
front512004
last-modified
Tue, 22 Sep 2020 20:30:00 GMT
server
kittenx
etag
"5f6a5ec8-dce"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
3534
expires
Sun, 29 Nov 2020 18:01:56 GMT
all-e0df8e6d.css
www.group-ib.com/stylesheets/ 		1 MB
206 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/stylesheets/all-e0df8e6d.css?ver=4.7.6
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
cc2d91f3eaa2c1037b18d840715213dbb5104b015b8f9c04f0189358d12d3622
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Nov 2020 20:53:58 GMT
Server
QRATOR
Etag
W/"5fb2e6e6-11fe0b"
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/css
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15724800; includeSubDomains
Keep-Alive
timeout=15
Expires
Wed, 02 Dec 2020 18:01:56 GMT
style.css
www.group-ib.com/media/wp-content/themes/gib/ 		899 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/media/wp-content/themes/gib/style.css?ver=4.7.6
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
95e20d6a24cc4fcf6e88ce4d1bea86310f2716a0192c6b143ae5657a3fcaa886
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:56 GMT
Vary
Accept-Encoding
Last-Modified
Mon, 15 Apr 2019 12:35:22 GMT
Server
QRATOR
Etag
"5cb47a8a-383"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
text/css
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
899
Expires
Wed, 02 Dec 2020 18:01:56 GMT
jquery-96f076a3.js
www.group-ib.com/javascripts/ 		85 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/javascripts/jquery-96f076a3.js?ver=4.7.6
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
fe9a7ca1e475140e6b37fbc86a5efcd3251be4348137aa07231bd91ee8678b7c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Aug 2020 21:45:03 GMT
Server
QRATOR
Etag
W/"5f3afa5f-1550b"
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15724800; includeSubDomains
Keep-Alive
timeout=15
Expires
Wed, 02 Dec 2020 18:01:56 GMT
jquery-migrate.min.js
www.group-ib.com/media/wp-includes/js/jquery/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/media/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Feb 2017 18:11:26 GMT
Server
QRATOR
Etag
W/"5898bc4e-2748"
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15724800; includeSubDomains
Keep-Alive
timeout=15
Expires
Wed, 02 Dec 2020 18:01:56 GMT
picturefill.min.js
www.group-ib.com/media/wp-content/plugins/wp-retina-2x/js/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/media/wp-content/plugins/wp-retina-2x/js/picturefill.min.js?ver=3.0.1
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
028adedcb988349acdd0154c1db43e1ed2f1ee23271c887ff2f93c4312b78fb2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:56 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Sep 2016 16:53:59 GMT
Server
QRATOR
Etag
W/"57e55e27-2c89"
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15724800; includeSubDomains
Keep-Alive
timeout=15
Expires
Wed, 02 Dec 2020 18:01:56 GMT
in.js
platform.linkedin.com/ 		181 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin.com/in.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F0A) /
Resource Hash
e3b89915f5b07a2494caf04ecb0a5d53a103b3a0a81e1e43d723cd74e76f67e4

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:56 GMT
content-encoding
gzip
x-cdn-client-ip-version
IPV6
x-cdn
ECST
age
3023
x-cache
HIT
x-cdn-proto
HTTP2
content-length
55605
x-li-uuid
XqyxK2/PShbwX+fWOSsAAA==
server
ECAcc (frc/8F0A)
last-modified
Wed, 25 Nov 2020 17:11:33 GMT
x-li-pop
prod-efr5
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
accept-ranges
bytes
x-li-proto
http/1.1
x-li-fabric
prod-lva1
expires
Wed, 25 Nov 2020 18:11:33 GMT
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40E7) /
Resource Hash
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Oct 2020 21:52:09 GMT
Server
ECS (fcn/40E7)
Age
802
Etag
"a671d4d584ef50954e5cebb21da17065+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28698
all-3e59e9cb.js
www.group-ib.com/javascripts/ 		196 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/javascripts/all-3e59e9cb.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
eded72ddc3199149be1270f20297765a9a5f6071eac65a0c86d947035ba4e7ea
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 May 2020 11:44:17 GMT
Server
QRATOR
Etag
W/"5eb3f491-3117b"
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15724800; includeSubDomains
Keep-Alive
timeout=15
Expires
Wed, 02 Dec 2020 18:01:56 GMT
gtm.js
www.googletagmanager.com/ 		152 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PW7265
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a7aa4cbfba80df455a6273f3f7ebcaa904f904640ef4f1d757c45c7bb12032ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51011
x-xss-protection
0
expires
Wed, 25 Nov 2020 18:01:56 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4799bf1148b64180ea42812bba9337bd78d9b907142a0adf82e309ec94238de8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ddS/SELZEqu64CjYpRt6OA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1780
etag
"3c58337c88bcf325564ab87893f9f732"
x-fb-debug
jgY4XFdTKNGJKBCL4VWRnTruHoJg6Noy6RbmX6yqTLVNzHgYqvhrC2vqk4uo9cNn3l7+nxCm8eDkgeC35FhCBw==
x-fb-trip-id
664085054
x-fb-content-md5
2b7f16aa39ebe88fc9f01a1d479beb89
x-frame-options
DENY
date
Wed, 25 Nov 2020 18:01:56 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 25 Nov 2020 18:13:46 GMT
icons.svg
www.group-ib.com/images/ 		387 KB
140 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/images/icons.svg
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
4b9de56ce2f53cfb77829e17f6b7e3b1a27d3ca089cff5c34646ab69eab10aa3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Nov 2020 09:59:37 GMT
Server
QRATOR
Etag
W/"5fbe2b09-60cb4"
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
image/svg+xml
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15724800; includeSubDomains
Keep-Alive
timeout=15
Expires
Wed, 02 Dec 2020 18:01:56 GMT
truncated
/ 		121 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ee338bd03594461a939b661840e43fec02d7345e19e3ad12509c06ba37ad355

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
163cfcbd5a50639aa755d8eabd17f5d736f0d8d5a51989bd0540a05012427c9d

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
main-cover126.jpg
www.group-ib.com/images/covers/ 		219 KB
220 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.group-ib.com/images/covers/main-cover126.jpg
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
9b459480e76b0d675482760b3d9534e849ff58dca908849165a7d8595ad73622
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:56 GMT
Last-Modified
Wed, 25 Nov 2020 14:45:15 GMT
Server
QRATOR
Etag
"5fbe6dfb-36d5a"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
image/jpeg
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
224602
Expires
Wed, 02 Dec 2020 18:01:56 GMT
truncated
/ 		143 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad457d24d3f2048db9c3a15f3f6c129529e4d354c2325b09ad3d8ef5b4da1397

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
SFUIDisplayMedium.woff2
www.group-ib.com/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/fonts/SFUIDisplayMedium.woff2
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
14b2afcf8da0215e557f8695dd0ffeb7af71aea988af0e528e3b0715a907e39b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Origin
https://www.group-ib.com
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:56 GMT
Last-Modified
Mon, 08 Feb 2016 09:30:02 GMT
Server
QRATOR
Etag
"56b8601a-bf44"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/octet-stream
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
48964
Expires
Thu, 25 Nov 2021 18:01:56 GMT
SFUIDisplayLight.woff2
www.group-ib.com/fonts/ 		48 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/fonts/SFUIDisplayLight.woff2
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
68b344470a99a316db16a9e3a89db1a8ec1c5d99162a1dc96f3033241db3d106
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Origin
https://www.group-ib.com
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:56 GMT
Last-Modified
Mon, 08 Feb 2016 09:30:02 GMT
Server
QRATOR
Etag
"56b8601a-c090"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/octet-stream
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
49296
Expires
Thu, 25 Nov 2021 18:01:56 GMT
HelveticaNeueLTW1GLt.woff2
www.group-ib.com/fonts/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/fonts/HelveticaNeueLTW1GLt.woff2
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
396c8d58f2858e194e9d4c4a7fbab20e0017aa3576b2cc93d3beb31ebb0974df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Origin
https://www.group-ib.com
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:56 GMT
Last-Modified
Mon, 08 Feb 2016 09:30:01 GMT
Server
QRATOR
Etag
"56b86019-6938"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/octet-stream
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
26936
Expires
Thu, 25 Nov 2021 18:01:56 GMT
SFUIDisplayThin.woff2
www.group-ib.com/fonts/ 		48 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/fonts/SFUIDisplayThin.woff2
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
a59ad2854b743e12bb04283571254154fecdc226b97b65662670768af88a7491
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Origin
https://www.group-ib.com
Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:56 GMT
Last-Modified
Mon, 08 Feb 2016 09:30:03 GMT
Server
QRATOR
Etag
"56b8601b-c040"
Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Type
application/octet-stream
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=15
Content-Length
49216
Expires
Thu, 25 Nov 2021 18:01:56 GMT
share.php
vk.com/ 		21 B
435 B 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/share.php?act=count&index=0&url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F
Requested by
Host: vk.com
URL: https://vk.com/js/api/share.js?93
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
Software
kittenx / KPHP/7.4.27355
Resource Hash
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:56 GMT
content-encoding
gzip
x-frontend
front512004
server
kittenx
x-powered-by
KPHP/7.4.27355
strict-transport-security
max-age=15768000
content-type
text/html; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
41
like_widget.png
vk.com/images/icons/ 		538 B
793 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/images/icons/like_widget.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.186.225.208 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU),
Reverse DNS
Software
kittenx /
Resource Hash
3795726557f64bf66677a94511e34f7d67dd58c73baef60ddb3f9a0cb8f38c1e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:56 GMT
x-frontend
front512004
last-modified
Tue, 22 Sep 2020 20:29:56 GMT
server
kittenx
etag
"5f6a5ec4-21a"
strict-transport-security
max-age=15768000
content-type
image/png
access-control-expose-headers
X-Frontend
cache-control
max-age=604800
accept-ranges
bytes
content-length
538
expires
Wed, 02 Dec 2020 18:01:56 GMT
truncated
/ 		273 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4bdf008140cb9fb1f8a566f08c41e56801d474a5c4e8745073d5c32bd3b363db

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
sdk.js
connect.facebook.net/ru_RU/ 		195 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/sdk.js?hash=118d9dcb5e21ba0d88956e18eb06fc69&ua=modern_es6
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/javascripts/all-3e59e9cb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2ff7a0eb41c8462ce197a2d18fca55455710b0c15bbb32d4c13ffe92c3d8b7df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.group-ib.com
Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
etPl895TgB2CSj2BttNCWQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
60159
etag
"51fc22e8d2e196538c389281946e2d3a"
x-fb-debug
vYFxr58U2DUkUXV5FtxIWoDk2dI/uGpcT3OmyNF9YVCjWnw9W/LhCorznnJ63DVShPdJHhAdsYZhz1VP0UrE9g==
x-fb-trip-id
664085054
x-fb-content-md5
69382c97ecba4c800657255cdd2d2e46
x-frame-options
DENY
date
Wed, 25 Nov 2020 18:01:56 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Thu, 18 Nov 2021 02:11:51 GMT
forms2.min.js
app-lon09.marketo.com/js/forms2/js/ 		205 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-lon09.marketo.com/js/forms2/js/forms2.min.js
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/javascripts/all-3e59e9cb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.92.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dde2a7cd4331f78a4b35dca9aa2e716fc3d0c83ba0f855f0812cbfae4a27a805
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Mon, 12 Oct 2020 17:13:35 GMT
server
cloudflare
age
3741
etag
"24267a-33245-5b17c6b21edc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
cf-ray
5f7d47228924edb3-CDG
cf-request-id
06a22ac9970000edb3981dc000000001
expires
Wed, 25 Nov 2020 22:01:56 GMT
widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame 6931 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.group-ib.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40B4) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.group-ib.com/media/gib-report-2020/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.group-ib.com/media/gib-report-2020/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Age
86302
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 25 Nov 2020 18:01:56 GMT
Etag
"9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified
Thu, 01 Oct 2020 21:50:01 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40B4)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
5825
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PW7265
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
752
date
Wed, 25 Nov 2020 17:49:24 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Wed, 25 Nov 2020 19:49:24 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		965 B
761 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PW7265
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Sep 2020 22:01:48 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=20102
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
448
watch.js
www.group-ib.com/javascripts/ 		116 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/javascripts/watch.js
Requested by
Host: hubspot.fedscoop.com
URL: https://hubspot.fedscoop.com/e2t/tc/VWv-KC1dWnlfW66SH8c5dhFz5W8wLjj94jRGkDN3X6VGh2-GZwV1-WJV7CgVykW1xtm4D6by3Q3W6WpqYQ5sCs7jW4vyj9P4xMcWfVK270y3J6x3kW2x4dKp6_Ww1rW7RPvCY128P-bW8FsZ3s72GhHZW8x1P_72xDCSxN53ThmrRyhtPW8wqsML8Jl_gYW9m57g-3q1rLNW4_fzgs5RsV2yW63zF_V57ZcV5N1kRdSbM1RQXW5_4KVn3YsP9BW442KNz6LY7SG3qdm1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
a3d540bcf52bc00d9470eb0c36ab43c540627263bce11720ad2a6c1bb25cf8fe
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:56 GMT
Content-Encoding
gzip
Last-Modified
Sat, 21 Nov 2020 18:08:42 GMT
Server
QRATOR
Etag
W/"5fb957aa-1cf11"
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15724800; includeSubDomains
Keep-Alive
timeout=15
Expires
Wed, 02 Dec 2020 18:01:56 GMT
fbevents.js
connect.facebook.net/en_US/ 		89 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: hubspot.fedscoop.com
URL: https://hubspot.fedscoop.com/e2t/tc/VWv-KC1dWnlfW66SH8c5dhFz5W8wLjj94jRGkDN3X6VGh2-GZwV1-WJV7CgVykW1xtm4D6by3Q3W6WpqYQ5sCs7jW4vyj9P4xMcWfVK270y3J6x3kW2x4dKp6_Ww1rW7RPvCY128P-bW8FsZ3s72GhHZW8x1P_72xDCSxN53ThmrRyhtPW8wqsML8Jl_gYW9m57g-3q1rLNW4_fzgs5RsV2yW63zF_V57ZcV5N1kRdSbM1RQXW5_4KVn3YsP9BW442KNz6LY7SG3qdm1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23320
x-xss-protection
0
pragma
public
x-fb-debug
HwV2mAnyjtQNBapTYRdpqqyaD1AetOioJTjAamDPoq2/DElYj6Vjd/eNg8c5vAtxo4iTGPo6fYdVxMK2pphSuQ==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 25 Nov 2020 18:01:56 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
munchkin.js
munchkin.marketo.net/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/munchkin.js
Requested by
Host: hubspot.fedscoop.com
URL: https://hubspot.fedscoop.com/e2t/tc/VWv-KC1dWnlfW66SH8c5dhFz5W8wLjj94jRGkDN3X6VGh2-GZwV1-WJV7CgVykW1xtm4D6by3Q3W6WpqYQ5sCs7jW4vyj9P4xMcWfVK270y3J6x3kW2x4dKp6_Ww1rW7RPvCY128P-bW8FsZ3s72GhHZW8x1P_72xDCSxN53ThmrRyhtPW8wqsML8Jl_gYW9m57g-3q1rLNW4_fzgs5RsV2yW63zF_V57ZcV5N1kRdSbM1RQXW5_4KVn3YsP9BW442KNz6LY7SG3qdm1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-95-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Aug 2020 03:11:00 GMT
Server
AkamaiNetStorage
ETag
"a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
752
main_26755_76942213_449_1578.js
www.group-ib.com/ 		234 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.group-ib.com/main_26755_76942213_449_1578.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PW7265
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.248.235.63 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software
QRATOR /
Resource Hash
ca0e3beb032aacff54341082165a5d660ce9a87ffe5a97c731ab624783289842
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:56 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Nov 2020 15:24:35 GMT
Server
QRATOR
Etag
W/"5fa024b3-3a86b"
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
Cache-Control
max-age=604800
Strict-Transport-Security
max-age=15724800; includeSubDomains
Keep-Alive
timeout=15
Expires
Wed, 02 Dec 2020 18:01:56 GMT
moment~timeline~tweet.ae149926685a43cb146e35371430188e.js
platform.twitter.com/js/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/moment~timeline~tweet.ae149926685a43cb146e35371430188e.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/418E) /
Resource Hash
a22958981751f2a55d6622e5abfaa5918fb411eb01bc5d9b446c081dd7c3d18d

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Oct 2020 21:49:52 GMT
Server
ECS (fcn/418E)
Age
86304
Etag
"e124818066aeec3e87b656a0a1df57e4+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
7650
timeline.687eed636a16648c9f0b1f72d7fa68bd.js
platform.twitter.com/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/timeline.687eed636a16648c9f0b1f72d7fa68bd.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40E7) /
Resource Hash
2469ab70d8030e7579c18bf90247092020fc57e16e60a1212d591a9399bad33a

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Oct 2020 21:49:52 GMT
Server
ECS (fcn/40E7)
Age
86302
Etag
"4802138c5d5b0d168458837da333276e+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
6648
button.63c51c903061d0dbd843c41e8a00aa5a.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.63c51c903061d0dbd843c41e8a00aa5a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40E7) /
Resource Hash
e0a70c5d116d9c823c7d7958ecea2a7926315fac156e390bd7dc8a5fa088cdc3

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Oct 2020 21:49:51 GMT
Server
ECS (fcn/40E7)
Age
86303
Etag
"62d4b0301f07768d13f3ee5de8633739+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2294
insight.beta.min.js
snap.licdn.com/li.lms-analytics/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Sep 2020 22:01:48 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=43789
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1799
collect
stats.g.doubleclick.net/j/ 		4 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-25492706-2&cid=887843919.1606327317&jid=1714211942&gjid=2104275674&_gid=593631676.1606327317&_u=YGBAgAADQAAAAE~&z=2096371918
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 25 Nov 2020 18:01:56 GMT
content-type
text/plain
access-control-allow-origin
https://www.group-ib.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		84 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-W6XV92M&t=gtm3&cid=887843919.1606327317
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cbab00d34dce6e445f4b930ae52e09d864d95ad8fa7ef50a3fa1f7adbd4274a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:56 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34201
x-xss-protection
0
expires
Wed, 25 Nov 2020 18:01:56 GMT
collect
www.google-analytics.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=1994197954&t=pageview&_s=1&dl=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&ul=en-us&de=UTF-8&dt=Group-IB%20reveals%20its%20cyberthreat%20forecast%20for%20the%20coming%20year%20%E2%80%93%20Global%20Cyber%20Security%20Company%20%E2%80%93%20Group-IB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAADQ~&jid=1714211942&gjid=2104275674&cid=887843919.1606327317&tid=UA-25492706-2&_gid=593631676.1606327317&gtm=2wgb41PW7265&cg1=COM%3A%20Blog%20and%20Media&cd1=887843919.1606327317&z=2006480657
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Nov 2020 09:04:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
32239
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
2069478869985463
connect.facebook.net/signals/config/ 		238 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2069478869985463?v=2.9.29&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e5ab88bf9c41e5fb24ce3ba38f812f90007bd11eeaf77fcf2f14f162d7da6d6a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
ASUpW47xw+jRrMenRbwEtMidiSty/ENHA1x6vGkWbAFVYh4oRBaySpYzO/6MgeSVjIQyYStLoU10YM1UQcbROA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 25 Nov 2020 18:01:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
836970913
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-25492706-2&cid=887843919.1606327317&jid=1714211942&_u=YGBAgAADQAAAAE~&z=1616719555
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Nov 2020 18:01:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-25492706-2&cid=887843919.1606327317&jid=1714211942&_u=YGBAgAADQAAAAE~&z=1616719555
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Nov 2020 18:01:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
profile
cdn.syndication.twimg.com/timeline/ 		148 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_GroupIB_GIB_old&dnt=false&domain=www.group-ib.com&lang=en&screen_name=GroupIB_GIB&suppress_response_codes=true&t=1784808&tz=GMT%2B0100&with_replies=false
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f /
Resource Hash
6c62dc75f2537d76b680e4ad04cd7fa384d1e0914ddb69444a03711eb92df4a3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-disposition
attachment; filename=jsonp.jsonp
access-control-allow-methods
GET
content-length
11796
x-xss-protection
0
access-contol-allow-origin
platform.twitter.com
x-response-time
223
last-modified
Wed, 25 Nov 2020 18:01:57 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
application/javascript;charset=utf-8
cache-control
must-revalidate, max-age=300
x-connection-hash
19518f47db12373f63a60ca5b53f7b94
timing-allow-origin
*
x-transaction
00e0124500bf5a82
expires
Wed, 25 Nov 2020 18:06:57 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=71960&time=1606327316871&url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D71960%26time%3D1606327316871%26url%3Dhttps%253A%252F%252Fwww.group-ib.com%252Fmed...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=71960&time=1606327316871&url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&liSync=true
0
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=71960&time=1606327316871&url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&liSync=true
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server
Play
linkedin-action
1
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
0
x-li-uuid
rnlNOS/SShZg2bUNmysAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
linkedin-action
1
content-length
0
x-li-uuid
ZihAMi/SShaAN48BVSsAAA==
pragma
no-cache
x-li-pop
afd-prod-lor1
x-msedge-ref
Ref A: FB30A142A3034CE7BF0D68E1A68856B6 Ref B: FRAEDGE0922 Ref C: 2020-11-25T18:01:57Z
x-frame-options
sameorigin
date
Wed, 25 Nov 2020 18:01:57 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=2592000
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=71960&time=1606327316871&url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
platform.twitter.com/widgets/ Frame 7A2A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.96fd96193cc66c3e11d4c5e4c7c7ec97.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40E7) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.group-ib.com/media/gib-report-2020/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.group-ib.com/media/gib-report-2020/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
86303
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 25 Nov 2020 18:01:56 GMT
Etag
"076dccdedb34f3771be52190b917884e+gzip"
Last-Modified
Thu, 01 Oct 2020 21:49:58 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40E7)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12263
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A780%3A...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A780%3...
35 B
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A780%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A282%3Acn%3A2%3Adp%3A0%3Als%3A0%3Ahid%3A47540071%3Az%3A60%3Ai%3A20201125190156%3Aet%3A1606327317%3Ac%3A1%3Arn%3A14262292%3Arqn%3A1%3Au%3A16063273171014210371%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1606327315886%3Ads%3A11%2C63%2C201%2C2%2C209%2C0%2C%2C358%2C2%2C%2C%2C%2C849%3Adsn%3A11%2C64%2C201%2C1%2C209%2C0%2C%2C362%2C2%2C%2C%2C%2C850%3Ati%3A1%3Ast%3A1606327317
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
last-modified
Wed, 25-Nov-2020 18:01:57 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.group-ib.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
35
x-xss-protection
1; mode=block
expires
Wed, 25-Nov-2020 18:01:57 GMT

Redirect headers

pragma
no-cache
date
Wed, 25 Nov 2020 18:01:57 GMT
last-modified
Wed, 25-Nov-2020 18:01:57 GMT
location
/watch/3/1?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A780%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A282%3Acn%3A2%3Adp%3A0%3Als%3A0%3Ahid%3A47540071%3Az%3A60%3Ai%3A20201125190156%3Aet%3A1606327317%3Ac%3A1%3Arn%3A14262292%3Arqn%3A1%3Au%3A16063273171014210371%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1606327315886%3Ads%3A11%2C63%2C201%2C2%2C209%2C0%2C%2C358%2C2%2C%2C%2C%2C849%3Adsn%3A11%2C64%2C201%2C1%2C209%2C0%2C%2C362%2C2%2C%2C%2C%2C850%3Ati%3A1%3Ast%3A1606327317
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.group-ib.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Wed, 25-Nov-2020 18:01:57 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
last-modified
Wed, 25 Nov 2020 17:45:12 GMT
etag
"5fbe2e7b-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 25 Nov 2020 19:01:57 GMT
munchkin.js
munchkin.marketo.net/159/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/159/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a104-109-95-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:56 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 May 2020 02:24:14 GMT
Server
AkamaiNetStorage
ETag
"79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
4810
Expires
Fri, 05 Mar 2021 18:01:56 GMT
Cookie set id.html
ru.id.group-ib.com/ Frame E68A 		598 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ru.id.group-ib.com/id.html
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/main_26755_76942213_449_1578.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.17.9.182 Moscow, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
2fb27837b6857db3401d724ba8f93934c633e44dcfaa837c68290058c9554fdc

Request headers

Host
ru.id.group-ib.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.group-ib.com/media/gib-report-2020/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
bpmRef=; bpmHref=https://www.group-ib.com/media/gib-report-2020/; bpmTrackingId=be7f700f-bcf0-2a76-94f1-98dbb4841fd8; _ga=GA1.2.887843919.1606327317; _gid=GA1.2.593631676.1606327317; _dc_gtm_UA-25492706-2=1; _ym_uid=16063273171014210371; _ym_d=1606327317
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.group-ib.com/media/gib-report-2020/

Response headers

Server
nginx
Date
Wed, 25 Nov 2020 18:01:57 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-cache
Etag
W/"hgFH-7QTZYOHWsS0i1V0dsJ-Hq6w6sJFMo2TgM0PhmM0wLTLEkozbfzXSIjZW-IGPBeC5OVHwSbAYWnVnxDKTBLYqc-CC3nk6GmLfYYdG9g2pdCVlZ8LLzz3pSHp"
Set-Cookie
gcfids=hgFH-7QTZYOHWsS0i1V0dsJ-Hq6w6sJFMo2TgM0PhmM0wLTLEkozbfzXSIjZW-IGPBeC5OVHwSbAYWnVnxDKTBLYqc-CC3nk6GmLfYYdG9g2pdCVlZ8LLzz3pSHp; Path=/; Domain=id.group-ib.com; Expires=Thu, 25 Nov 2021 18:01:57 GMT; Secure; SameSite=None
Content-Encoding
gzip
idgib-w-group-ib
sbbe.group-ib.ru/api/fl/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://sbbe.group-ib.ru/api/fl/idgib-w-group-ib
Protocol
HTTP/1.1
Server
178.132.201.236 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-cfids
Origin
https://www.group-ib.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Date
Wed, 25 Nov 2020 18:01:57 GMT
Content-Type
text/plain
Content-Length
0
Connection
close
Access-Control-Allow-Origin
https://www.group-ib.com
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
Accept,DNT,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Origin,ETag,If-None-Match,X-Cfids
idgib-w-group-ib
sbbe.group-ib.ru/api/fl/ 		205 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sbbe.group-ib.ru/api/fl/idgib-w-group-ib
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/main_26755_76942213_449_1578.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.132.201.236 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
bcb2244f3103cc3b82775c8c9481e78ce471b781a4da196cb58046af76d6cd52

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
x-cfids
-

Response headers

Date
Wed, 25 Nov 2020 18:01:57 GMT
Content-Encoding
gzip
Server
nginx
Etag
W/"9vaQRGkpCvpCLFvLqTTP8X8l1nlLn1HE4Lya3/K6D/XRrNbjia5OGoMzw13mExuuH1dqcIV9ea0DwRh9RNfSg/OL0HE7HemqHTmwwyeCaQQ0secCyMzj/u4xBgqy2k8YHkzQwNcTmLSJhkDMtOv6PMNV"
Vary
Accept-Encoding, Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://www.group-ib.com
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
close
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept,DNT,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Origin,ETag,If-None-Match,X-Cfids
visitWebPage
689-lre-818.mktoresp.com/webevents/ 		2 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://689-lre-818.mktoresp.com/webevents/visitWebPage?_mchNc=1606327317178&_mchCn=&_mchId=689-LRE-818&_mchTk=_mch-group-ib.com-1606327317178-56554&_mchHo=www.group-ib.com&_mchPo=&_mchRu=%2Fmedia%2Fgib-report-2020%2F&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/main_26755_76942213_449_1578.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.213.193.62 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:57 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
X-Request-Id
eadd37be-f1d4-4ef7-9c64-40ba2f22cc60
pcyHXMdM
pbs.twimg.com/card_img/1331633082684887040/ Frame CEF6 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331633082684887040/pcyHXMdM?format=jpg&name=600x314
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40EB) /
Resource Hash
4bdf9be793229209430b0d3aac7ecf804e8bf65e40c5e845387c63ae9073e58c
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
5938
x-cache
HIT
content-length
22388
x-response-time
153
surrogate-key
card_img card_img/bucket/9 card_img/1331633082684887040
last-modified
Wed, 25 Nov 2020 16:15:22 GMT
server
ECS (fcn/40EB)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
b55ee6c1725e63ea40100001dfc2840e
accept-ranges
bytes
33-20e3.png
abs.twimg.com/emoji/v2/72x72/ Frame CEF6 		546 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/33-20e3.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F0A) /
Resource Hash
4ed5ae53456d55cc365d347c56a9296e8fb677e9d28a489204bc206b821d553f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
9070593
x-ton-expected-size
546
x-cache
HIT
content-length
546
x-response-time
12
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:30:44 GMT
server
ECAcc (frc/8F0A)
etag
"rhyQaw3vYbRqfZmOnRB2Aw=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
9fef9e508d7181fe243fb9dcad2b7b15
accept-ranges
bytes
expires
Thu, 25 Nov 2021 18:01:57 GMT
MR-k5bw6
pbs.twimg.com/card_img/1331606359629049856/ Frame CEF6 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331606359629049856/MR-k5bw6?format=jpg&name=600x314
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40F7) /
Resource Hash
76b58d4dfb551f4b8987d5deb3b0438c7a27fae9d020b924c96db8314560aea9
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
12617
x-cache
HIT
content-length
55301
x-response-time
190
surrogate-key
card_img card_img/bucket/8 card_img/1331606359629049856
last-modified
Wed, 25 Nov 2020 14:29:10 GMT
server
ECS (fcn/40F7)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
1dbfdf3fb6e0d6ce74bc7a61f0404d03
accept-ranges
bytes
1f53d.png
abs.twimg.com/emoji/v2/72x72/ Frame CEF6 		367 B
509 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f53d.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F21) /
Resource Hash
b1a70b88b8e804f974e49f25a9a77cb06938ada16b3cb8d69721fbae77091add
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
9070587
x-ton-expected-size
367
x-cache
HIT
content-length
367
x-response-time
13
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:30:26 GMT
server
ECAcc (frc/8F21)
etag
"2K3dLw1z6lsRyi05BpUoKw=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
30148c21f6823e890b839378bc0af07c
accept-ranges
bytes
expires
Thu, 25 Nov 2021 18:01:57 GMT
HRVaYj87
pbs.twimg.com/card_img/1331504616907943944/ Frame CEF6 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331504616907943944/HRVaYj87?format=jpg&name=144x144_2
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40EB) /
Resource Hash
764cb9ee5ec87067ed22a08d0d1688546abc6eb1efc6cf816c0cdd2865371d33
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
24278
x-cache
HIT
content-length
6029
x-response-time
137
surrogate-key
card_img card_img/bucket/1 card_img/1331504616907943944
last-modified
Wed, 25 Nov 2020 07:44:53 GMT
server
ECS (fcn/40EB)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
b56a5616d824bd1709490c06f9e7ce05
accept-ranges
bytes
GsrKwD6s
pbs.twimg.com/card_img/1331600680285564928/ Frame CEF6 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331600680285564928/GsrKwD6s?format=jpg&name=280x280
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40D0) /
Resource Hash
7c3a49cd0ba5e1e990db284ef3ddeb1a7ddbda60383ae5ec58b61d8f4b69198e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
13974
x-cache
HIT
content-length
11663
x-response-time
146
surrogate-key
card_img card_img/bucket/9 card_img/1331600680285564928
last-modified
Wed, 25 Nov 2020 14:06:36 GMT
server
ECS (fcn/40D0)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
84e501036b297da910d071eadcdd0e73
accept-ranges
bytes
Os-O8ZiR
pbs.twimg.com/card_img/1331539263331078154/ Frame CEF6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331539263331078154/Os-O8ZiR?format=png&name=144x144_2
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40FC) /
Resource Hash
7ed0024999a8771f7887d341f39d47ce56a124fe0de9c233fa749f1e137025c2
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
28442
x-cache
HIT
content-length
2696
x-response-time
132
surrogate-key
card_img card_img/bucket/6 card_img/1331539263331078154
last-modified
Wed, 25 Nov 2020 10:02:33 GMT
server
ECS (fcn/40FC)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
00e57d55fbb65bfc09279a0e13c5dfde
accept-ranges
bytes
2b07.png
abs.twimg.com/emoji/v2/72x72/ Frame CEF6 		388 B
533 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/2b07.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F53) /
Resource Hash
11fc3f4ae99586ae01aec05dcf1954dc95024f8d63776d220a3b0187873e6eb0
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
12720683
x-ton-expected-size
388
x-cache
HIT
content-length
388
x-response-time
11
surrogate-key
twitter-assets
last-modified
Thu, 16 Apr 2020 17:04:17 GMT
server
ECAcc (frc/8F53)
etag
"SALAWUsBYUywup5sSvc+YQ=="
strict-transport-security
max-age=631138519
content-type
image/png
access-control-allow-origin
*
x-connection-hash
519d9c76a258adffbd641a83d7c0abf4
accept-ranges
bytes
expires
Thu, 25 Nov 2021 18:01:57 GMT
545899479446758
connect.facebook.net/signals/config/ 		239 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/545899479446758?v=2.9.29&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
65579b2f0b8b8ad97c53d391e1326e506adda47662d2318218ca7ceff95f859d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
70275
x-xss-protection
0
pragma
public
x-fb-debug
9h/HLAvzyZm7X5cCukCF/A9TL1b+RSXwsvZFBCPdyCmr0UlIJOay1lFFjHCzbDecrYVYvvQzTQImHndUx7BtLA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 25 Nov 2020 18:01:57 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
205006343
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2069478869985463&ev=PageView&dl=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&rl=&if=false&ts=1606327317212&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1606327317211.1368578567&it=1606327316848&coo=false&rqm=GET
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 25 Nov 2020 18:01:57 GMT
timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ Frame CEF6 		53 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4195) /
Resource Hash
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Oct 2020 21:49:48 GMT
Server
ECS (fcn/4195)
Age
86305
Etag
"fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Content-Length
12144
timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
platform.twitter.com/css/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4195) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 25 Nov 2020 18:01:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Oct 2020 21:49:48 GMT
Server
ECS (fcn/4195)
Age
86305
Etag
"fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
text/css; charset=utf-8
Content-Length
12144
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9103.deR3axWI8hdMlLYt1ycDIwHi33gL7GNVj5_w-X_Mo-wNPxZNsez4yM_yoR2Dep3S.gsIB6_cRu87jReRGrvq3tIadJTc%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9103.eoxbJOHdVSmwn6GK9f7CzHyIqVr6UBCWNl9udeWF9-WME9zHGB1GVr9zXHkLeVYkaewzP-b2DIE_5brGp5jWtcFQjqQVyx64a5IAsPsksh4%2C.4jNCKPe6DY6g1JaIKUMl2Hw6J1E%2C
43 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9103.eoxbJOHdVSmwn6GK9f7CzHyIqVr6UBCWNl9udeWF9-WME9zHGB1GVr9zXHkLeVYkaewzP-b2DIE_5brGp5jWtcFQjqQVyx64a5IAsPsksh4%2C.4jNCKPe6DY6g1JaIKUMl2Hw6J1E%2C
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9103.eoxbJOHdVSmwn6GK9f7CzHyIqVr6UBCWNl9udeWF9-WME9zHGB1GVr9zXHkLeVYkaewzP-b2DIE_5brGp5jWtcFQjqQVyx64a5IAsPsksh4%2C.4jNCKPe6DY6g1JaIKUMl2Hw6J1E%2C
date
Wed, 25 Nov 2020 18:01:57 GMT
strict-transport-security
max-age=31536000
content-length
0
x-xss-protection
1; mode=block
pcyHXMdM
pbs.twimg.com/card_img/1331633082684887040/ Frame CEF6 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331633082684887040/pcyHXMdM?format=jpg&name=600x314
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ae149926685a43cb146e35371430188e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40EB) /
Resource Hash
4bdf9be793229209430b0d3aac7ecf804e8bf65e40c5e845387c63ae9073e58c
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
5938
x-cache
HIT
content-length
22388
x-response-time
153
surrogate-key
card_img card_img/bucket/9 card_img/1331633082684887040
last-modified
Wed, 25 Nov 2020 16:15:22 GMT
server
ECS (fcn/40EB)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
b55ee6c1725e63ea40100001dfc2840e
accept-ranges
bytes
MR-k5bw6
pbs.twimg.com/card_img/1331606359629049856/ Frame CEF6 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331606359629049856/MR-k5bw6?format=jpg&name=600x314
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ae149926685a43cb146e35371430188e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40F7) /
Resource Hash
76b58d4dfb551f4b8987d5deb3b0438c7a27fae9d020b924c96db8314560aea9
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
12617
x-cache
HIT
content-length
55301
x-response-time
190
surrogate-key
card_img card_img/bucket/8 card_img/1331606359629049856
last-modified
Wed, 25 Nov 2020 14:29:10 GMT
server
ECS (fcn/40F7)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
1dbfdf3fb6e0d6ce74bc7a61f0404d03
accept-ranges
bytes
HRVaYj87
pbs.twimg.com/card_img/1331504616907943944/ Frame CEF6 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331504616907943944/HRVaYj87?format=jpg&name=144x144_2
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ae149926685a43cb146e35371430188e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40EB) /
Resource Hash
764cb9ee5ec87067ed22a08d0d1688546abc6eb1efc6cf816c0cdd2865371d33
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
24278
x-cache
HIT
content-length
6029
x-response-time
137
surrogate-key
card_img card_img/bucket/1 card_img/1331504616907943944
last-modified
Wed, 25 Nov 2020 07:44:53 GMT
server
ECS (fcn/40EB)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
b56a5616d824bd1709490c06f9e7ce05
accept-ranges
bytes
GsrKwD6s
pbs.twimg.com/card_img/1331600680285564928/ Frame CEF6 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331600680285564928/GsrKwD6s?format=jpg&name=280x280
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ae149926685a43cb146e35371430188e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40D0) /
Resource Hash
7c3a49cd0ba5e1e990db284ef3ddeb1a7ddbda60383ae5ec58b61d8f4b69198e
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
13974
x-cache
HIT
content-length
11663
x-response-time
146
surrogate-key
card_img card_img/bucket/9 card_img/1331600680285564928
last-modified
Wed, 25 Nov 2020 14:06:36 GMT
server
ECS (fcn/40D0)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
84e501036b297da910d071eadcdd0e73
accept-ranges
bytes
Os-O8ZiR
pbs.twimg.com/card_img/1331539263331078154/ Frame CEF6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331539263331078154/Os-O8ZiR?format=png&name=144x144_2
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/js/moment~timeline~tweet.ae149926685a43cb146e35371430188e.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40FC) /
Resource Hash
7ed0024999a8771f7887d341f39d47ce56a124fe0de9c233fa749f1e137025c2
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
28442
x-cache
HIT
content-length
2696
x-response-time
132
surrogate-key
card_img card_img/bucket/6 card_img/1331539263331078154
last-modified
Wed, 25 Nov 2020 10:02:33 GMT
server
ECS (fcn/40FC)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
00e57d55fbb65bfc09279a0e13c5dfde
accept-ranges
bytes
PhjI9vq2_normal.jpg
pbs.twimg.com/profile_images/1318237034704719872/ Frame CEF6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1318237034704719872/PhjI9vq2_normal.jpg
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40D1) /
Resource Hash
4cdb19491bc8a38d4f6b45be91e4897cc54cb3942ea6a5ae99d2af2cd54d3138
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
174412
x-cache
HIT
content-length
2263
x-response-time
117
surrogate-key
profile_images profile_images/bucket/1 profile_images/1318237034704719872
last-modified
Mon, 19 Oct 2020 17:04:15 GMT
server
ECS (fcn/40D1)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
549c919ed70c683ca590c05866625348
accept-ranges
bytes
ugonNwz9_normal.png
pbs.twimg.com/profile_images/1119139400988811264/ Frame CEF6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1119139400988811264/ugonNwz9_normal.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/41A2) /
Resource Hash
8f1980b715a96136c4974af52e4690e681329bb92ce80af1f52d1e4aeeeb8f68
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
75396
x-cache
HIT
content-length
3023
x-response-time
119
surrogate-key
profile_images profile_images/bucket/4 profile_images/1119139400988811264
last-modified
Fri, 19 Apr 2019 07:21:20 GMT
server
ECS (fcn/41A2)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
92de6c64cd6e078761a491d6234efd82
accept-ranges
bytes
yOwTDF9G_normal.jpg
pbs.twimg.com/profile_images/1308106203860529152/ Frame CEF6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1308106203860529152/yOwTDF9G_normal.jpg
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40AD) /
Resource Hash
31507f73a2c904e73317979e82c8c4531befda90852ca9681ce9fd0a64f7c3f6
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
172319
x-cache
HIT
content-length
1883
x-response-time
119
surrogate-key
profile_images profile_images/bucket/8 profile_images/1308106203860529152
last-modified
Mon, 21 Sep 2020 18:07:57 GMT
server
ECS (fcn/40AD)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
ebf84fad526820495e52e8603b2da845
accept-ranges
bytes
4ae724ea6ed248d871bc9d523ae1c24e_normal.png
pbs.twimg.com/profile_images/3703513695/ Frame CEF6 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/3703513695/4ae724ea6ed248d871bc9d523ae1c24e_normal.png
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4191) /
Resource Hash
c8d20f2ec4e0562596cd22bc91b00586d7fe77152cbfeb81db48b38274fdaf18
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
27862
x-cache
HIT
content-length
7190
x-response-time
125
surrogate-key
profile_images profile_images/bucket/2 profile_images/3703513695
last-modified
Thu, 04 Nov 2010 01:42:54 GMT
server
ECS (fcn/4191)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
4a7286bfcac75857ea04d911f2d5872d
accept-ranges
bytes
EnrYNrQXMAcrsSB
pbs.twimg.com/media/ Frame CEF6 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/EnrYNrQXMAcrsSB?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/418B) /
Resource Hash
db16c9ed3e4d3740ae92e0df4761e733bf86f44501f77d6866bc1f66d0247cc0
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
10707
x-cache
HIT
content-length
75154
x-response-time
127
surrogate-key
media media/bucket/9 media/1331614369302654983
last-modified
Wed, 25 Nov 2020 15:01:00 GMT
server
ECS (fcn/418B)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
5688c86653c6bb97ec63bb287c2ee954
accept-ranges
bytes
EnrWnhZW8AAn8rm
pbs.twimg.com/media/ Frame CEF6 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/EnrWnhZW8AAn8rm?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/41A7) /
Resource Hash
3af71b5d6657a687e21ee317f55052b8f7b4eb3d6af688911f750bc292e85fa7
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
11105
x-cache
HIT
content-length
31836
x-response-time
120
surrogate-key
media media/bucket/4 media/1331612614309376000
last-modified
Wed, 25 Nov 2020 14:54:02 GMT
server
ECS (fcn/41A7)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
268b0f3792bda56992c55c8efb24bea1
accept-ranges
bytes
EnrU6XjXUAUhtBR
pbs.twimg.com/media/ Frame CEF6 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/EnrU6XjXUAUhtBR?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4185) /
Resource Hash
486215088c2b2b8c4fe720eb678ad73d3f96cd7736226eadd94ce9fbba688438
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
11526
x-cache
HIT
content-length
46092
x-response-time
130
surrogate-key
media media/bucket/4 media/1331610739061248005
last-modified
Wed, 25 Nov 2020 14:46:34 GMT
server
ECS (fcn/4185)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
906c9d976cba2336a0b64cc7117eae9c
accept-ranges
bytes
EnqdxaBW4AAT8rn
pbs.twimg.com/media/ Frame CEF6 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/EnqdxaBW4AAT8rn?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/418B) /
Resource Hash
2ce88a4c132fa899f9ad519e9fec4b46fa5b060fb977451ce535c1cd44e6badd
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
26014
x-cache
HIT
content-length
59317
x-response-time
122
surrogate-key
media media/bucket/7 media/1331550111965569024
last-modified
Wed, 25 Nov 2020 10:45:40 GMT
server
ECS (fcn/418B)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
329c5d2f488cd59d070a9d941d947395
accept-ranges
bytes
Enp4M8mXcAELYN3
pbs.twimg.com/media/ Frame CEF6 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Enp4M8mXcAELYN3?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4193) /
Resource Hash
602e880b343fb1c79ae40912708cdd09282facc224e40a28ffab9c65e1304ed2
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
35852
x-cache
HIT
content-length
41037
x-response-time
121
surrogate-key
media media/bucket/8 media/1331508803662213121
last-modified
Wed, 25 Nov 2020 08:01:31 GMT
server
ECS (fcn/4193)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
bc00466e646e5998aaedb4440887b635
accept-ranges
bytes
Enp0LqkXYAApEXY
pbs.twimg.com/media/ Frame CEF6 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Enp0LqkXYAApEXY?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/41AE) /
Resource Hash
d50052ffc71a6ae9ca82c4075b0247e6c8777b93d14dc9f00da20ae88a4c6b7d
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
36925
x-cache
HIT
content-length
48245
x-response-time
128
surrogate-key
media media/bucket/4 media/1331504383595601920
last-modified
Wed, 25 Nov 2020 07:43:57 GMT
server
ECS (fcn/41AE)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
dc00ed1962efcf0c1a725f2158436084
accept-ranges
bytes
Enpz7QfWMAApSLX
pbs.twimg.com/media/ Frame CEF6 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Enpz7QfWMAApSLX?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/41AA) /
Resource Hash
2681ca9cb433647fe4b52cb847f5b1429af46ef6c49344885e7bd9503513af1b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
36995
x-cache
HIT
content-length
31672
x-response-time
116
surrogate-key
media media/bucket/6 media/1331504101717323776
last-modified
Wed, 25 Nov 2020 07:42:50 GMT
server
ECS (fcn/41AA)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
7af52fc5b3597ad9ff0283b95c7c92cd
accept-ranges
bytes
EnpzpspXMAAQEVG
pbs.twimg.com/media/ Frame CEF6 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/EnpzpspXMAAQEVG?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40EA) /
Resource Hash
9a53ec39604c2dd9a71ccae40d6b605145706d246cb6a56c8458edc04cd7a073
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
37065
x-cache
HIT
content-length
39777
x-response-time
114
surrogate-key
media media/bucket/2 media/1331503800037879808
last-modified
Wed, 25 Nov 2020 07:41:38 GMT
server
ECS (fcn/40EA)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
5e6d7cf6a67bf509be4894c05e7a6fc0
accept-ranges
bytes
Enpy3MfXEAE7Vc4
pbs.twimg.com/media/ Frame CEF6 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Enpy3MfXEAE7Vc4?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4192) /
Resource Hash
85489b6d743b3eb8eaf407d1f53d6e09220a8992ede1027a71c7aecc390059c1
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
37251
x-cache
HIT
content-length
45899
x-response-time
130
surrogate-key
media media/bucket/2 media/1331502932412534785
last-modified
Wed, 25 Nov 2020 07:38:11 GMT
server
ECS (fcn/4192)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
3f0308a6dcf446cfdb1298543816b0b4
accept-ranges
bytes
Enpyoz_XEAEmALG
pbs.twimg.com/media/ Frame CEF6 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Enpyoz_XEAEmALG?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40B6) /
Resource Hash
3a4b2b4b5d39f970e20b721a6744a3ebe517a573422f92a7e1e09d613a86e3a3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
37349
x-cache
HIT
content-length
42645
x-response-time
119
surrogate-key
media media/bucket/4 media/1331502685317697537
last-modified
Wed, 25 Nov 2020 07:37:12 GMT
server
ECS (fcn/40B6)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
a29d39178fa33780b2c177819fa5f609
accept-ranges
bytes
Enpyc6LXEAE5Dtb
pbs.twimg.com/media/ Frame CEF6 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/Enpyc6LXEAE5Dtb?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40E6) /
Resource Hash
07ea5ec32802e3cbaa6e3de28ceff317b02a08f9590bdfddcc6f4c147d951106
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
37389
x-cache
HIT
content-length
54772
x-response-time
130
surrogate-key
media media/bucket/0 media/1331502480820211713
last-modified
Wed, 25 Nov 2020 07:36:24 GMT
server
ECS (fcn/40E6)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
90ef10d0645acabb13c437a7194d38d9
accept-ranges
bytes
EnpyEViXMAEmyQ1
pbs.twimg.com/media/ Frame CEF6 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/EnpyEViXMAEmyQ1?format=jpg&name=small
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4197) /
Resource Hash
c01844f5065f09e3173e5aea1e16252e4373b05c751651908ef272b6bb33fdbc
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
37458
x-cache
HIT
content-length
39635
x-response-time
120
surrogate-key
media media/bucket/2 media/1331502058667716609
last-modified
Wed, 25 Nov 2020 07:34:43 GMT
server
ECS (fcn/4197)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
7058aa73d97f85f76922b40de3c85b57
accept-ranges
bytes
/
www.facebook.com/tr/ 		44 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=545899479446758&ev=PageView&dl=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&rl=&if=false&ts=1606327317253&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1606327317211.1368578567&it=1606327316848&coo=false&rqm=GET
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 25 Nov 2020 18:01:57 GMT
syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ Frame CEF6 		44 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FC6) /
Resource Hash
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
603278
x-ton-expected-size
45170
x-cache
HIT
vary
Accept-Encoding
content-length
6839
x-response-time
8
surrogate-key
tfw
last-modified
Tue, 14 May 2019 18:53:54 GMT
server
ECAcc (frc/8FC6)
etag
"4mhImCFS9rptiUICNnLD1g=="
strict-transport-security
max-age=631138519
content-type
text/css
access-control-allow-origin
*
x-connection-hash
20d7f24a83ba564692ad892413299ad4
accept-ranges
bytes
expires
Wed, 02 Dec 2020 18:01:57 GMT
syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
ton.twimg.com/tfw/css/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FC6) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
603278
x-ton-expected-size
45170
x-cache
HIT
vary
Accept-Encoding
content-length
6839
x-response-time
8
surrogate-key
tfw
last-modified
Tue, 14 May 2019 18:53:54 GMT
server
ECAcc (frc/8FC6)
etag
"4mhImCFS9rptiUICNnLD1g=="
strict-transport-security
max-age=631138519
content-type
text/css
access-control-allow-origin
*
x-connection-hash
20d7f24a83ba564692ad892413299ad4
accept-ranges
bytes
expires
Wed, 02 Dec 2020 18:01:57 GMT
truncated
/ Frame CEF6 		512 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame CEF6 		825 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame CEF6 		572 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame CEF6 		644 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame CEF6 		739 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame CEF6 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ Frame CEF6 		607 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
getForm
app-lon09.marketo.com/index.php/form/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-lon09.marketo.com/index.php/form/getForm?munchkinId=689-LRE-818&form=1673&url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&callback=jQuery1124029940995999553444_1606327317185&_=1606327317186
Requested by
Host: app-lon09.marketo.com
URL: https://app-lon09.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.92.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3db58934d4f73f1b2b99587221a8271b6e1a0a3fa655a2a90f36ad275c30309
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cached
false
strict-transport-security
max-age=63113904
cf-ray
5f7d47259911edb3-CDG
cf-request-id
06a22acb7f0000edb379a08000000001
pcyHXMdM
pbs.twimg.com/card_img/1331633082684887040/ Frame CEF6 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331633082684887040/pcyHXMdM?format=jpg&name=600x314
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40EB) /
Resource Hash
4bdf9be793229209430b0d3aac7ecf804e8bf65e40c5e845387c63ae9073e58c
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
5938
x-cache
HIT
content-length
22388
x-response-time
153
surrogate-key
card_img card_img/bucket/9 card_img/1331633082684887040
last-modified
Wed, 25 Nov 2020 16:15:22 GMT
server
ECS (fcn/40EB)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
b55ee6c1725e63ea40100001dfc2840e
accept-ranges
bytes
MR-k5bw6
pbs.twimg.com/card_img/1331606359629049856/ Frame CEF6 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331606359629049856/MR-k5bw6?format=jpg&name=600x314
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40F7) /
Resource Hash
76b58d4dfb551f4b8987d5deb3b0438c7a27fae9d020b924c96db8314560aea9
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
12617
x-cache
HIT
content-length
55301
x-response-time
190
surrogate-key
card_img card_img/bucket/8 card_img/1331606359629049856
last-modified
Wed, 25 Nov 2020 14:29:10 GMT
server
ECS (fcn/40F7)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
1dbfdf3fb6e0d6ce74bc7a61f0404d03
accept-ranges
bytes
25634039
mc.yandex.ru/watch/ 		167 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/25634039?wmode=7&page-url=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A1oc1oo18ia0xks%3Afp%3A780%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A282%3Acn%3A1%3Adp%3A0%3Als%3A0%3Ahid%3A47540071%3Az%3A60%3Ai%3A20201125190156%3Aet%3A1606327317%3Ac%3A1%3Arn%3A525286801%3Arqn%3A1%3Au%3A16063273171014210371%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1606327315886%3Ads%3A11%2C63%2C201%2C2%2C209%2C0%2C%2C358%2C2%2C%2C%2C%2C849%3Adsn%3A11%2C64%2C201%2C1%2C209%2C0%2C%2C362%2C2%2C%2C%2C%2C850%3Arqnl%3A1%3Aadb%3A2%3App%3A3629563401%3Ati%3A1%3Ast%3A1606327317%3At%3AGroup-IB%20reveals%20its%20cyberthreat%20forecast%20for%20the%20coming%20year%20%E2%80%93%20Global%20Cyber%20Security%20Company%20%E2%80%93%20Group-IB
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/main_26755_76942213_449_1578.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
f10af0f9f1114d7b234cb396a16bd880d455d967020940f4d5aa9175c2b08bf0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
last-modified
Wed, 25-Nov-2020 18:01:57 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.group-ib.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Wed, 25-Nov-2020 18:01:57 GMT
HRVaYj87
pbs.twimg.com/card_img/1331504616907943944/ Frame CEF6 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331504616907943944/HRVaYj87?format=jpg&name=144x144_2
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40EB) /
Resource Hash
764cb9ee5ec87067ed22a08d0d1688546abc6eb1efc6cf816c0cdd2865371d33
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
24278
x-cache
HIT
content-length
6029
x-response-time
137
surrogate-key
card_img card_img/bucket/1 card_img/1331504616907943944
last-modified
Wed, 25 Nov 2020 07:44:53 GMT
server
ECS (fcn/40EB)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
b56a5616d824bd1709490c06f9e7ce05
accept-ranges
bytes
Os-O8ZiR
pbs.twimg.com/card_img/1331539263331078154/ Frame CEF6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/card_img/1331539263331078154/Os-O8ZiR?format=png&name=144x144_2
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40FC) /
Resource Hash
7ed0024999a8771f7887d341f39d47ce56a124fe0de9c233fa749f1e137025c2
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
x-content-type-options
nosniff
age
28442
x-cache
HIT
content-length
2696
x-response-time
132
surrogate-key
card_img card_img/bucket/6 card_img/1331539263331078154
last-modified
Wed, 25 Nov 2020 10:02:33 GMT
server
ECS (fcn/40FC)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
00e57d55fbb65bfc09279a0e13c5dfde
accept-ranges
bytes
/
www.facebook.com/tr/ 		0
84 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/main_26755_76942213_449_1578.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryApmipZx2gzOBLBhJ

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Wed, 25 Nov 2020 18:01:57 GMT
content-type
text/plain
access-control-allow-origin
https://www.group-ib.com
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
/
www.facebook.com/tr/ Frame 647E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
3460
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.group-ib.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.group-ib.com/media/gib-report-2020/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
fr=0IyYexFCIXPF7UWx1..BfvpwV...1.0.BfvpwV.
Upgrade-Insecure-Requests
1
Origin
https://www.group-ib.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.group-ib.com/media/gib-report-2020/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.group-ib.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
date
Wed, 25 Nov 2020 18:01:57 GMT
/
www.facebook.com/tr/ 		0
30 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/main_26755_76942213_449_1578.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryBFNArUtLl3g0AYGH

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Wed, 25 Nov 2020 18:01:57 GMT
content-type
text/plain
access-control-allow-origin
https://www.group-ib.com
access-control-allow-credentials
true
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
/
www.facebook.com/tr/ Frame 98A0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
3459
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.group-ib.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.group-ib.com/media/gib-report-2020/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
fr=0IyYexFCIXPF7UWx1..BfvpwV...1.0.BfvpwV.
Upgrade-Insecure-Requests
1
Origin
https://www.group-ib.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.group-ib.com/media/gib-report-2020/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.group-ib.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-length
0
server
proxygen-bolt
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
date
Wed, 25 Nov 2020 18:01:57 GMT
forms2.css
app-lon09.marketo.com/js/forms2/css/ 		13 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-lon09.marketo.com/js/forms2/css/forms2.css
Requested by
Host: app-lon09.marketo.com
URL: https://app-lon09.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.92.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
2864
vary
Accept-Encoding
content-length
2623
cf-request-id
06a22acd2c0000edb38c1a1000000001
last-modified
Mon, 12 Oct 2020 17:13:35 GMT
server
cloudflare
etag
"242671-3437-5b17c6b21edc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63113904
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
5f7d47284ef6edb3-CDG
expires
Wed, 25 Nov 2020 22:01:57 GMT
forms2-theme-simple.css
app-lon09.marketo.com/js/forms2/css/ 		826 B
393 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://app-lon09.marketo.com/js/forms2/css/forms2-theme-simple.css
Requested by
Host: app-lon09.marketo.com
URL: https://app-lon09.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.92.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 25 Nov 2020 18:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
2864
vary
Accept-Encoding
content-length
242
cf-request-id
06a22acd2d0000edb3782df000000001
last-modified
Mon, 12 Oct 2020 17:13:35 GMT
server
cloudflare
etag
"d8167e-33a-5b17c6b21edc0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63113904
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
5f7d47284ef9edb3-CDG
expires
Wed, 25 Nov 2020 22:01:57 GMT
jot.html
platform.twitter.com/ Frame 4D65
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/jot.html
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/media/gib-report-2020/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40D1) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
https://www.group-ib.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
86304
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Wed, 25 Nov 2020 18:01:57 GMT
Etag
"d9592a6c704736fa4da218d4357976dd"
Last-Modified
Thu, 01 Oct 2020 21:52:09 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40D1)
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
80

Redirect headers

cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length
0
content-type
text/html;charset=utf-8
date
Wed, 25 Nov 2020 18:01:57 GMT
expires
Tue, 31 Mar 1981 05:00:00 GMT
last-modified
Wed, 25 Nov 2020 18:01:57 GMT
location
https://platform.twitter.com/jot.html
pragma
no-cache
server
tsa_o
status
302 Found
strict-transport-security
max-age=631138519
x-connection-hash
be27c99161a94b2a631b48d865725cb9
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-response-time
133
x-transaction
00d95159004a1e62
x-tsa-request-body-time
3
x-twitter-response-tags
BouncerCompliant
x-xss-protection
0
XDFrame
app-lon09.marketo.com/index.php/form/ Frame E42E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app-lon09.marketo.com/index.php/form/XDFrame
Requested by
Host: app-lon09.marketo.com
URL: https://app-lon09.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.92.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
app-lon09.marketo.com
:scheme
https
:path
/index.php/form/XDFrame
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.group-ib.com/media/gib-report-2020/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cf_bm=05f24a2244a9f545a4121cd2af65597e29d013da-1606327316-1800-AT5XW9yjezROViwgYEraTiyeDa1ShJsM1dks0HFyMrLWZKmj7Nk5GNhn6zLTxi7lQ22CQ3RBdvmZzCAmCaPvpBE=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.group-ib.com/media/gib-report-2020/

Response headers

date
Wed, 25 Nov 2020 18:01:58 GMT
content-type
text/html; charset=utf-8
content-length
653
set-cookie
__cfduid=d2dd2663cc384a1cf9ddc9650bb2320111606327317; expires=Fri, 25-Dec-20 18:01:57 GMT; path=/; domain=.app-lon09.marketo.com; HttpOnly; SameSite=Lax RSMKTO1=3204520876.47617.0000; path=/; Httponly; Secure
cache-control
max-age=3600
strict-transport-security
max-age=63113904
x-content-type-options
nosniff
vary
Accept-Encoding
content-encoding
gzip
cf-cache-status
DYNAMIC
cf-request-id
06a22acda00000edb3df34f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5f7d4728f937edb3-CDG
like.php
www.facebook.com/v2.3/plugins/ Frame 2547 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df251d77613c1e9%26domain%3Dwww.group-ib.com%26origin%3Dhttps%253A%252F%252Fwww.group-ib.com%252Ff142f6771f7eeb%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&layout=button_count&locale=ru_RU&sdk=joey&share=false&show_faces=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js?hash=118d9dcb5e21ba0d88956e18eb06fc69&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df251d77613c1e9%26domain%3Dwww.group-ib.com%26origin%3Dhttps%253A%252F%252Fwww.group-ib.com%252Ff142f6771f7eeb%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.group-ib.com%2Fmedia%2Fgib-report-2020%2F&layout=button_count&locale=ru_RU&sdk=joey&share=false&show_faces=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.group-ib.com/media/gib-report-2020/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
fr=0IyYexFCIXPF7UWx1..BfvpwV...1.0.BfvpwV.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.group-ib.com/media/gib-report-2020/

Response headers

vary
Accept-Encoding
pragma
no-cache
x-content-type-options
nosniff
content-encoding
br
strict-transport-security
max-age=15552000; preload
x-xss-protection
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v3.2
cache-control
private, no-cache, no-store, must-revalidate
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
x-fb-debug
H7B80D2JQClH0ZcNj4e+ixb2SiytyO49oeoXqXI6H53d+rIhIh5GDAnD7GfcCHAYKV+mhzCqh5A8hWgv5eaClw==
date
Wed, 25 Nov 2020 18:01:58 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
fl
sbbe.group-ib.ru/api/ 		677 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sbbe.group-ib.ru/api/fl?u=7694221310&mv=2&cfidsgib-w-group-ib=9vaQRGkpCvpCLFvLqTTP8X8l1nlLn1HE4Lya3%2FK6D%2FXRrNbjia5OGoMzw13mExuuH1dqcIV9ea0DwRh9RNfSg%2FOL0HE7HemqHTmwwyeCaQQ0secCyMzj%2Fu4xBgqy2k8YHkzQwNcTmLSJhkDMtOv6PMNV
Requested by
Host: www.group-ib.com
URL: https://www.group-ib.com/main_26755_76942213_449_1578.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
178.132.201.236 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
d2077a63b5653027b3e86984c323ba2bfb4c9f1466c78df8fd4db6d465568912

Request headers

Referer
https://www.group-ib.com/media/gib-report-2020/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 25 Nov 2020 18:01:58 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://www.group-ib.com
Cache-Control
no-store
Transfer-Encoding
chunked
Connection
close
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Accept,DNT,Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Origin,ETag,If-None-Match,X-Cfids

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer object| VK function| $ function| jQuery object| picturefillCFG function| picturefill object| conf object| __core-js_shared__ object| Sslac object| IN object| __twttrll object| twttr object| __twttr object| google_tag_manager function| _classCallCheck function| executeFunctionByName function| _createClass object| landing object| competitorDomains object| publicDomains function| Tiles function| Action object| actions function| CubicGallery function| CubicGallery2 function| Parallax function| Popup function| SelectThis function| CubicForm function| CubicSticky function| SwipeDetector function| CubicSwitcher function| CubicTabs function| ChangeForm function| ClipboardJS function| raf object| gacid object| gaClientId object| FB function| Accordeon function| EmailsBase function| wr function| Cookies function| CrmForm function| Marketo function| metrics object| News object| showMore object| News2 function| PollForm function| fillPoll function| share_vacancy_fb function| share_vacancy_tw function| ShowMore2 function| CubicTags function| Test function| Tumbler function| initTumbler function| Unsubscribe object| google_tag_data string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| fbq function| _fbq object| popups function| initCrmForms object| gaplugins object| gaGlobal object| gaData function| lintrk boolean| _already_called_lintrk object| Ya object| yaCounter25634039 boolean| __c4e38641cee8933a85d80167b637f7b5__ function| gibSetAttribute function| gibSetAttributeCallback function| gibRemoveAttribute function| gibHash function| gibEncrypt object| gib string| __guc__1.0.0 function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| google_optimize object| MunchkinTracker object| MktoForms2 object| marketoForms object| _this object| jQuery1124029940995999553444

16 Cookies

Domain/Path Name / Value
.group-ib.com/ Name: cfidsgib-w-group-ib
Value: 9vaQRGkpCvpCLFvLqTTP8X8l1nlLn1HE4Lya3/K6D/XRrNbjia5OGoMzw13mExuuH1dqcIV9ea0DwRh9RNfSg/OL0HE7HemqHTmwwyeCaQQ0secCyMzj/u4xBgqy2k8YHkzQwNcTmLSJhkDMtOv6PMNV
.group-ib.com/ Name: _ym_visorc
Value: w
.group-ib.com/ Name: _fbp
Value: fb.1.1606327317211.1368578567
.group-ib.com/ Name: _ym_d
Value: 1606327317
.id.group-ib.com/ Name: gcfids
Value: hgFH-7QTZYOHWsS0i1V0dsJ-Hq6w6sJFMo2TgM0PhmM0wLTLEkozbfzXSIjZW-IGPBeC5OVHwSbAYWnVnxDKTBLYqc-CC3nk6GmLfYYdG9g2pdCVlZ8LLzz3pSHp
.group-ib.com/ Name: _ym_uid
Value: 16063273171014210371
.group-ib.com/ Name: _gid
Value: GA1.2.593631676.1606327317
.group-ib.com/ Name: bpmTrackingId
Value: be7f700f-bcf0-2a76-94f1-98dbb4841fd8
.app-lon09.marketo.com/ Name: __cf_bm
Value: 05f24a2244a9f545a4121cd2af65597e29d013da-1606327316-1800-AT5XW9yjezROViwgYEraTiyeDa1ShJsM1dks0HFyMrLWZKmj7Nk5GNhn6zLTxi7lQ22CQ3RBdvmZzCAmCaPvpBE=
.group-ib.com/ Name: _mkto_trk
Value: id:689-LRE-818&token:_mch-group-ib.com-1606327317178-56554
.group-ib.com/ Name: _dc_gtm_UA-25492706-2
Value: 1
.group-ib.com/ Name: _ga
Value: GA1.2.887843919.1606327317
.group-ib.com/ Name: _ym_isad
Value: 2
.group-ib.com/ Name: bpmHref
Value: https://www.group-ib.com/media/gib-report-2020/
.group-ib.com/ Name: bpmRef
Value:
www.group-ib.com/ Name: PHPSESSID
Value: noo6f38o5uko0kim2s6gjudmg3

3 Console Messages

Source Level URL
Text
console-api debug URL: https://hubspot.fedscoop.com/e2t/tc/VWv-KC1dWnlfW66SH8c5dhFz5W8wLjj94jRGkDN3X6VGh2-GZwV1-WJV7CgVykW1xtm4D6by3Q3W6WpqYQ5sCs7jW4vyj9P4xMcWfVK270y3J6x3kW2x4dKp6_Ww1rW7RPvCY128P-bW8FsZ3s72GhHZW8x1P_72xDCSxN53ThmrRyhtPW8wqsML8Jl_gYW9m57g-3q1rLNW4_fzgs5RsV2yW63zF_V57ZcV5N1kRdSbM1RQXW5_4KVn3YsP9BW442KNz6LY7SG3qdm1(Line 13)
Message:
toS
console-api log URL: https://www.group-ib.com/media/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api warning URL: https://www.group-ib.com/javascripts/all-3e59e9cb.js(Line 26)
Message:
The Facebook JSSDK is more than 7 days old.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

689-lre-818.mktoresp.com
abs.twimg.com
app-lon09.marketo.com
cdn.syndication.twimg.com
connect.facebook.net
hubspot.fedscoop.com
mc.yandex.com
mc.yandex.ru
munchkin.marketo.net
pbs.twimg.com
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
ru.id.group-ib.com
sbbe.group-ib.ru
snap.licdn.com
stats.g.doubleclick.net
syndication.twitter.com
ton.twimg.com
vk.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.group-ib.com
www.linkedin.com
104.109.95.62
104.16.92.80
104.244.42.136
134.213.193.62
178.132.201.236
178.248.235.63
185.17.9.182
199.60.103.31
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:2800:233:7ee2:97c:ab4c:6c70:be36
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:46c:e8b:1e2f:2bd:694
2620:1ec:21::14
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:81a::2004
2a00:1450:4001:81d::2003
2a00:1450:4001:824::200e
2a00:1450:400c:c0c::9a
2a02:26f0:6c00:28c::25ea
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
93.186.225.208
028adedcb988349acdd0154c1db43e1ed2f1ee23271c887ff2f93c4312b78fb2
059d7f76a7662405100374530359da8f439f4b945864fafab45b834320a429e2
07ea5ec32802e3cbaa6e3de28ceff317b02a08f9590bdfddcc6f4c147d951106
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
0b28a2aa8ae2cc469fc77cde60ed83fd6176df58e4d15558e5dbbf690e8dedd8
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11fc3f4ae99586ae01aec05dcf1954dc95024f8d63776d220a3b0187873e6eb0
14b2afcf8da0215e557f8695dd0ffeb7af71aea988af0e528e3b0715a907e39b
14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
163cfcbd5a50639aa755d8eabd17f5d736f0d8d5a51989bd0540a05012427c9d
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
2469ab70d8030e7579c18bf90247092020fc57e16e60a1212d591a9399bad33a
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
2681ca9cb433647fe4b52cb847f5b1429af46ef6c49344885e7bd9503513af1b
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
2ce88a4c132fa899f9ad519e9fec4b46fa5b060fb977451ce535c1cd44e6badd
2fb27837b6857db3401d724ba8f93934c633e44dcfaa837c68290058c9554fdc
2ff7a0eb41c8462ce197a2d18fca55455710b0c15bbb32d4c13ffe92c3d8b7df
31507f73a2c904e73317979e82c8c4531befda90852ca9681ce9fd0a64f7c3f6
3795726557f64bf66677a94511e34f7d67dd58c73baef60ddb3f9a0cb8f38c1e
396c8d58f2858e194e9d4c4a7fbab20e0017aa3576b2cc93d3beb31ebb0974df
3a4b2b4b5d39f970e20b721a6744a3ebe517a573422f92a7e1e09d613a86e3a3
3af71b5d6657a687e21ee317f55052b8f7b4eb3d6af688911f750bc292e85fa7
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
4799bf1148b64180ea42812bba9337bd78d9b907142a0adf82e309ec94238de8
486215088c2b2b8c4fe720eb678ad73d3f96cd7736226eadd94ce9fbba688438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b9de56ce2f53cfb77829e17f6b7e3b1a27d3ca089cff5c34646ab69eab10aa3
4bdf008140cb9fb1f8a566f08c41e56801d474a5c4e8745073d5c32bd3b363db
4bdf9be793229209430b0d3aac7ecf804e8bf65e40c5e845387c63ae9073e58c
4cdb19491bc8a38d4f6b45be91e4897cc54cb3942ea6a5ae99d2af2cd54d3138
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
4ed5ae53456d55cc365d347c56a9296e8fb677e9d28a489204bc206b821d553f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
602e880b343fb1c79ae40912708cdd09282facc224e40a28ffab9c65e1304ed2
65579b2f0b8b8ad97c53d391e1326e506adda47662d2318218ca7ceff95f859d
68b344470a99a316db16a9e3a89db1a8ec1c5d99162a1dc96f3033241db3d106
6c62dc75f2537d76b680e4ad04cd7fa384d1e0914ddb69444a03711eb92df4a3
764cb9ee5ec87067ed22a08d0d1688546abc6eb1efc6cf816c0cdd2865371d33
76b58d4dfb551f4b8987d5deb3b0438c7a27fae9d020b924c96db8314560aea9
7c3a49cd0ba5e1e990db284ef3ddeb1a7ddbda60383ae5ec58b61d8f4b69198e
7ed0024999a8771f7887d341f39d47ce56a124fe0de9c233fa749f1e137025c2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85489b6d743b3eb8eaf407d1f53d6e09220a8992ede1027a71c7aecc390059c1
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8f1980b715a96136c4974af52e4690e681329bb92ce80af1f52d1e4aeeeb8f68
95e20d6a24cc4fcf6e88ce4d1bea86310f2716a0192c6b143ae5657a3fcaa886
9a53ec39604c2dd9a71ccae40d6b605145706d246cb6a56c8458edc04cd7a073
9b459480e76b0d675482760b3d9534e849ff58dca908849165a7d8595ad73622
9ee338bd03594461a939b661840e43fec02d7345e19e3ad12509c06ba37ad355
a22958981751f2a55d6622e5abfaa5918fb411eb01bc5d9b446c081dd7c3d18d
a3d540bcf52bc00d9470eb0c36ab43c540627263bce11720ad2a6c1bb25cf8fe
a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf
a59ad2854b743e12bb04283571254154fecdc226b97b65662670768af88a7491
a7aa4cbfba80df455a6273f3f7ebcaa904f904640ef4f1d757c45c7bb12032ad
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
ad457d24d3f2048db9c3a15f3f6c129529e4d354c2325b09ad3d8ef5b4da1397
b1a70b88b8e804f974e49f25a9a77cb06938ada16b3cb8d69721fbae77091add
b3db58934d4f73f1b2b99587221a8271b6e1a0a3fa655a2a90f36ad275c30309
b8604bd5c7e49a84eed6c9fab81f966e85556c8eaf806005bce35d84cc8de640
bcb2244f3103cc3b82775c8c9481e78ce471b781a4da196cb58046af76d6cd52
bf0000f37a73211832cf330d9c56e6db977a8ab6790418e6cb908431a9aa47e0
c01844f5065f09e3173e5aea1e16252e4373b05c751651908ef272b6bb33fdbc
c8d20f2ec4e0562596cd22bc91b00586d7fe77152cbfeb81db48b38274fdaf18
ca0e3beb032aacff54341082165a5d660ce9a87ffe5a97c731ab624783289842
cbab00d34dce6e445f4b930ae52e09d864d95ad8fa7ef50a3fa1f7adbd4274a5
cc2d91f3eaa2c1037b18d840715213dbb5104b015b8f9c04f0189358d12d3622
d2077a63b5653027b3e86984c323ba2bfb4c9f1466c78df8fd4db6d465568912
d50052ffc71a6ae9ca82c4075b0247e6c8777b93d14dc9f00da20ae88a4c6b7d
db16c9ed3e4d3740ae92e0df4761e733bf86f44501f77d6866bc1f66d0247cc0
dde2a7cd4331f78a4b35dca9aa2e716fc3d0c83ba0f855f0812cbfae4a27a805
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
e0a70c5d116d9c823c7d7958ecea2a7926315fac156e390bd7dc8a5fa088cdc3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b89915f5b07a2494caf04ecb0a5d53a103b3a0a81e1e43d723cd74e76f67e4
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e5ab88bf9c41e5fb24ce3ba38f812f90007bd11eeaf77fcf2f14f162d7da6d6a
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
eded72ddc3199149be1270f20297765a9a5f6071eac65a0c86d947035ba4e7ea
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbdf9cab6b6cf2bf7207ae4e0456c9462b2c0d4c2de76d65442de2af7253f2b
f10af0f9f1114d7b234cb396a16bd880d455d967020940f4d5aa9175c2b08bf0
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
fe9a7ca1e475140e6b37fbc86a5efcd3251be4348137aa07231bd91ee8678b7c