netenrich.com Open in urlscan Pro
2606:4700::6812:1dd4  Public Scan

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

• https://unpkg.com/default-passive-events HTTP 302
• https://unpkg.com/default-passive-events@2.0.0 HTTP 302
• https://unpkg.com/default-passive-events@2.0.0/dist/index.umd.js

Request Chain 65

• https://cta-service-cms2.hubspot.com/web-interactives/public/v1/track/view?webInteractiveId=326434714387&containerType=EMBEDDED&portalId=128884&audienceId=null&pageUrl=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&pageTitle=Identifying+ADHUBLLKA+Ransomware%3A+LOLKEK%2C+BIT%2C+OBZ%2C+U2K%2C+TZW+Variants&userAgent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F124.0.0.0+Safari%2F537.36&pageId=131497384969 HTTP 307
• https://static.hubspot.com/img/trackers/blank001.gif HTTP 301
• https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif

Request Chain 66

• https://cta-service-cms2.hubspot.com/web-interactives/public/v1/track/view?webInteractiveId=326434647444&containerType=EMBEDDED&portalId=128884&audienceId=null&campaignId=26dca121-75bf-48e4-8158-79ada2498518&pageUrl=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&pageTitle=Identifying+ADHUBLLKA+Ransomware%3A+LOLKEK%2C+BIT%2C+OBZ%2C+U2K%2C+TZW+Variants&userAgent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F124.0.0.0+Safari%2F537.36&pageId=131497384969 HTTP 307
• https://static.hubspot.com/img/trackers/blank001.gif HTTP 301
• https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif

Request Chain 90

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=113428&time=1715505338834&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=113428&time=1715505338834&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D113428%26time%3D1715505338834%26url%3Dhttps%253A%252F%252Fnetenrich.com%252Fblog%252Fdiscovering-the-adhubllka-ransomware-family%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=113428&time=1715505338834&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=113428&time=1715505338834&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&cookiesTest=true&liSync=true&e_ipv6=AQKm6rRp9uIvmgAAAY9sFhwtra1OlCSc7DwpmL9tk_w21b5hGzrPlxYCntlU4zYq

Request Chain 115

• https://c.clarity.ms/c.gif HTTP 302
• https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5EB011A73C81410BB2F961990818CA15&RedC=c.clarity.ms&MXFR=3A326E1C77F264261F5C7A6173F26A39 HTTP 302
• https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5EB011A73C81410BB2F961990818CA15&MUID=3643829852926AFB0AC896E5533E6B19

124 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request discovering-the-adhubllka-ransomware-family Show response netenrich.com/blog/	229 KB 34 KB	133ms 98ms	Document text/html	2606:4700::6812:1dd4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1dd4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b3ceb57a15afcdc784cdbaf75407927ddfc89b795f54bcedc7bcbe5304be45f1 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control s-maxage=10800, max-age=0 cf-ray 88294e295f170414-FRA content-encoding br content-security-policy upgrade-insecure-requests content-type text/html; charset=UTF-8 date Sun, 12 May 2024 09:15:37 GMT edge-cache-tag CT-131497384969,CG-128884,CG-333284061,P-128884,W-76605222706,CW-102551015997,CW-109981603486,CW-146212862572,CW-89841304858,CW-94707865239,E-137783202451,E-89832012173,E-89832145677,E-89832528536,E-89832529306,E-89840403873,E-89840555887,E-89840581256,E-89840853842,E-90055683725,E-90056481369,E-90058492740,E-95437070235,MENU-103236192906,MENU-76605222706,PGS-ALL,SW-3,B-333284061,GC-102551218067,GC-109982188345,GC-90074376205,TS-90055265808 etag W/"a9fa06696f629537858d80b0f014098a" last-modified Sat, 11 May 2024 07:21:17 GMT link </hs/hsstatic/AsyncSupport/static-1.122/js/comment_listing_asset.js>; rel=preload; as=script,</hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} referrer-policy no-referrer-when-downgrade report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u5ttij5Nv7WVmItUbIpEqoE0u5jBXXTS1sR2Ek3yC3k4AWifGDuIoDmgYCZftuJ2N1t2igByZNBWISXUKLORDFKt1k7eH5C%2BTpEhJBGnHVLxINqmwjX0sWajKP6571i5x5r6oQLWLu2ZwCM%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000 vary Accept-Encoding x-hs-cache-config BrowserCache-5s-EdgeCache-180s x-hs-cache-control s-maxage=10800, max-age=0 x-hs-cf-cache-status REVALIDATED x-hs-content-id 131497384969 x-hs-hub-id 128884 x-hs-prerendered Sat, 11 May 2024 07:21:17 GMT
GET H2	200	comment_listing_asset.js Show response netenrich.com/hs/hsstatic/AsyncSupport/static-1.122/js/	8 KB 3 KB	54ms 53ms	Script application/javascript	2606:4700::6812:1dd4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netenrich.com/hs/hsstatic/AsyncSupport/static-1.122/js/comment_listing_asset.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1dd4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 043cfebfa4ec302e0368eadbae54853a5b6caff633b3d1e02a32f2cd2f71e1fd Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000 via 1.1 1ed131e2ff13a9b8852067b4dfb6f2dc.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests age 5157162 x-amz-cf-pop FRA60-P6 x-amz-server-side-encryption AES256 x-amz-version-id 4D3b_.jtdSCbU1XTktruWk73HT0wxWk7 content-encoding br x-cache RefreshHit from cloudfront x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 last-modified Fri, 17 Dec 2021 15:26:09 GMT server cloudflare etag W/"2455723721db341ff86a4f64384a9c0d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YucKopdfGknZCRHS1I4nFNJ%2Bv4ySLjNv%2Fk34BrRKUjlMefGt5uRr5kYWH1fYV8mqluahAnq06jUIAdcx%2B6FB951sPEbXXm9HHDy1jXIvx6suLem52kkNbeR%2F%2B9faNx8br455bPA88NbKyYo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 88294e2a481a0414-FRA x-amz-cf-id 6SmNihRw2v6OZ6Ff6phKMBZ9HEpfVh06-28-JoPc8YgLNigOUmbBKw== expires Mon, 12 May 2025 09:15:37 GMT
GET H2	200	project.js Show response netenrich.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/	2 KB 952 B	50ms 49ms	Script application/javascript	2606:4700::6812:1dd4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netenrich.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1dd4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000 via 1.1 93c19401e4c3042840b49b10b9478098.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests age 5147666 x-amz-cf-pop VIE50-P2 x-amz-server-side-encryption AES256 x-amz-version-id gEenO44eZUewxnIWfgj9q6LB.g9OszNv content-encoding br x-cache Hit from cloudfront x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 last-modified Wed, 19 Aug 2020 22:24:11 GMT server cloudflare etag W/"ef84f26c310485299d6b75777414eddb" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ce%2BPBqwQO3AH4ecTjfNAUoCJKtOitffdSnpLiZf%2BRGWUbIWLq6WHANjUgyWIg%2BvxRO%2FDh%2BgfcX1mDQ82EtylbtElZAv2g59SjESZGi%2F9dB8x7Ein1Y50LnCbM0OhUuoYw2gUZD3iYHS8szo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 88294e2a481c0414-FRA x-amz-cf-id taibrJxhl0Pv-g2kLxYdkl-I0t1gMNjDW9iJ8n3fVTWw3x2RnykuiQ== expires Mon, 12 May 2025 09:15:37 GMT
GET H2	200	project.js Show response netenrich.com/hs/hsstatic/cos-i18n/static-1.53/bundles/	1 KB 1 KB	51ms 51ms	Script application/javascript	2606:4700::6812:1dd4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netenrich.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1dd4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000 via 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests age 5161363 x-amz-cf-pop FRA56-P2 x-amz-server-side-encryption AES256 x-amz-version-id P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO content-encoding br x-cache Hit from cloudfront x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 last-modified Tue, 09 Nov 2021 16:12:42 GMT server cloudflare etag W/"61ca66de658cab9587e4636894680d5d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nqfts2HEF47GcJ7g0rg9TLEKUtb6PbgAKWeijiYsAq2Y4tx8BTK1iVhPPbjPgdA60ELFTlvNevgwKjgjDJAZFQk5yB79gcWT5IhcYEjPCkybGJPKvC7dtXUeo5qlXpxrNpJoVrLZRucai6w%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 88294e2a48200414-FRA x-amz-cf-id vMxH2clCDRRjd7emHmifSLXhLc2TFOGFc0VsUqlcTSiVQmWY_1aUGQ== expires Mon, 12 May 2025 09:15:37 GMT
GET H2	200	v2.js Show response netenrich.com/_hcms/forms/	482 KB 161 KB	62ms 61ms	Script application/javascript	2606:4700::6812:1dd4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netenrich.com/_hcms/forms/v2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1dd4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f171db8dc0eb7cec86c84ceac278dbf2fbe33770334635a2703186d14f4828b2 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy upgrade-insecure-requests content-encoding br age 5 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5064/bundles/project-v2.js&cfRay=88294e0ba2b71c97-FRA x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"b0047a8901d8ed9f81db3dcb5982114e" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control s-maxage=600, max-age=300 x-hs-target-asset forms-embed/static-1.5064/bundles/project-v2.js date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000 via 1.1 73c5607bdb5db0d651e25c848846d554.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-content-type-options nosniff x-amz-version-id 4lHA5dnNobe4YqKec9CE2kPtPUzRSBNR x-amz-cf-pop IAD12-P3 x-hubspot-correlation-id 127850c4-1e39-4862-9b7c-a68dd46f1e3e x-cache Hit from cloudfront cache-tag staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod x-envoy-upstream-service-time 3 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id 127850c4-1e39-4862-9b7c-a68dd46f1e3e last-modified Wed, 03 Apr 2024 11:15:05 UTC server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FamjWNoksNSu3PQQdgGySpBxnyx9hC9XCXC%2FV9tnr176neY%2F1bPQLGboMv78IKB8la6%2BdSBuB3rLrddT4BFSaI6achOR1f0vBHpZ%2B3vB4XMCTXIj5HLKrZDZUvnsOvN7umwVUJemVeUJBoo%3D"}],"group":"cf-nel","max_age":604800} x-hs-cache-status HIT x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-rl62l cf-ray 88294e2a48220414-FRA x-amz-cf-id EcvJmco_oSDuwfvqCHeTIWtIVkHaBywAXicW8D8Mdk0vPxZ2P_Pmiw==
GET H2	200	jquery-1.11.2.js Show response netenrich.com/hs/hsstatic/jquery-libs/static-1.4/jquery/	94 KB 35 KB	46ms 44ms	Script application/javascript	2606:4700::6812:1dd4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netenrich.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1dd4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000 via 1.1 6e4ed2b1996ce238462d61d3bfff667a.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests age 5157167 x-amz-cf-pop FRA60-P6 x-amz-version-id null content-encoding br x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Thu, 08 Jan 2015 18:08:00 GMT server cloudflare etag W/"5790ead7ad3ba27397aedfa3d263b867" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q9GjJVevcajylyviKEy8YW1QV8m1gFfzFe6OeHNoOKh1oQ4MdDZ%2FTwR0QlaSy6L5Kvhg8DonML4%2FvUO2aB2MbqWYEEHODwurrqdtam1sReXTQMF6v8NHbHVoTcP4kaz4c%2FuOIzUx5v4Vgo0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 88294e2a48230414-FRA x-amz-cf-id _VPhB2fj6nD8GmDi5P1RjtbJ90x1_wBuPNZ3kKqZu_uI9uBtiNlMWA== expires Mon, 12 May 2025 09:15:37 GMT
GET H3	200	main-head.min.css cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840403873/1687914918034/CLEAN-6-1-Child-Netenrich/css/	98 KB 18 KB	87ms 61ms	Stylesheet text/css	104.18.89.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840403873/1687914918034/CLEAN-6-1-Child-Netenrich/css/main-head.min.css Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.89.62 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb24743a033792831ff70d2da0f339190c21eb879d8194d7569a358354a091de Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 2557822 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-hs-cf-lambda us-east-1.EnforceAclForReads 3 x-evy-trace-listener listener_https etag W/"062e49d13e171949cbdbcdcc6312bbcb" vary Accept-Encoding access-control-allow-methods GET content-type text/css access-control-allow-origin * x-amz-meta-created-unix-time-millis 1687914919015 cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-evy-trace-virtual-host all x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3 date Sun, 12 May 2024 09:15:38 GMT cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop IAD89-C1 x-hs-alternate-content-type text/plain x-hubspot-correlation-id 6d222ffc-db46-495f-861d-8db56d5caf37 x-amz-storage-class INTELLIGENT_TIERING x-envoy-upstream-service-time 200 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id 6d222ffc-db46-495f-861d-8db56d5caf37 last-modified Wed, 28 Jun 2023 01:15:20 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JGKrv5d411Wl9NQPZdhV0EbHDsur7SBfphrE8gvlEeRo3FqPQfkJecgmSt%2FAMOr0tuztWyEkFyqvjhGzjCL4jnFgYRPuvsUICff%2B537K6UVJXP2i7tb8kHkO%2BMa0KrCPWN8%3D"}],"group":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/cms-cdn2-td/envoy-proxy-c8b596779-fckn5 cf-ray 88294e2a6abd37d4-FRA timing-allow-origin cdn2.hubspot.net
GET H3	200	main-foot.min.css cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840581256/1687914924342/CLEAN-6-1-Child-Netenrich/css/	113 KB 17 KB	86ms 60ms	Stylesheet text/css	104.18.89.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840581256/1687914924342/CLEAN-6-1-Child-Netenrich/css/main-foot.min.css Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.89.62 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f2b1d32241758db7748beef6f79403c974a780b30aef31fc2c5599bc5c9bae1 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 2537314 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-hs-cf-lambda us-east-1.EnforceAclForReads 3 x-evy-trace-listener listener_https etag W/"10bd1277eb87df74d9c0eeb9d77f204b" vary Accept-Encoding access-control-allow-methods GET content-type text/css access-control-allow-origin * x-amz-meta-created-unix-time-millis 1687914925388 cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-evy-trace-virtual-host all x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3 date Sun, 12 May 2024 09:15:38 GMT cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop IAD89-C1 x-hs-alternate-content-type text/plain x-hubspot-correlation-id a90c332c-66ef-4f58-9425-c8b6bd9af3d7 x-amz-storage-class INTELLIGENT_TIERING x-envoy-upstream-service-time 181 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id a90c332c-66ef-4f58-9425-c8b6bd9af3d7 last-modified Wed, 28 Jun 2023 01:15:26 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ep%2BLNNR0pUG9emr%2FXK%2BeUWyEyN7p3GJNfF9FjBI3o9FgcjQfDUOxOhhMmrwye%2FopDhwIxND1C31qufT6DMsIfG9duzEPxScLU3fIHtwWao1q3th5GMfXPBBdgV67dNjCNxE%3D"}],"group":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/cms-cdn2-td/envoy-proxy-64d59778d6-f6gc6 cf-ray 88294e2a6abf37d4-FRA timing-allow-origin cdn2.hubspot.net
GET H3	200	child.css cdn2.hubspot.net/hub/128884/hub_generated/template_assets/90056481369/1712214461319/CLEAN-6-1-Child-Netenrich/	49 KB 12 KB	99ms 72ms	Stylesheet text/css	104.18.89.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/90056481369/1712214461319/CLEAN-6-1-Child-Netenrich/child.css Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.89.62 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 161d6a157535d0afd8e8ce4688b7c8b7249daac92e0b4259453dfdd6e6351fae Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 820168 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-amz-replication-status PENDING x-hs-cf-lambda us-east-1.EnforceAclForReads 3 x-evy-trace-listener listener_https etag W/"aed0e32e3850968113165f6f49c8be2b" vary Accept-Encoding access-control-allow-methods GET content-type text/css access-control-allow-origin * x-amz-meta-created-unix-time-millis 1712214461319 cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-evy-trace-virtual-host all x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3 date Sun, 12 May 2024 09:15:38 GMT cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop IAD89-C1 x-hs-alternate-content-type text/plain x-hubspot-correlation-id 8093be52-b6f9-4b14-9535-9b5a720930cc x-amz-storage-class INTELLIGENT_TIERING x-envoy-upstream-service-time 219 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id 8093be52-b6f9-4b14-9535-9b5a720930cc last-modified Thu, 04 Apr 2024 07:07:42 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gKm7skY5OAJLTYex87YUYl08u1rQzQzKmV57EYTTJozB%2FFo%2BwJCdw%2Bh7OE346CiDOECj0uaoXkwv%2Bi2YHAcpY%2FZDE3INRDAucrrCLSqBjFA2PZiRIB8ojQZFgqzVkdO8%2BD8%3D"}],"group":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/cms-cdn2-td/envoy-proxy-6f9f79465b-8lkkj cf-ray 88294e2a6ac237d4-FRA timing-allow-origin cdn2.hubspot.net
GET H3	200	global-header-v2.min.css cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89832012173/1687914910733/CLEAN-6-1-Child-Netenrich/css/modules/	19 KB 5 KB	102ms 76ms	Stylesheet text/css	104.18.89.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89832012173/1687914910733/CLEAN-6-1-Child-Netenrich/css/modules/global-header-v2.min.css Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.89.62 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 151fbdbb420761759cb84fb37f0765faaa24dd3a10cdb7ff54f9029a8f92c1d0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 2537314 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-hs-cf-lambda us-east-1.EnforceAclForReads 3 x-evy-trace-listener listener_https etag W/"348ab221490473ed3a2d4d45bc5543c8" vary Accept-Encoding access-control-allow-methods GET content-type text/css access-control-allow-origin * x-amz-meta-created-unix-time-millis 1687914911455 cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-evy-trace-virtual-host all x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3 date Sun, 12 May 2024 09:15:38 GMT cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop IAD89-C1 x-hs-alternate-content-type text/plain x-hubspot-correlation-id 43094045-c11e-4889-9e1d-44621df851fd x-amz-storage-class INTELLIGENT_TIERING x-envoy-upstream-service-time 201 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id 43094045-c11e-4889-9e1d-44621df851fd last-modified Wed, 28 Jun 2023 01:15:12 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BL6uBvXBzgNipAp8l6LGw8knRfLglsyJcnEMzCCRU2SPZR%2BtPPoV77O2jNvS7WdGAPzu3s7L0Sel0oqII%2FHkpQRz6gMPZJSh%2B5%2BQqXyw0unVh0hbz9KVw6qZ6%2FIirTocdPk%3D"}],"group":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/cms-cdn2-td/envoy-proxy-b79697d9-hfljm cf-ray 88294e2a6ac537d4-FRA timing-allow-origin cdn2.hubspot.net
GET H3	200	global-footer.min.css cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89832145677/1687914918914/CLEAN-6-1-Child-Netenrich/css/modules/	4 KB 2 KB	88ms 62ms	Stylesheet text/css	104.18.89.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89832145677/1687914918914/CLEAN-6-1-Child-Netenrich/css/modules/global-footer.min.css Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.89.62 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae59996935bc4d38092cdfcb128911966ba6dc228867f83eeb77a6bfaf3976f3 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 2557822 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-hs-cf-lambda us-east-1.EnforceAclForReads 3 x-evy-trace-listener listener_https etag W/"6888ac6feabc8e51df9159a15eb9711b" vary Accept-Encoding access-control-allow-methods GET content-type text/css access-control-allow-origin * x-amz-meta-created-unix-time-millis 1687914919551 cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-evy-trace-virtual-host all x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3 date Sun, 12 May 2024 09:15:38 GMT cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop IAD89-C1 x-hs-alternate-content-type text/plain x-hubspot-correlation-id e8171f4d-0012-47ee-81b7-b2f021d7e501 x-amz-storage-class INTELLIGENT_TIERING x-envoy-upstream-service-time 210 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id e8171f4d-0012-47ee-81b7-b2f021d7e501 last-modified Wed, 28 Jun 2023 01:15:20 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ejvLjL1iwNa%2F%2FoQz7BeDuV0JUi%2Fa%2F4Kga9IvIlNnr9NtsCw7b67pPeRpngVmk98cRIj%2FJuZgNnXpcuUxXJ290y9A9zbDQRB8EhW9V0TbRYnEjoTJSPw1H4ZpI6tTw6hHZs%3D"}],"group":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z cf-ray 88294e2a6ac437d4-FRA timing-allow-origin cdn2.hubspot.net
GET H3	200	module_94707865239_Menu_Top_Blog_Categories.min.css cdn2.hubspot.net/hub/128884/hub_generated/module_assets/94707865239/1688586631715/	3 KB 2 KB	104ms 77ms	Stylesheet text/css	104.18.89.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn2.hubspot.net/hub/128884/hub_generated/module_assets/94707865239/1688586631715/module_94707865239_Menu_Top_Blog_Categories.min.css Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.89.62 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 12ba54a7acc0e192734c0985cfd00c04f3447c19ddffc9619b67cac107456f57 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 2553045 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-hs-cf-lambda us-east-1.EnforceAclForReads 3 x-evy-trace-listener listener_https etag W/"6a8df27406af1125d355a64fa9a3d6e7" vary Accept-Encoding access-control-allow-methods GET content-type text/css access-control-allow-origin * x-amz-meta-created-unix-time-millis 1688586631715 cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-evy-trace-virtual-host all x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3 date Sun, 12 May 2024 09:15:38 GMT cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop IAD89-C1 x-hs-alternate-content-type text/plain x-hubspot-correlation-id 3f9f2893-8a7c-4b28-b047-c318d3fac882 x-amz-storage-class INTELLIGENT_TIERING x-envoy-upstream-service-time 158 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id 3f9f2893-8a7c-4b28-b047-c318d3fac882 last-modified Wed, 05 Jul 2023 19:50:32 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7q9cIKxz%2Fib03Ui%2BkRR%2BMDvNSl7u3Xk5eWmGAIaGW9xCIEf4axdfMG49OPgS9oDlauj0nptaXc%2BsEiNwoo8v6yxomDqgAt4ESa2a3Hs%2FW%2FU6TQEjzyoLGRJGYv7HGX7TV6M%3D"}],"group":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z cf-ray 88294e2a6ac937d4-FRA timing-allow-origin cdn2.hubspot.net
GET H3	200	row-multi-column-content.min.css cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89832528536/1687914912452/CLEAN-6-1-Child-Netenrich/css/modules/	833 B 1 KB	103ms 77ms	Stylesheet text/css	104.18.89.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89832528536/1687914912452/CLEAN-6-1-Child-Netenrich/css/modules/row-multi-column-content.min.css Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.89.62 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc3eb3b3977d5a539871b653bd3e5d50f6a364a17cc3d5beed43fc5928fe1afb Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 2069257 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-hs-cf-lambda us-east-1.EnforceAclForReads 3 x-evy-trace-listener listener_https etag W/"02af04e886c6e6f3ade3b560da65c941" vary Accept-Encoding access-control-allow-methods GET content-type text/css access-control-allow-origin * x-amz-meta-created-unix-time-millis 1687914913027 cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-evy-trace-virtual-host all x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3 date Sun, 12 May 2024 09:15:38 GMT cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop IAD89-C1 x-hs-alternate-content-type text/plain x-hubspot-correlation-id a0eb04fd-1f35-4a19-b20b-6f19aadffb77 x-amz-storage-class INTELLIGENT_TIERING x-envoy-upstream-service-time 155 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id a0eb04fd-1f35-4a19-b20b-6f19aadffb77 last-modified Wed, 28 Jun 2023 01:15:14 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r8CFZlvoLACPg5Thr1Gn%2F8ixB0TaXuL21VgEWZ1aJIzDVfjHBtjr1r9UOejjdMlt5Bw3a4L8vSZLJ1ZgfG%2Bh6tO75SSiwtO2MwDcoI4kW7ZaUnYvmVd2DPo9A6eyeZKmVMg%3D"}],"group":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/cms-cdn2-td/envoy-proxy-5896745bbb-5tx8p cf-ray 88294e2a6ac637d4-FRA timing-allow-origin cdn2.hubspot.net
GET H2	200	project.css netenrich.com/hs/hsstatic/BlogSocialSharingSupport/static-1.258/bundles/	720 B 911 B	44ms 43ms	Stylesheet text/css	2606:4700::6812:1dd4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netenrich.com/hs/hsstatic/BlogSocialSharingSupport/static-1.258/bundles/project.css Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1dd4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf3e0ecae28a70c5e010c24c160321243efe54f497d49a6a8f31ca12ee7eb972 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:37 GMT strict-transport-security max-age=31536000 via 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests age 4544890 x-amz-cf-pop FRA56-P2 x-amz-server-side-encryption AES256 x-amz-version-id 8ccI4weZqJTdCHtwNm3UqetXb_uUGb6Y content-encoding br x-cache Hit from cloudfront x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 last-modified Tue, 19 Mar 2024 20:21:22 GMT server cloudflare etag W/"a81c70764750950eb72d4537c41e781f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LqxACUm7PcYLY7ye8iB7Z28W176lTiJcPQ0Xxu%2FVKg6wA6ClVX10uD7oCFLYRFZJegdHUiaHBqbk5qtQxWeq2nzxNX1XffJKDDfV6b0zul8ilW4iWdOGjoywkbhwsq15inKVO32TF4MGI28%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=31536000 cf-ray 88294e2a48250414-FRA x-amz-cf-id g7Xq0RBZkXYErLa84Vt7JzfPtPOIstnRQrqC3IhE4nOzaCNhgj_NTA== expires Mon, 12 May 2025 09:15:37 GMT
GET H2	200	comments_listing_asset.css netenrich.com/hs/hsstatic/AsyncSupport/static-1.122/sass/	1 KB 931 B	58ms 57ms	Stylesheet text/css	2606:4700::6812:1dd4 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netenrich.com/hs/hsstatic/AsyncSupport/static-1.122/sass/comments_listing_asset.css Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1dd4 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed92c951c39983af4f5fac78a5bab4c390b3faf7c46e2a35256ee38f5443ffa2 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000 via 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests age 4608238 x-amz-cf-pop FRA60-P6 x-amz-server-side-encryption AES256 x-amz-version-id LQgaE1SSZjkxZtePb5jE9vLc6kDw7LTx content-encoding br x-cache RefreshHit from cloudfront x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 last-modified Fri, 17 Dec 2021 15:26:10 GMT server cloudflare etag W/"6b1d31d121f4c84e5ee3b7d7446495d8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lryLgBsp4bMD3WAkAvbnsEG%2FFfePW3wsgnm8b0WUeYj57nd5Y06%2F6KRmC4p8mSV6IlzMPagsCh%2BbWuWAKax0Sou2RoAL8aWhWwoG0vSnz7E4CZCowFbCnBP9EuitSrQBfKUqY8O%2F05JpLbQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=31536000 cf-ray 88294e2a48270414-FRA x-amz-cf-id Zu3gHbwRo2ZWbQ-lVbPI2yoEVlDCHpKfbUbS8ktmCaWxkXqGguGdgw== expires Mon, 12 May 2025 09:15:38 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	348 KB 107 KB	56ms 29ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-0ZKNG63YVT Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6a0d99bd4300d426f27952dc9468581071a69b5e8fbad74fcd78d41f49ce4e02 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 109660 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 12 May 2024 09:15:38 GMT
GET H2	200	index.umd.js Show response unpkg.com/default-passive-events@2.0.0/dist/ Redirect Chain https://unpkg.com/default-passive-events https://unpkg.com/default-passive-events@2.0.0 https://unpkg.com/default-passive-events@2.0.0/dist/index.umd.js	947 B 743 B	23ms 23ms	Script application/javascript	2606:4700::6811:f6cb CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/default-passive-events@2.0.0/dist/index.umd.js Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H2 Server 2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 10bcc81da88bb60d7f0b8df32d4bc7953268fb4d44e9a9d8aca98c020c579c10 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Sun, 12 May 2024 09:15:38 GMT content-encoding br via 1.1 fly.io cf-cache-status HIT x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload age 3909917 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01HT1GJZTBB6CA1X9M7WGEDSJS-fra server cloudflare etag "3b3-54EGb0sww7FhRg0xHqrYtqdqln4" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 88294e2abeb690d4-FRA Redirect headers date Sun, 12 May 2024 09:15:38 GMT content-encoding br via 1.1 fly.io cf-cache-status HIT fly-request-id 01HSQAJTWDDGJYP5PQF7AVT4P9-fra x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload age 4251758 server cloudflare vary Accept, Accept-Encoding content-type text/plain; charset=utf-8 access-control-allow-origin * location /default-passive-events@2.0.0/dist/index.umd.js cache-control public, max-age=31536000 cf-ray 88294e2a9e9f90d4-FRA
GET H2	200	in.js Show response platform.linkedin.com/	510 KB 160 KB	60ms 9ms	Script text/javascript	2606:2800:233:66b5:799a:7cd3:f74d:7071 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.linkedin.com/in.js Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4CE6) / Resource Hash b880bb2c030040c3a89756b2e899a2e9cda85206cc15d6322728100b285c43e4 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT content-encoding gzip x-content-type-options nosniff nel {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true} x-cdn ECST age 1321 x-cdn-client-ip-version IPV6 x-cache HIT x-cdn-proto HTTP2 content-length 163639 x-li-uuid AAYYPeeN3zXP69oNckVAOQ== last-modified Sun, 12 May 2024 08:53:37 GMT server ECAcc (frc/4CE6) x-li-pop prod-lva1-x vary Accept-Encoding report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true} content-type text/javascript; charset=UTF-8 x-li-fabric prod-lva1 cache-control public, max-age=3600 x-li-proto http/1.1 accept-ranges bytes expires Sun, 12 May 2024 09:53:37 GMT
GET H3	200	Netenrich-Logo-2%20Colors%20Positive.svg netenrich.com/hubfs/logos/brand-logo/tiny-svg/	2 KB 2 KB	84ms 83ms	Image image/svg+xml	104.18.29.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netenrich.com/hubfs/logos/brand-logo/tiny-svg/Netenrich-Logo-2%20Colors%20Positive.svg Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 482246d76f3af4849f6dc64b57bf5822df1d4ce0920823caa7b45f8a1a48bf99 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy upgrade-insecure-requests content-encoding br x-amz-meta-cache-tag F-107369326595,FD-107369597565,P-128884,FLS-ALL age 235497 x-amz-request-id ZNREYKSQ58VE2YN7 x-amz-server-side-encryption AES256 edge-cache-tag F-107369326595,FD-107369597565,P-128884,FLS-ALL x-amz-replication-status COMPLETED x-hs-cf-lambda us-east-1.EnforceAclForReads 3 etag W/"113352d465de12725b3a703ec92bb9b5" vary Accept-Encoding access-control-allow-methods GET content-type image/svg+xml access-control-allow-origin * x-amz-meta-created-unix-time-millis 1679414240108 cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-robots-tag all x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3 date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000 via 1.1 cb867cfec78eb078033d4ae0c86dfaa0.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-version-id KcUsPChXEFgn1V2GSTOPm.nr_EspTxNy x-amz-cf-pop TLV50-C2 x-hs-alternate-content-type text/plain x-cache Miss from cloudfront cache-tag F-107369326595,FD-107369597565,P-128884,FLS-ALL x-amz-meta-index-tag all x-amz-storage-class INTELLIGENT_TIERING alt-svc h3=":443"; ma=86400 x-amz-id-2 YqXEtYaRCDwCFdebzxsGbHY+laxTxnfMTSqcuxNyLD23gWmN7oeDWy9apXvgJpBGfNbZ4SqcoGM= last-modified Tue, 21 Mar 2023 15:57:21 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5efklzm%2FaYQWiDi5esrfv9WalKwB36wjekaf2PRS1OgGy%2FYGYt8GR%2BHwaoHLnEKOPD1KJrFXC1oMiQ0IGCL39t4w4l20YgczcomO6xSfwMKUVIoR8znZHyZMqPYiFhU%3D"}],"group":"cf-nel","max_age":604800} cf-ray 88294e2b0c599a21-FRA timing-allow-origin d8fk70yj6xfhx.cloudfront.net x-amz-cf-id m4Q2BO1I0_yQzq3Iw231eVAt1SXCJuXwWAc7dp1Efe747RaEOBTGjA==
GET H2	200	embed.js Show response static.hsappstatic.net/content-cwv-embed/static-1.840/	13 KB 6 KB	54ms 22ms	Script application/javascript	2606:4700::6811:ad5b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.hsappstatic.net/content-cwv-embed/static-1.840/embed.js Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:ad5b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ee5c21fba72db5037f82a272693e5db4bb73ab1059a340dcffc9bee28f670c1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT x-amz-version-id e_mEpsTIjne7IZWFj8MkYDmouI7jSgMC via 1.1 a2ce61e5ddc66736c9e2bfb6581fa2da.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop FRA60-P6 age 1087351 x-amz-server-side-encryption AES256 content-encoding br x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Mon, 01 Apr 2024 16:01:41 GMT server cloudflare etag W/"3a4474324e070674ecd017b9d44b9c99" vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7HUOrARwxThSNt8X9775yJMBQrVyvxhZpXD0SE2TgWcPxX0uXvyevOTke9LdfHB4MqEzHL7WDYLxd0RBh%2Brc4m3ob4P9b2OlkrSSoIl48yJtBVCGMS9Fu4T9%2FBVUOJ7sB8L8mAJtokZWDJN8dvTXh9it7no%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 88294e2b3ac82bb0-FRA x-amz-cf-id uPbLZkmjrnCQRcy_jlXxA53kIIcKlWFGGfQZ_1GaMR0TsSieN4Mxjg== expires Mon, 12 May 2025 09:15:38 GMT
GET H3	200	clean-theme.min.js Show response cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89832529306/1686068712261/CLEAN-6-1-Child-Netenrich/js/	176 KB 52 KB	38ms 37ms	Script application/javascript	104.18.89.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89832529306/1686068712261/CLEAN-6-1-Child-Netenrich/js/clean-theme.min.js Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.89.62 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4adb7831865a2a887ca2cac64fcbb9715c01e7f3bae951cf9f6df7df7e312559 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 1297727 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-hs-cf-lambda us-east-1.EnforceAclForReads 3 x-evy-trace-listener listener_https etag W/"cef587f9fcabc87d9ff546c4f933a60c" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript; charset=utf-8 access-control-allow-origin * x-amz-meta-created-unix-time-millis 1686068713362 cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-evy-trace-virtual-host all x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3 date Sun, 12 May 2024 09:15:38 GMT cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop IAD89-C1 x-hs-alternate-content-type text/plain x-hubspot-correlation-id 90e6b260-a450-48d9-b280-0dc90fed210e x-amz-storage-class INTELLIGENT_TIERING x-envoy-upstream-service-time 248 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id 90e6b260-a450-48d9-b280-0dc90fed210e last-modified Tue, 06 Jun 2023 16:25:14 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e4vMrlKPt9d3exfSTkomYxFGFU0moyiSRBttBX5wig6Mz%2FiNpZSco5bH54QGlAIGrO3HPLydxUvFDIdGc%2BjNI%2Fj6%2Fmxwmu5iYV0YieXOshoHECqToT1BEPMq4Paa3yB6%2Fw0%3D"}],"group":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/cms-cdn2-td/envoy-proxy-687b456bbc-8hmch cf-ray 88294e2adb3437d4-FRA timing-allow-origin cdn2.hubspot.net
GET H3	200	jquery-modal-min.min.js Show response cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840555887/1687914914047/CLEAN-6-1-Child-Netenrich/js/	5 KB 3 KB	37ms 37ms	Script application/javascript	104.18.89.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840555887/1687914914047/CLEAN-6-1-Child-Netenrich/js/jquery-modal-min.min.js Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.89.62 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed29c38a135cd8575eaa762bc9eaf674c2a546d06bcddcc98df69fd55d533803 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 274624 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-hs-cf-lambda us-east-1.EnforceAclForReads 3 x-evy-trace-listener listener_https etag W/"7cbf02f1a5ef1a644b364f1f41322f51" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript; charset=utf-8 access-control-allow-origin * x-amz-meta-created-unix-time-millis 1687914914293 cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-evy-trace-virtual-host all x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3 date Sun, 12 May 2024 09:15:38 GMT cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop IAD89-C1 x-hs-alternate-content-type text/plain x-hubspot-correlation-id e5f5a71e-ed15-4773-a19c-d90ec83621b0 x-amz-storage-class INTELLIGENT_TIERING x-envoy-upstream-service-time 307 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id e5f5a71e-ed15-4773-a19c-d90ec83621b0 last-modified Wed, 28 Jun 2023 01:15:15 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qnGNW9%2F951K5JdPi7n%2FVEuyqIblsXQPQ7gFM4qoi4QYuJqBC6Z0ojZ687TKdvAN9nQlw1U3AbxZyqMRyF%2BBuZnAI%2FKhNpl87GFcJmqSKNDhkG1Lnu7brhKkSMluKljKLPM8%3D"}],"group":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z cf-ray 88294e2b0b6f37d4-FRA timing-allow-origin cdn2.hubspot.net
GET H3	200	odometer.min.js Show response cdn2.hubspot.net/hub/128884/hub_generated/template_assets/137783202451/1696404218289/CLEAN-6-1-Child-Netenrich/	13 KB 5 KB	39ms 39ms	Script application/javascript	104.18.89.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/137783202451/1696404218289/CLEAN-6-1-Child-Netenrich/odometer.min.js Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.89.62 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f33415cacac77ad451c90d83eace652f852e29e49908f0cc04d3cec3d0a81fb3 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 1320364 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-hs-cf-lambda us-east-1.EnforceAclForReads 3 x-evy-trace-listener listener_https etag W/"314591612ec217f7a4c7eb9075d45958" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript; charset=utf-8 access-control-allow-origin * x-amz-meta-created-unix-time-millis 1696404218555 cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-evy-trace-virtual-host all x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3 date Sun, 12 May 2024 09:15:38 GMT cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop IAD89-C1 x-hs-alternate-content-type text/plain x-hubspot-correlation-id 016aa04b-4d23-4802-bbea-1e5ec9988068 x-amz-storage-class INTELLIGENT_TIERING x-envoy-upstream-service-time 235 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id 016aa04b-4d23-4802-bbea-1e5ec9988068 last-modified Wed, 04 Oct 2023 07:23:39 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z2c0loBFz%2B5%2BHjf%2BIxVtAPlgjny5TH2Vsc8up839%2FXpiJfG4W6Jo7oQ0tuhJeEilQmiwJe%2F3DuCzrXFOoiWnClH854vMnkRqQS%2Fs8zgUXbC%2BBBJlx3a7kvKgTQjPHtLta9A%3D"}],"group":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z cf-ray 88294e2adb3837d4-FRA timing-allow-origin cdn2.hubspot.net
GET H3	200	child.min.js Show response cdn2.hubspot.net/hub/128884/hub_generated/template_assets/90058492740/1699332974728/CLEAN-6-1-Child-Netenrich/	433 B 1 KB	62ms 62ms	Script application/javascript	104.18.89.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/90058492740/1699332974728/CLEAN-6-1-Child-Netenrich/child.min.js Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.89.62 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d6e34e980fcc571b82024e51757363f2fd830751342f4ad52c9673013be82f44 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 2557822 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-hs-cf-lambda us-east-1.EnforceAclForReads 3 x-evy-trace-listener listener_https etag W/"fdebdedc959bfa8583e6b3f4b0109826" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript; charset=utf-8 access-control-allow-origin * x-amz-meta-created-unix-time-millis 1699332974861 cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-evy-trace-virtual-host all x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3 date Sun, 12 May 2024 09:15:38 GMT cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop IAD89-C1 x-hs-alternate-content-type text/plain x-hubspot-correlation-id 54f6e50f-2c60-43ce-93c5-0da1b44508d7 x-amz-storage-class INTELLIGENT_TIERING x-envoy-upstream-service-time 168 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id 54f6e50f-2c60-43ce-93c5-0da1b44508d7 last-modified Tue, 07 Nov 2023 04:56:15 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CPZQk8DvGvBxIldHsTj5qbWp7hkq8zxhDAI9hXRpQaj1fY9a4lKBQ5LMpi3fZU4F8QmIthCifNW0AKGQv%2B90mxGB%2Fo3riUx83Mj%2F%2Fo6u3JYHR4KXNDZNT17a18kiGgxxmGs%3D"}],"group":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/cms-cdn2-td/envoy-proxy-64d59778d6-f6gc6 cf-ray 88294e2b0b6a37d4-FRA timing-allow-origin cdn2.hubspot.net
GET H3	200	mega-menu.min.js Show response cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840853842/1687914910210/CLEAN-6-1-Child-Netenrich/js/	672 B 1 KB	35ms 33ms	Script application/javascript	104.18.89.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840853842/1687914910210/CLEAN-6-1-Child-Netenrich/js/mega-menu.min.js Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.89.62 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6aa2b4b8e9bffc2525a3df9a517ae89876e34fefde827e5587edd591f16c268 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 2558922 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-hs-cf-lambda us-east-1.EnforceAclForReads 3 x-evy-trace-listener listener_https etag W/"d936444d4762e1f4b92dc50163090aed" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript; charset=utf-8 access-control-allow-origin * x-amz-meta-created-unix-time-millis 1687914910344 cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-evy-trace-virtual-host all x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3 date Sun, 12 May 2024 09:15:38 GMT cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop IAD89-C1 x-hs-alternate-content-type text/plain x-hubspot-correlation-id b8b92734-092a-4e6f-bf69-9b40a82affc1 x-amz-storage-class INTELLIGENT_TIERING x-envoy-upstream-service-time 194 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id b8b92734-092a-4e6f-bf69-9b40a82affc1 last-modified Wed, 28 Jun 2023 01:15:11 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HNFb9CgpoECsy0WgN2zlLs4MS5d3U49BRttnKztYX1LZX6lzWYHDAkh72qwr39sXjK4WYelVCwPxqHLQwbt4eW9iQdwgT9sn%2BoXu8l6s36OrrPKSFXMlMFh6Axj%2FzKwt6QQ%3D"}],"group":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z cf-ray 88294e2b0b6b37d4-FRA timing-allow-origin cdn2.hubspot.net
GET H3	200	module_109981603486_Global_Footer.min.js Show response cdn2.hubspot.net/hub/128884/hub_generated/module_assets/109981603486/1692179791572/	289 B 1 KB	35ms 33ms	Script application/javascript	104.18.89.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn2.hubspot.net/hub/128884/hub_generated/module_assets/109981603486/1692179791572/module_109981603486_Global_Footer.min.js Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.89.62 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e0b01bc51c5b7d77b118d1fc2252d792616ec08f8b3acc0574b21c2bfaf4d63 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 1252687 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-hs-cf-lambda us-east-1.EnforceAclForReads 3 x-evy-trace-listener listener_https etag W/"9a6abf5bc72ecfd950d6edd226b8b428" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript; charset=utf-8 access-control-allow-origin * x-amz-meta-created-unix-time-millis 1692179791572 cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-evy-trace-virtual-host all x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3 date Sun, 12 May 2024 09:15:38 GMT cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop IAD89-C1 x-hs-alternate-content-type text/plain x-hubspot-correlation-id 813a02df-5d3b-47b0-a3b8-c1619a61cf4b x-amz-storage-class INTELLIGENT_TIERING x-envoy-upstream-service-time 198 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id 813a02df-5d3b-47b0-a3b8-c1619a61cf4b last-modified Wed, 16 Aug 2023 09:56:32 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wsaFNIXqomJpb88%2F1kuDghrBNrzMu6PMuCJ59%2FJ%2B6cjC4qQez9Fp9tKS168NE4XhKhBZsouZHddUKnMmmvtlRCHR29bApJ9A5CQRPTV02kNL41hvKSkhsmkVVdYzjGF01bQ%3D"}],"group":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z cf-ray 88294e2b0b6d37d4-FRA timing-allow-origin cdn2.hubspot.net
GET H3	200	128884.js Show response netenrich.com/hs/scriptloader/	2 KB 2 KB	51ms 51ms	Script application/javascript	104.18.29.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netenrich.com/hs/scriptloader/128884.js Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9b2e51cff13e0d6a285c6f43664b41a97ce24e045f101d6d4a1fef43497347db Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests age 84 x-evy-trace-route-service-name envoyset-translator cf-polished origSize=1952 x-hubspot-correlation-id 9fd3b533-1e37-4a3b-b5ac-aead91fb6846 content-encoding br x-envoy-upstream-service-time 3 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 9fd3b533-1e37-4a3b-b5ac-aead91fb6846 last-modified Sun, 12 May 2024 09:14:14 GMT cf-bgj minify server cloudflare vary origin, Accept-Encoding access-control-max-age 3600 content-type application/javascript;charset=utf-8 access-control-allow-origin https://netenrich.com x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-qgm8w cache-control public, max-age=90 access-control-allow-credentials true x-evy-trace-virtual-host all report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JONax4LmWoKrJEA%2FJCsNv0CoPuK9Dn8pUscFLvim5WDSMBxO2IFeXoPAFdLnUDySKKjqrpiC3qCnETC10KRr3aNmb%2FpqrTDYlykeDJIgFhUnnKMhm7t29%2Br6oilL7ss%3D"}],"group":"cf-nel","max_age":604800} cf-ray 88294e2b0c5a9a21-FRA expires Sun, 12 May 2024 09:17:08 GMT
GET H3	200	index.js Show response netenrich.com/hs/hsstatic/HubspotToolsMenu/static-1.321/js/	12 KB 5 KB	58ms 57ms	Script application/javascript	104.18.29.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netenrich.com/hs/hsstatic/HubspotToolsMenu/static-1.321/js/index.js Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f826bcac220a5475477ee65fae659b0d8292d038d180a122df67fadb6742ed52 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000 via 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests age 4554119 x-amz-cf-pop FRA56-P2 x-amz-server-side-encryption AES256 x-amz-version-id 1rlxLpliQ7bEVIEMqiesE48_Sx9RmqkP content-encoding br x-cache Hit from cloudfront x-amz-replication-status COMPLETED alt-svc h3=":443"; ma=86400 last-modified Wed, 20 Mar 2024 15:59:57 GMT server cloudflare etag W/"5885ac5129ee80f8b7e1e228e142587d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y1%2BT1Og%2Bzirv%2FSXY6DEXe6LDzmBDwNnKg6eCMFGGfiD2Xrotzi%2Fd%2F5HZpgdgmSk43KOCnPMyCWTmFgKoPzGXTkudcd1O8b1fnayAcHkKizoHvHppfXoSFaGOHt8eCb4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 88294e2b0c5b9a21-FRA x-amz-cf-id LBGxxkuxmXbhcFaI-NR3fKwzXfE0BgYFZAIA9oCaZx8Z6HSTKhi43g== expires Mon, 12 May 2025 09:15:38 GMT
GET H3	200	main-foot.min.css cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840581256/1687914924342/CLEAN-6-1-Child-Netenrich/css/	113 KB 1 KB	40ms 40ms	Other text/css	104.18.89.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840581256/1687914924342/CLEAN-6-1-Child-Netenrich/css/main-foot.min.css Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.89.62 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f2b1d32241758db7748beef6f79403c974a780b30aef31fc2c5599bc5c9bae1 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 2537314 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-hs-cf-lambda us-east-1.EnforceAclForReads 3 x-evy-trace-listener listener_https etag W/"10bd1277eb87df74d9c0eeb9d77f204b" vary Accept-Encoding access-control-allow-methods GET x-amz-meta-created-unix-time-millis 1687914925388 access-control-allow-origin * x-evy-trace-virtual-host all content-type text/css cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3 date Sun, 12 May 2024 09:15:38 GMT cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop IAD89-C1 x-hs-alternate-content-type text/plain x-hubspot-correlation-id a90c332c-66ef-4f58-9425-c8b6bd9af3d7 x-amz-storage-class INTELLIGENT_TIERING x-envoy-upstream-service-time 181 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id a90c332c-66ef-4f58-9425-c8b6bd9af3d7 last-modified Wed, 28 Jun 2023 01:15:26 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t2D6mpxLe7Cvz1SMGx6P8TZ3KqN%2FpyxhdCsQioUWYgyPxQTGw7lxFM3SQyrAUdIsMaJBvkgRVzNwRGX3Ad1SeKzayJySXHfsyHd680KOJmZNTnGw4s58UybvzxlYXwSa01I%3D"}],"group":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/cms-cdn2-td/envoy-proxy-64d59778d6-f6gc6 cf-ray 88294e2b0b7437d4-FRA timing-allow-origin cdn2.hubspot.net
GET H3	200	row-multi-column-content.min.css cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89832528536/1687914912452/CLEAN-6-1-Child-Netenrich/css/modules/	833 B 1 KB	38ms 38ms	Other text/css	104.18.89.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89832528536/1687914912452/CLEAN-6-1-Child-Netenrich/css/modules/row-multi-column-content.min.css Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.89.62 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc3eb3b3977d5a539871b653bd3e5d50f6a364a17cc3d5beed43fc5928fe1afb Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 2069257 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-hs-cf-lambda us-east-1.EnforceAclForReads 3 x-evy-trace-listener listener_https etag W/"02af04e886c6e6f3ade3b560da65c941" vary Accept-Encoding access-control-allow-methods GET x-amz-meta-created-unix-time-millis 1687914913027 access-control-allow-origin * x-evy-trace-virtual-host all content-type text/css cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3 date Sun, 12 May 2024 09:15:38 GMT cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop IAD89-C1 x-hs-alternate-content-type text/plain x-hubspot-correlation-id a0eb04fd-1f35-4a19-b20b-6f19aadffb77 x-amz-storage-class INTELLIGENT_TIERING x-envoy-upstream-service-time 155 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id a0eb04fd-1f35-4a19-b20b-6f19aadffb77 last-modified Wed, 28 Jun 2023 01:15:14 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SMj4o%2FMKPAWMF4yp06iC2AlVipq3PF1V%2BWUDzOSUhzewuU1kVxsjI%2FZYjoWPHdAtJ9jSL%2BxdqbghWBgKD%2FBzJLiwE7jXYXNS17LAkrmLBavC2PlUt%2FKncIWcrvc6lPaTvXs%3D"}],"group":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/cms-cdn2-td/envoy-proxy-5896745bbb-5tx8p cf-ray 88294e2b0b7737d4-FRA timing-allow-origin cdn2.hubspot.net
GET H3	200	regular.woff2 netenrich.com/_hcms/googlefonts/Inter/	95 KB 96 KB	93ms 90ms	Font font/woff2	104.18.29.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netenrich.com/_hcms/googlefonts/Inter/regular.woff2 Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e79ab82e5909071c56baad1b43348ca00a1a53970967f812638c10a449e73bcd Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Origin https://netenrich.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Sun, 26 May 2024 09:15:38 GMT date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000 via 1.1 a49b989a1c88787f19380a9f833baede.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests age 84 x-amz-cf-pop MXP64-C2 x-amz-server-side-encryption AES256 x-amz-request-id JQ5T9BMA5NRMH351 x-cache RefreshHit from cloudfront x-amz-version-id a6tm8WkyKaxah_2MSeNX09oFCmnJeRFh x-hs-cf-lambda us-east-1.EnforceAclForReads 3 alt-svc h3=":443"; ma=86400 content-length 97324 x-amz-id-2 fm3+eaPAZnQ9g1kqjSRAKi20IVCCwvJQuLH6fvq/T8NhKb/lwlFCZMzZA0M1qIcWy00vakkbPvkjZNaVH7gGljTP5qocAEKiADb/I4AbR54= last-modified Wed, 29 Nov 2023 20:01:28 GMT server cloudflare etag "707b265a9518d559e199cc66c84ae791" vary Accept-Encoding access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3pvOVJ6Omp83uYxkO6ZS61lHzAzRar4iqE9JO1Cr4mhzcaoBVC5R6JxohhZql95aF7lpaQY5fsojch%2F9oDiuoxXiq0peSGadzr%2F24XRAQKQVa9DxTfze7VIOy294Ed4%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=1209600 accept-ranges bytes cf-ray 88294e2b4c909a21-FRA x-amz-cf-id Hdw6RkeWhkULd2VH6mcbIghRxws2miwso6yRojBEVbUoXXsf3E2RsQ== x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3
GET H3	200	regular.woff2 netenrich.com/_hcms/googlefonts/Plus_Jakarta_Sans/	22 KB 23 KB	170ms 167ms	Font font/woff2	104.18.29.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netenrich.com/_hcms/googlefonts/Plus_Jakarta_Sans/regular.woff2 Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c5e0a37084a3294633982723e79ddd3af0afa27825d7e3e0b28dd7714594d621 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Origin https://netenrich.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Sun, 26 May 2024 09:15:38 GMT date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000 via 1.1 e2dc4178fd5d89ed6c6e3cd0e2e53fa6.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests age 84 x-amz-cf-pop CDG53-C1 x-amz-server-side-encryption AES256 x-amz-request-id DAE0NFRH60MTZ36A x-cache RefreshHit from cloudfront x-amz-version-id zmEhT7lISB2J7NbQ5ndndy5omdOhMBXL x-hs-cf-lambda us-east-1.EnforceAclForReads 3 alt-svc h3=":443"; ma=86400 content-length 22136 x-amz-id-2 GzMGYpGDl4LLdTajS5bw72Dbbu9zs+1rvdgg7akrvNVW6/6V1uNMbdMdTBGHKnTngPsQYXKSTBP5ZcH1tJvuMfAkHGykCj4G last-modified Tue, 12 Sep 2023 22:25:53 GMT server cloudflare etag "c9486e9610491222e905dcd5bb108d85" vary Accept-Encoding access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RiuO69C1xzk9%2BPotci5qt6PUS8GrXVCgy5unJTX9zpcBLO6guK28xU0MwdoS4%2F9HtTgPp2bZbFyogmn%2BD7gNQNdGEMmZONVK2gPaD5gYgIpxKFhrvcVGhlfB0%2FJ7VEg%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=1209600 accept-ranges bytes cf-ray 88294e2b4c929a21-FRA x-amz-cf-id le6pDN2oOHsaEqYxVptPWbmLpClQvHZ6bY3XebgjJfjNIQCNs8lhcA== x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3
GET H2	200	fa-solid-900.woff2 128884.fs1.hubspotusercontent-na1.net/hubfs/128884/raw_assets/public/@marketplace/Helpful_Hero/CLEAN-6-1-theme/webfonts/	78 KB 79 KB	95ms 62ms	Font application/font-woff2	2606:4700:4400::6812:297c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://128884.fs1.hubspotusercontent-na1.net/hubfs/128884/raw_assets/public/@marketplace/Helpful_Hero/CLEAN-6-1-theme/webfonts/fa-solid-900.woff2 Requested by Host: cdn2.hubspot.net URL: https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840581256/1687914924342/CLEAN-6-1-Child-Netenrich/css/main-foot.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cdn2.hubspot.net/ Origin https://netenrich.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-meta-cache-tag F-89840124208,FD-89830975632,P-128884,FLS-ALL age 2557820 x-amz-request-id 4BC2B1Z3V63T0FPW x-amz-server-side-encryption AES256 edge-cache-tag F-89840124208,FD-89830975632,P-128884,FLS-ALL x-amz-replication-status COMPLETED x-hs-cf-lambda us-east-1.EnforceAclForReads 3 etag "b15db15f746f29ffa02638cb455b8ec0" vary Accept-Encoding access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin * x-amz-meta-created-unix-time-millis 1666982785827 cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-robots-tag none x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3 date Sun, 12 May 2024 09:15:38 GMT via 1.1 a5607d37f6322bee208b762f730550a0.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-version-id SdqgGKRhZNWotq8SORxfIo9CiXTmWQMQ x-amz-cf-pop FRA60-P7 x-hs-alternate-content-type text/plain x-cache RefreshHit from cloudfront cache-tag F-89840124208,FD-89830975632,P-128884,FLS-ALL x-amz-meta-index-tag none x-amz-storage-class INTELLIGENT_TIERING content-length 79444 x-amz-id-2 LMwn7RD36RI4+RB/HxZXJ3IBQsy4P0sMtk073GEL6vPsRlr+DRww8Y5xjU043CBg7Rn/WMwWNI4= last-modified Fri, 28 Oct 2022 18:46:26 GMT server cloudflare accept-ranges bytes cf-ray 88294e2b7fe93a76-FRA timing-allow-origin 128884.fs1.hubspotusercontent-na1.net x-amz-cf-id oBNJZ6kIodcIQFXqbtKFnIasN7lk9M55V_vQL-oi4TQfcOprAPkYlw==
GET H3	200	500.woff2 netenrich.com/_hcms/googlefonts/Plus_Jakarta_Sans/	22 KB 24 KB	86ms 83ms	Font font/woff2	104.18.29.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netenrich.com/_hcms/googlefonts/Plus_Jakarta_Sans/500.woff2 Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9bdadbde2f846fcb4aa12c285bbc113f7f1470f0b5d72dd52671cce3e10ef0a2 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Origin https://netenrich.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Sun, 26 May 2024 09:15:38 GMT date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000 via 1.1 9ec406dc5379d974fc3d9f41dd497bf0.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests age 84 x-amz-cf-pop FRA60-P7 x-amz-server-side-encryption AES256 x-amz-request-id 67EEA54PHXW1EJZ0 x-cache RefreshHit from cloudfront x-amz-version-id WRFtoH0Z888q6PFFiaw4FNCgDVdilrQ6 x-hs-cf-lambda us-east-1.EnforceAclForReads 3 alt-svc h3=":443"; ma=86400 content-length 22988 x-amz-id-2 Nt2dlJnktQ3yu9SubXmSwEXl42zGRSjxAHFsmRKnnG/utMo0DAuCOCgJxlVV1xwtsChr5VwzPjU= last-modified Tue, 12 Sep 2023 22:25:42 GMT server cloudflare etag "a620c77219c25677b07fea63b2cb98a0" vary Accept-Encoding access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vzl4%2FXtG7WsPBqiGqjgu%2FB3p7I9tP6CzJ7Cu8DDa%2BFMo7ObcOslOQVgZR6FnfhuCZGhPRoYtopUFElJ5WFgcLt9rsW2AXMJ5UYMuK1IJx6mJj0c7sV8C8ujWKAOjJlc%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=1209600 accept-ranges bytes cf-ray 88294e2b4c959a21-FRA x-amz-cf-id z22nE5NLj64XGuNDc2sYB_Sx6zK5LD1-DEUqmr_6sg8BvtDYMEr_iQ== x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3
GET H3	200	800.woff2 netenrich.com/_hcms/googlefonts/Plus_Jakarta_Sans/	22 KB 23 KB	109ms 106ms	Font font/woff2	104.18.29.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netenrich.com/_hcms/googlefonts/Plus_Jakarta_Sans/800.woff2 Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a3a045a55ce5bdb56ea57e37b6e25decab1313db2cc462e9c13c29797f2f2dfd Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Origin https://netenrich.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Sun, 26 May 2024 09:15:38 GMT date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000 via 1.1 6f4aa26c09fb9bb4d152519f44256a4c.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests age 84 x-amz-cf-pop FRA60-P7 x-amz-server-side-encryption AES256 x-amz-request-id EPMRHH0ZF7RHNWQT x-cache RefreshHit from cloudfront x-amz-version-id ygC5bYh0Clc9I2SLFCOOSHGa7RfxexdQ x-hs-cf-lambda us-east-1.EnforceAclForReads 3 alt-svc h3=":443"; ma=86400 content-length 22348 x-amz-id-2 ccTnwV34LaPvsnLmZv7qQRkNroo9EWzgFLd3V7iELQrM0ATPzzekn/atCXCumGhjgWUWNIZ29FlUTwv9bSeugN1eDPasjj4M2pNeIIi17xU= last-modified Tue, 12 Sep 2023 22:25:43 GMT server cloudflare etag "d01abaaef9aacc1eb8aa64a9af1504ba" vary Accept-Encoding access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j80vk1uWmRwF6Md1doW4Rm2eJ1mXnuyhT2LcE%2FT4%2B1SlNQv0%2F22njVmkkMwqT5JR%2B1KKTQ%2B5yRsYK4cgkFrGw3aWdGbEO0a%2BXGHnhiaPSrtk%2Bu14IGyIVZup5YRA77I%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=1209600 accept-ranges bytes cf-ray 88294e2b4c969a21-FRA x-amz-cf-id oI6PohBaLfkKSKGYJAKvIlIbq05fjj6t2LZ4eXwcub5QXCZV9KXjGA== x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3
GET H3	200	700.woff2 netenrich.com/_hcms/googlefonts/Inter/	104 KB 105 KB	113ms 110ms	Font font/woff2	104.18.29.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netenrich.com/_hcms/googlefonts/Inter/700.woff2 Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e11c5e343207d11c5d88db4a5e6ed9d1bec922ff9a3b40b8631fdef84b6a969 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Origin https://netenrich.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Sun, 26 May 2024 09:15:38 GMT date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000 via 1.1 98845fbd1cb14abbe9d464a4caf17976.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests age 84 x-amz-cf-pop FRA60-P7 x-amz-server-side-encryption AES256 x-amz-request-id 7DFN589PN24YVKG3 x-cache RefreshHit from cloudfront x-amz-version-id c5yuJTJWIqnopBvZzip_eovp09FlepSs x-hs-cf-lambda us-east-1.EnforceAclForReads 3 alt-svc h3=":443"; ma=86400 content-length 106168 x-amz-id-2 0z4UJIFtTFu3/i/z/i54vJJlOsN8/4niPkebsrSjdUn1SdukiALzfxzgugbrj/jAk47luJey61I= last-modified Wed, 29 Nov 2023 20:01:27 GMT server cloudflare etag "eff90385be9d3cfd841608f3446045a6" vary Accept-Encoding access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RSWNcd7ydixVXutIBW%2FBw%2Bb%2F0D50m78YvGvhTKFZNNkeqv9ANJFiPf3mWAHGjK75lYBuxgBC3P%2FnA9WQLAa8LUEQTK%2FUBsGBVr11rpXMD8bctssb26WGNWQ3OSYa%2BLo%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=1209600 accept-ranges bytes cf-ray 88294e2b4c999a21-FRA x-amz-cf-id mTuEcck_VX4rNBdAaT8ESFXKyPyUKLVv37UaV8ZQHaNBqJj_DrLM9Q== x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3
GET H3	200	800.woff2 netenrich.com/_hcms/googlefonts/Inter/	104 KB 105 KB	908ms 906ms	Font font/woff2	104.18.29.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netenrich.com/_hcms/googlefonts/Inter/800.woff2 Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 151a1622b0d73e0fe3a2f7ccf20f20a4b2b6b5b6878ebec7de8b06b77d89aa12 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Origin https://netenrich.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Sun, 26 May 2024 09:15:39 GMT date Sun, 12 May 2024 09:15:39 GMT strict-transport-security max-age=31536000 via 1.1 b08e1d433d62b5ab056680968a8cc7ea.cloudfront.net (CloudFront) cf-cache-status REVALIDATED nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests x-amz-cf-pop FRA60-P7 x-amz-request-id 0DZ8XNV6PW94X6WH x-amz-server-side-encryption AES256 x-amz-version-id d_bMe..cwGROPfrN.aLAu55VlcU12z1P x-cache RefreshHit from cloudfront x-hs-cf-lambda us-east-1.EnforceAclForReads 3 alt-svc h3=":443"; ma=86400 content-length 106212 x-amz-id-2 OuQ0hZqygt617BmzyVEebMqUVp3f72lucMelIavJQ66rmsdZxLP+kQjuX3p75ZJ5ObxQAOz9znY= last-modified Wed, 29 Nov 2023 20:01:35 GMT server cloudflare etag "41de8ba5533482750f81fb5c7e764081" vary Accept-Encoding access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yi%2FshDDMzQ4chO%2BKM64%2BSdyZ5qTJunb%2FctuLaAsX48xJtB1SVtHtjGs4A%2FVkLkc2ouCtJclSv51oJLS2OtJMfDurOoJmed7S%2FzdgblUsx2XMtcjZtmcv1hTH8Uf359Y%3D"}],"group":"cf-nel","max_age":604800} cache-control public, max-age=1209600 accept-ranges bytes cf-ray 88294e2b4c9a9a21-FRA x-amz-cf-id 6O79rIjjjWjYmD2yKTJYJjGNR-r_QJKhkbqZodQonXjw9iJMW6Lfgg== x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3
GET H2	200	fa-brands-400.woff2 128884.fs1.hubspotusercontent-na1.net/hubfs/128884/raw_assets/public/@marketplace/Helpful_Hero/CLEAN-6-1-theme/webfonts/	75 KB 75 KB	105ms 73ms	Font application/font-woff2	2606:4700:4400::6812:297c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://128884.fs1.hubspotusercontent-na1.net/hubfs/128884/raw_assets/public/@marketplace/Helpful_Hero/CLEAN-6-1-theme/webfonts/fa-brands-400.woff2 Requested by Host: cdn2.hubspot.net URL: https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840581256/1687914924342/CLEAN-6-1-Child-Netenrich/css/main-foot.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://cdn2.hubspot.net/ Origin https://netenrich.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-meta-cache-tag F-89840158827,FD-89830975632,P-128884,FLS-ALL age 2558922 x-amz-request-id 4QTA8KEVRGGBCEE8 x-amz-server-side-encryption AES256 edge-cache-tag F-89840158827,FD-89830975632,P-128884,FLS-ALL x-amz-replication-status COMPLETED x-hs-cf-lambda us-east-1.EnforceAclForReads 3 etag "ed311c7a0ade9a75bb3ebf5a7670f31d" vary Accept-Encoding access-control-allow-methods GET content-type application/font-woff2 access-control-allow-origin * x-amz-meta-created-unix-time-millis 1666982785902 cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-robots-tag none x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3 date Sun, 12 May 2024 09:15:38 GMT via 1.1 f2a51982e289d888963f4f93b48c5f22.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-version-id DTfaAEKEuAdI2q_mFWNHJiw_SqcmrK5N x-amz-cf-pop FRA60-P7 x-hs-alternate-content-type text/plain x-cache RefreshHit from cloudfront cache-tag F-89840158827,FD-89830975632,P-128884,FLS-ALL x-amz-meta-index-tag none x-amz-storage-class INTELLIGENT_TIERING content-length 76736 x-amz-id-2 q+2L1IihBzLMBWYwVroIBx2L/NUzyZJBqm1JafkNZ3AlsxbONDrg27zy0I1qPiZDmsHWleI3HV0= last-modified Fri, 28 Oct 2022 18:46:26 GMT server cloudflare accept-ranges bytes cf-ray 88294e2b7fe53a76-FRA timing-allow-origin 128884.fs1.hubspotusercontent-na1.net x-amz-cf-id j3ZZoAcreN1Si6sOVd-LNX9zlaXYZWFYM4UP8XMcMpyCYrxyNBoZ2w==
GET H3	200	featured-video-plarform-nav-dropdown.png netenrich.com/hs-fs/hubfs/images/	4 KB 5 KB	75ms 75ms	Image image/webp	104.18.29.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netenrich.com/hs-fs/hubfs/images/featured-video-plarform-nav-dropdown.png?width=400&height=176&name=featured-video-plarform-nav-dropdown.png Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d0f37c0ed06bdcb1bad0b97f95ec804a1a0d41ec51ff36e887423e953f68e956 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000 via 1.1 1903071a927324e2fb28199ee96c4bb2.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-content-type-options nosniff content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests cache-tag F-165504546200,FD-16963137,P-128884,FLS-ALL alt-svc h3=":443"; ma=86400 content-length 3676 cf-resized internal=ok/m q=0 n=800+0 c=4+20 v=2024.4.1 l=3676 last-modified Thu, 25 Apr 2024 12:03:18 GMT cf-bgj imgq:86,h2pri server cloudflare etag "cflrKtOjr0AXpjgz8zR_fNziAwXBlIgwK1PqDV9LSdDQ:bed533fac620fd5a80d982e02ef34ec7" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fJxZ%2Fb3AL3W%2BOWMF54kUW1ADWcrJPcXfjAOxVjaCqbi2h5GC6aQKoNK%2FSjrNAvDaegEr0miax%2FJ6ctxxr58RW00JxnqunzYlPgE7LVRFYiqwIgKJzb%2FAvlAN8aQyfKo%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 accept-ranges bytes cf-ray 88294e2b4c7f9a21-FRA timing-allow-origin d8fk70yj6xfhx.cloudfront.net
GET H3	200	netenrich-gartner-emerging-tech-security-report.webp netenrich.com/hs-fs/hubfs/blog/	7 KB 8 KB	77ms 76ms	Image image/webp	104.18.29.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netenrich.com/hs-fs/hubfs/blog/netenrich-gartner-emerging-tech-security-report.webp?width=300&height=157&name=netenrich-gartner-emerging-tech-security-report.webp Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c71736af0ebc45a33daae647e8b3dd787e2ad795e1387f8aa779ca20790886a Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000 via 1.1 3108b3c3c306768051fa0658c0445308.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-content-type-options nosniff content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests cache-tag F-145604126835,FD-79326562910,P-128884,FLS-ALL alt-svc h3=":443"; ma=86400 content-length 7028 cf-resized internal=ok/m q=0 n=784+0 c=0+0 v=2024.4.1 l=7028 last-modified Wed, 15 Nov 2023 11:13:15 GMT cf-bgj imgq:0,h2pri server cloudflare etag "cf9esPQ66hQFz1rk6KSaZkyFgHRmTpwU00oc4mJw8kDQ:c76f994df52b21cf057e733ee0d3135c" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3tc5RCuw0gqXUakHHLDLbJ%2By7%2Br4o0u%2FlcwQd94nf2H%2BbQ7pk3h41P9br6eJYRBCI7HEihDJhew127HQyHOa3jpqmjgmceUsAREt4cwYVL1U9jgzWcbKM7yBkfRCj60%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 accept-ranges bytes cf-ray 88294e2b4c829a21-FRA timing-allow-origin d8fk70yj6xfhx.cloudfront.net
GET H3	200	rakesh-krishnan.png netenrich.com/hs-fs/hubfs/headshots/	504 B 2 KB	61ms 61ms	Image image/webp	104.18.29.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netenrich.com/hs-fs/hubfs/headshots/rakesh-krishnan.png?width=30&name=rakesh-krishnan.png Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 04bcf4dcb045d57f040ae091c4359ad66819cca73b3a6307b0e13ff63f91afd9 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000 via 1.1 f14a77f80eb66aa455bd94a07a2a0c64.cloudfront.net (CloudFront) cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-content-type-options nosniff content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests cache-tag F-127039472562,FD-80372026186,P-128884,FLS-ALL alt-svc h3=":443"; ma=86400 content-length 504 cf-resized internal=ok/m q=0 n=812+0 c=4+2 v=2024.4.1 l=504 last-modified Wed, 26 Jul 2023 06:20:10 GMT cf-bgj imgq:86,h2pri server cloudflare etag "cflvDyq06mBrnr_szBG8E_UB6j3cWOidFCnm1bBs3aDQ:ed71f1a50b6fb35a53d9f09a53af278f" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M5i3Z4%2FyldL8m9zX9Op120EqOfOQigCLfKTXrC59UndNT5fF4xpis60IUEgzsjkzAMInAKnWTawzmgqdj5LlULQzoCu5MfCh6S5zUOC7fhBAZoznVcRAbR%2BBS541Dsc%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 accept-ranges bytes cf-ray 88294e2b4c839a21-FRA timing-allow-origin d8fk70yj6xfhx.cloudfront.net
GET H3	200	sample-test.png netenrich.com/hs-fs/hubfs/blog/	18 KB 19 KB	1739ms 1739ms	Image image/webp	104.18.29.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netenrich.com/hs-fs/hubfs/blog/sample-test.png?width=650&height=317&name=sample-test.png Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c1098d3995749dbbd3365d366c6feb44792283dd045880804965c4001c29cba Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:39 GMT strict-transport-security max-age=31536000 via 1.1 444bee00bd8f759506e806be3c13fa6c.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-content-type-options nosniff content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests cache-tag F-131534746427,FD-79326562910,P-128884,FLS-ALL alt-svc h3=":443"; ma=86400 content-length 18846 cf-resized internal=ok/m q=0 n=1631+0 c=3+53 v=2024.4.1 l=18846 last-modified Fri, 25 Aug 2023 09:25:06 GMT cf-bgj imgq:86,h2pri server cloudflare etag "cfNolhEBycwA8T9x_PNAsEC3qcj086g3MbZSZ0DwegDQ:0f63acbec4bb029714ff7302907f8c48" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bGylGJqOaXE6GSeAZpz1vCw%2FxEa0xFWTmyNjRfqidH0ERfOR7lH6rJX1%2F3rekdlcjSFa6l4J7U0QMvvTil0pjrZjBL5M4SlasEI5aPuKTfhgQ4pE7m560IybFLSgAGw%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 accept-ranges bytes cf-ray 88294e2b4c859a21-FRA timing-allow-origin d8fk70yj6xfhx.cloudfront.net
GET H3	200	ransom-note.png netenrich.com/hs-fs/hubfs/blog/	48 KB 49 KB	1037ms 1037ms	Image image/webp	104.18.29.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netenrich.com/hs-fs/hubfs/blog/ransom-note.png?width=500&height=349&name=ransom-note.png Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a60abe460a50d7523471f42c084f8b40c42d03d6042dff6d164430fe2b0cb625 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:39 GMT strict-transport-security max-age=31536000 via 1.1 d8006f736d3dc32a20a91813f2f50fa2.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-content-type-options nosniff content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests cache-tag F-131496851562,FD-79326562910,P-128884,FLS-ALL alt-svc h3=":443"; ma=86400 content-length 49160 cf-resized internal=ok/m q=0 n=901+0 c=1+76 v=2024.4.1 l=49160 last-modified Thu, 24 Aug 2023 12:50:13 GMT cf-bgj imgq:100,h2pri server cloudflare etag "cfoKOX5XHbXYMV77950gWz8_2BZIVwRjWZLoOB617CDQ:323f552aae1fd5a9534eed8d478db292" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vsl3SGKc2QjDkRYWC71xt%2BZQKWDq17kpmmyS5l868krP%2Fg9RyPqP2kyhsWK1K2DQopC11GYIHwPzD9guh9EDmJxiftsM7oZoFddQtABPTc1i4i2QEjOUjE8XmLpIh6s%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 accept-ranges bytes cf-ray 88294e2b4c869a21-FRA timing-allow-origin d8fk70yj6xfhx.cloudfront.net
GET H3	200	dark-web-panel.png netenrich.com/hs-fs/hubfs/blog/	11 KB 12 KB	869ms 869ms	Image image/webp	104.18.29.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netenrich.com/hs-fs/hubfs/blog/dark-web-panel.png?width=500&height=236&name=dark-web-panel.png Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 26b089bae9a21fc8b11a5e96c9be00be08dbb83b8ee88721845c18f682f9c7d1 Security Headers Name Value Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000 via 1.1 a5607d37f6322bee208b762f730550a0.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-content-type-options nosniff content-security-policy default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests cache-tag F-131500705184,FD-79326562910,P-128884,FLS-ALL alt-svc h3=":443"; ma=86400 content-length 11106 cf-resized internal=ok/m q=0 n=802+0 c=0+17 v=2024.4.1 l=11106 last-modified Thu, 24 Aug 2023 12:51:37 GMT cf-bgj imgq:100,h2pri server cloudflare etag "cfr9sX9g6m1ZXWeAi9PxIRuJ4phy2_C8uVcFdAn55NDQ:52d2ef5c68d0436592aed8a0a6405353" vary Accept, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xcIpnXSHUFEL3CQkSHC9tOGvk8eYtWoWYTSV%2FSmqBjb3UfVzejhAH2SGHSY7iIX602oU%2BUpt%2Bdct1Ev55l%2B5p%2BZZ9LbeOdKffp2eSp9cnxsBSTBZxH7rKeFlc1Mv%2FWs%3D"}],"group":"cf-nel","max_age":604800} content-type image/webp access-control-allow-origin * cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 accept-ranges bytes cf-ray 88294e2b4c899a21-FRA timing-allow-origin d8fk70yj6xfhx.cloudfront.net
GET H3	200	odometer.min.js cdn2.hubspot.net/hub/128884/hub_generated/template_assets/137783202451/1696404218289/CLEAN-6-1-Child-Netenrich/	13 KB 1 KB	26ms 26ms	Other application/javascript	104.18.89.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/137783202451/1696404218289/CLEAN-6-1-Child-Netenrich/odometer.min.js Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.89.62 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f33415cacac77ad451c90d83eace652f852e29e49908f0cc04d3cec3d0a81fb3 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 1320364 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-hs-cf-lambda us-east-1.EnforceAclForReads 3 x-evy-trace-listener listener_https etag W/"314591612ec217f7a4c7eb9075d45958" vary Accept-Encoding access-control-allow-methods GET x-amz-meta-created-unix-time-millis 1696404218555 access-control-allow-origin * x-evy-trace-virtual-host all content-type application/javascript; charset=utf-8 cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3 date Sun, 12 May 2024 09:15:38 GMT cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop IAD89-C1 x-hs-alternate-content-type text/plain x-hubspot-correlation-id 016aa04b-4d23-4802-bbea-1e5ec9988068 x-amz-storage-class INTELLIGENT_TIERING x-envoy-upstream-service-time 235 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id 016aa04b-4d23-4802-bbea-1e5ec9988068 last-modified Wed, 04 Oct 2023 07:23:39 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wKKamQqIDky9u%2B4pXlnRXrEcNhIQyqKlJdakXdAEjk00gWYL1f1yTgjRyZDWag2pclHkN3ELr6HLABYdL1ke%2FxJjFjaKAKrte4Vycv%2Fz6Z8gXMJ%2B38hOeD5eArfkW4B2F2k%3D"}],"group":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z cf-ray 88294e2b5bcd37d4-FRA timing-allow-origin cdn2.hubspot.net
GET H3	200	mega-menu.min.js cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840853842/1687914910210/CLEAN-6-1-Child-Netenrich/js/	672 B 1 KB	34ms 34ms	Other application/javascript	104.18.89.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840853842/1687914910210/CLEAN-6-1-Child-Netenrich/js/mega-menu.min.js Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.89.62 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a6aa2b4b8e9bffc2525a3df9a517ae89876e34fefde827e5587edd591f16c268 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 2558922 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-hs-cf-lambda us-east-1.EnforceAclForReads 3 x-evy-trace-listener listener_https etag W/"d936444d4762e1f4b92dc50163090aed" vary Accept-Encoding access-control-allow-methods GET x-amz-meta-created-unix-time-millis 1687914910344 access-control-allow-origin * x-evy-trace-virtual-host all content-type application/javascript; charset=utf-8 cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3 date Sun, 12 May 2024 09:15:38 GMT cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop IAD89-C1 x-hs-alternate-content-type text/plain x-hubspot-correlation-id b8b92734-092a-4e6f-bf69-9b40a82affc1 x-amz-storage-class INTELLIGENT_TIERING x-envoy-upstream-service-time 194 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id b8b92734-092a-4e6f-bf69-9b40a82affc1 last-modified Wed, 28 Jun 2023 01:15:11 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xf0kzosjJd0v2%2Fkuknn3zjk1cWDT%2BGLAvd0fknQ9A6I4fvN0RoxpraUOJXdcUUj%2FsOAMSKZmg%2BFtUM9IrwJZzjJ0DPnBoXWAcn7GEkvfzIXVdCPZowdgM4WfEGP00a7Ayuc%3D"}],"group":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z cf-ray 88294e2b8bfa37d4-FRA timing-allow-origin cdn2.hubspot.net
GET H3	200	module_109981603486_Global_Footer.min.js cdn2.hubspot.net/hub/128884/hub_generated/module_assets/109981603486/1692179791572/	289 B 1 KB	32ms 31ms	Other application/javascript	104.18.89.62 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn2.hubspot.net/hub/128884/hub_generated/module_assets/109981603486/1692179791572/module_109981603486_Global_Footer.min.js Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.89.62 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e0b01bc51c5b7d77b118d1fc2252d792616ec08f8b3acc0574b21c2bfaf4d63 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 1252687 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-hs-cf-lambda us-east-1.EnforceAclForReads 3 x-evy-trace-listener listener_https etag W/"9a6abf5bc72ecfd950d6edd226b8b428" vary Accept-Encoding access-control-allow-methods GET x-amz-meta-created-unix-time-millis 1692179791572 access-control-allow-origin * x-evy-trace-virtual-host all content-type application/javascript; charset=utf-8 cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3 date Sun, 12 May 2024 09:15:38 GMT cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop IAD89-C1 x-hs-alternate-content-type text/plain x-hubspot-correlation-id 813a02df-5d3b-47b0-a3b8-c1619a61cf4b x-amz-storage-class INTELLIGENT_TIERING x-envoy-upstream-service-time 198 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-request-id 813a02df-5d3b-47b0-a3b8-c1619a61cf4b last-modified Wed, 16 Aug 2023 09:56:32 GMT server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BZUg4PIIxwJHGEmFDRN1gv%2B1SnYJ2GbKSKm7PEkIyHJYR%2FH18ewhqolOJszWeOfQ852IdO9PzIgXlNfUr01kvzh0%2FPOp0DXyms4hwZWQ1hib5asJuXvO0nrC7vE6z1b2TjE%3D"}],"group":"cf-nel","max_age":604800} x-evy-trace-served-by-pod iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z cf-ray 88294e2b8bfc37d4-FRA timing-allow-origin cdn2.hubspot.net
GET H3	200	json Show response netenrich.com/_hcms/forms/embed/v3/form/128884/2cdeda77-b5d1-4d8e-9b86-d734e175d511/	29 KB 6 KB	171ms 171ms	XHR application/json	104.18.29.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netenrich.com/_hcms/forms/embed/v3/form/128884/2cdeda77-b5d1-4d8e-9b86-d734e175d511/json?hs_static_app=forms-embed&hs_static_app_version=1.5064&X-HubSpot-Static-App-Info=forms-embed-1.5064 Requested by Host: netenrich.com URL: https://netenrich.com/_hcms/forms/v2.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 300f3c851134a696ebbce1872e37e1eec285901a1632e7d032e2db29f96ee50e Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/json, text/plain, */* Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-origin-hublet na1 date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 5bbabb28-9781-45b5-b084-1a934b992a07 content-encoding br x-envoy-upstream-service-time 26 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 5bbabb28-9781-45b5-b084-1a934b992a07 server cloudflare vary origin, Accept-Encoding access-control-allow-methods OPTIONS, GET content-type application/json;charset=utf-8 access-control-max-age 180 x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-7rkbr access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false x-evy-trace-virtual-host all report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=No7RGo9%2BRhSmK98sJUw%2FJA0e5MK9zYI1yz0Mnc%2FPIl324a5lWpxADPWkDWBlkj6AckgxP4avRUfrwI4GSmiXmbXtjAPRX4ULwM0T%2FEQOuR1T6JwyJy3rYrcnuGPYLIc%3D"}],"group":"cf-nel","max_age":604800} cf-ray 88294e2b9ce89a21-FRA access-control-allow-headers * x-robots-tag none
GET H2	200	sdk.js Show response connect.facebook.net/en_GB/	3 KB 4 KB	24ms 7ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_GB/sdk.js Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f54b3bd19d9d4af07638310d248717dba4f60d576cda740e2d182429644f8e01 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Sun, 12 May 2024 09:15:38 GMT content-md5 7oi74GHz576hyHQ0SwcMPg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1687 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1294, tbw=2781, tp=-1, tpl=-1, uplat=0, ullat=-1 x-fb-debug H0FPwba6TeyCjSd2hxsJdCZXtisTomNGa33iOUu6zfj9VROMgdVMvgM/SyoniK5IOeiTe0rQIwnnf8n8M2BEsA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 e5fc4d099d480a6f03201c364a47d7e8 cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" etag "bf6a27162168d02bbc5484778ec6f4a6" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" x-frame-options DENY timing-allow-origin * expires Sun, 12 May 2024 09:26:23 GMT
GET H/1.1	200 OK	widgets.js Show response platform.twitter.com/	91 KB 28 KB	40ms 8ms	Script application/javascript	2606:2800:234:59:254c:406:2366:268c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets.js Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67D3) / Resource Hash 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 12 May 2024 09:15:38 GMT Content-Encoding gzip Age 67 x-amz-server-side-encryption AES256 X-Cache HIT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server-Timing x-cache;desc= HIT,x-tw-cdn;desc=VZ Content-Length 27597 Last-Modified Mon, 11 Dec 2023 17:20:28 GMT Server ECS (frb/67D3) Etag "824beb891744db98ccbd3a456e59e0f7+gzip" Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * x-tw-cdn VZ Cache-Control public, max-age=1800 Vary Accept-Encoding
GET H2	200	banner.js Show response js.hs-banner.com/v2/128884/	77 KB 24 KB	63ms 30ms	Script text/javascript	2606:4700:4400::6812:22e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/v2/128884/banner.js Requested by Host: netenrich.com URL: https://netenrich.com/hs/scriptloader/128884.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0aeeb247febeb965987f63842a293aef96b2402ae3f9e28f92bd832dc3f2178c Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT x-amz-version-id Vit8u99W5k6XdeGiUCwxHdudwPZ8vEzm content-encoding br cf-cache-status HIT x-amz-request-id H29WR3QCD509DQ0K x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id cb4b5ae4-1abe-4e41-b433-81af509d7c53 age 84 x-envoy-upstream-service-time 65 x-amz-id-2 h5FNbLOkhVWTr2YgZpAAQc48oKya9HeEQNnqNcygD00u7ycV8u9xNsX78+q9ppCkXYGaEvabOud2WQYKTTUOA60FwAHF0rZ2MJWg557SSOs= x-evy-trace-listener listener_https x-request-id cb4b5ae4-1abe-4e41-b433-81af509d7c53 x-evy-trace-route-configuration listener_https/all last-modified Mon, 22 Apr 2024 08:36:17 GMT server cloudflare etag W/"79acf21afca178c72e1e3b8db99d74c9" access-control-max-age 604800 access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type text/javascript; charset=UTF-8 access-control-allow-origin https://support.netenrich.com x-evy-trace-virtual-host all access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing cache-control max-age=300,public access-control-allow-credentials true x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-6685c9958f-fp48c vary origin, Accept-Encoding timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 88294e2bd941906c-FRA expires Sun, 12 May 2024 09:19:14 GMT
GET H2	200	web-interactives-embed.js Show response js.hubspot.com/	82 KB 25 KB	57ms 38ms	Script application/javascript	2606:4700::6810:7674 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hubspot.com/web-interactives-embed.js Requested by Host: netenrich.com URL: https://netenrich.com/hs/scriptloader/128884.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6401605b61458a8e3ec1caeca43ef4c2360691b990d9c97d2d2275e5e342f4f0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Origin https://netenrich.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-encoding br age 78 x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1109/bundles/project.js&cfRay=88294c47ca4919ab-FRA x-amz-replication-status COMPLETED x-evy-trace-listener listener_https etag W/"1097a292bb82ee7f7cf71e12b6f74b98" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * x-evy-trace-virtual-host all cache-control max-age=600 x-hs-target-asset web-interactives-embed/static-2.1109/bundles/project.js date Sun, 12 May 2024 09:15:38 GMT x-amz-version-id ys8O.wnO2MWVgfjRSFsYSjW5EKnwSGNI via 1.1 f57a09c5455a80253c61001d750462e6.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload x-amz-cf-pop IAD12-P3 x-hubspot-correlation-id afe64f46-e2da-4499-b894-84a11b45ffd2 x-cache Hit from cloudfront cache-tag staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod x-envoy-upstream-service-time 2 x-evy-trace-route-configuration listener_https/all x-request-id afe64f46-e2da-4499-b894-84a11b45ffd2 last-modified Thu, 09 May 2024 14:04:41 UTC server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TXaL4D5Bqk9S8MdouEGKamC6CCZblc4B85PW%2Fugihxw%2ByAxF54wgTUb6NMe4o4kgg3Vn0MvfR0rvg8vc1vAQuJcwzM2rCRiafrjzVYdFJXIhOaACAJHRLMV29sHgJNRbWGLF2kP0Z6O5NhI5"}],"group":"cf-nel","max_age":604800} x-hs-cache-status HIT x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-ncdrp cf-ray 88294e2bbd2d9f35-FRA x-amz-cf-id BFiEz7rZQw3qyUkcLHhT6orCq6V4RmTbTwYGruckmkFQ-MMbOtIXvg==
GET H2	200	128884.js Show response js.hs-analytics.net/analytics/1715505000000/	68 KB 22 KB	57ms 24ms	Script text/javascript	2606:4700::6810:a0a8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-analytics.net/analytics/1715505000000/128884.js Requested by Host: netenrich.com URL: https://netenrich.com/hs/scriptloader/128884.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:a0a8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5a899edabbd8b26319956ed725bc44fd29b4314f82ff7efa31f4d8e80cd5bc8c Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT x-amz-version-id null content-encoding br cf-cache-status HIT x-amz-request-id 26PDHV2BJ5DAFM8R x-evy-trace-route-service-name envoyset-translator x-amz-server-side-encryption AES256 x-hubspot-correlation-id 38ddd8ff-99f0-4a11-974c-8149987549d9 age 84 x-envoy-upstream-service-time 33 x-amz-id-2 6hXMFuSsj9zTIMeox/YeYGpuhNFdp6YjqRcj//ZOapDLRtso6ltAezxI2jYT8SI8C/D2GRLVzCA= x-evy-trace-listener listener_https x-request-id 38ddd8ff-99f0-4a11-974c-8149987549d9 x-evy-trace-route-configuration listener_https/all last-modified Wed, 24 Apr 2024 18:12:23 GMT server cloudflare etag W/"29278405ba2f2f6ad7162ba5913b2988" vary origin, Accept-Encoding content-type text/javascript x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-q4rbs cache-control max-age=300,public access-control-allow-credentials false cf-ray 88294e2bdb8c043a-FRA expires Sun, 12 May 2024 09:19:14 GMT
GET H2	200	conversations-embed.js Show response js.usemessages.com/	85 KB 25 KB	49ms 16ms	Script application/javascript	2606:4700::6810:4f8e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.usemessages.com/conversations-embed.js Requested by Host: netenrich.com URL: https://netenrich.com/hs/scriptloader/128884.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:4f8e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c7d9a686bb0087bcf8dee308b4d949bb24efe4160b798c32deee763680ec5c31 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT x-amz-version-id l9AE2jsbiUI79jM2Iqb6n6la3yJ_LRhe via 1.1 bcfffcf7e0fc8cd9cfe4125369a9f036.cloudfront.net (CloudFront) x-content-type-options nosniff cf-cache-status HIT x-amz-cf-pop IAD12-P3 age 39 x-amz-server-side-encryption AES256 x-evy-trace-route-service-name envoyset-translator content-security-policy-report-only frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.16230/bundles/project.js&cfRay=88294d370a82cb22-FRA x-cache Hit from cloudfront x-hubspot-correlation-id ce47195b-912d-4cb4-a12a-f7c82ef84db9 cache-tag staticjsapp-conversations-embed-web-prod,staticjsapp-prod content-encoding br x-envoy-upstream-service-time 10 x-amz-replication-status COMPLETED x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id ce47195b-912d-4cb4-a12a-f7c82ef84db9 last-modified Tue, 07 May 2024 16:33:15 UTC server cloudflare etag W/"38c0f4e585c7be2cd8f8319984fb416e" vary Accept-Encoding content-type application/javascript; charset=utf-8 x-hs-cache-status EXPIRED x-evy-trace-virtual-host all cache-control max-age=600 x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-vdptk cf-ray 88294e2bdcff1941-FRA x-amz-cf-id tJoTLEioYcyRu2IPezpmCnnML4nQ4Oy8GQNJWTCfJiqbvMOBSi8Twg== x-hs-target-asset conversations-embed/static-1.16230/bundles/project.js
GET H2	204	has-permission-json Show response app.hubspot.com/content-tools-menu/api/v1/tools-menu/	0 1 KB	249ms 218ms	XHR text/plain	2606:4700::6810:7574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission-json?portalId=128884 Requested by Host: netenrich.com URL: https://netenrich.com/hs/hsstatic/HubspotToolsMenu/static-1.321/js/index.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options no-sniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options no-sniff cf-cache-status DYNAMIC x-hs-worker-debug-mode false x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id c1064158-1d6e-4e93-8af5-a25923843992 x-envoy-upstream-service-time 3 x-evy-trace-route-configuration listener_https/all reporting-endpoints default="https://send.hsbrowserreports.com/csp/reports?cfRay=88294e2bdd531e20&resource=unknown" x-evy-trace-listener listener_https x-request-id c1064158-1d6e-4e93-8af5-a25923843992 server cloudflare vary origin, Accept-Encoding access-control-allow-methods GET report-to {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]} access-control-allow-origin https://netenrich.com x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-rcvgx cache-control max-age=0 access-control-allow-credentials true x-evy-trace-virtual-host all cf-ray 88294e2bdd531e20-FRA
GET H2	200	public Show response api-na1.hubapi.com/comments/v3/comments/thread/	76 B 900 B	160ms 128ms	Script application/javascript	2606:4700::6812:f36c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api-na1.hubapi.com/comments/v3/comments/thread/public?portalId=128884&offset=0&limit=10000&contentId=131497384969&collectionId=333284061&callback=jsonp_1715505338178_40957 Requested by Host: netenrich.com URL: https://netenrich.com/hs/hsstatic/AsyncSupport/static-1.122/js/comment_listing_asset.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:f36c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61f6969e433544499f8be42f0b5278b2444b271511eb5f1d634587efa0aeff4a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id d447bc4c-5eef-433b-b066-201789d0818a content-encoding br x-envoy-upstream-service-time 4 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id d447bc4c-5eef-433b-b066-201789d0818a server cloudflare vary origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4uOr9Vali%2FPOthYEcn%2BFxUByx6UIYn63IqxZuvLckDLiA8FtkXAYWff7cKpwOzX1%2FajHBzGW1pdZHBjyqFUs5zhkIL%2FBRrse2lFRTi%2BSzGS7Xrseh%2FVzY7ww9kXl2%2F13y8PDXR%2BIBbH93pkVZ6XUAw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-k9jtd access-control-allow-credentials false cf-ray 88294e2bdd849a2f-FRA
POST H2	204	collect region1.google-analytics.com/g/	0 252 B	44ms 14ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-0ZKNG63YVT&gtm=45je4580v869853017za200&_p=1715505338070&gcs=G100&gcd=13p3pPp2p5&npa=1&dma_cps=-&dma=1&gdid=dZTQ1Zm&cid=400265052.1715505338&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&_s=1&sid=1715505338&sct=1&seg=0&dl=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&dt=Identifying%20ADHUBLLKA%20Ransomware%3A%20LOLKEK%2C%20BIT%2C%20OBZ%2C%20U2K%2C%20TZW%20Variants&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=447 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-0ZKNG63YVT Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 09:15:38 GMT server Golfe2 content-type text/plain access-control-allow-origin https://netenrich.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	sdk.js Show response connect.facebook.net/en_GB/	299 KB 86 KB	18ms 8ms	Script application/x-javascript	157.240.252.13 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_GB/sdk.js?hash=ca63dbde99335326d46b63565efe3e7f Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_GB/sdk.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-fra3.fbcdn.net Software / Resource Hash c00683dfb51fc87cadc5c86b7094730c5d3617ab9cb0e696452d5deb992c082e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Origin https://netenrich.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Sun, 12 May 2024 09:15:38 GMT content-md5 abhIHRsb8hKeFSh4IEgJAg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 87597 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4298, tp=9, tpl=0, uplat=0, ullat=-1 x-fb-debug smPZ3Gc9Bj5qGwI2MtmhFJHY04oSxDxSYrKHOe5vSj8GHFBXTO1M/UxfzZnTas8CwSPFohkRumNs/VlG4/6W1g== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 d896290e17feace33674a7455aeca82b cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" etag "fa11dcd1a88c6fda108d12f6de497787" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" x-frame-options DENY timing-allow-origin * priority u=3,i expires Mon, 12 May 2025 07:08:14 GMT
GET H/1.1	200 OK	widget_iframe.2f70fb173b9000da126c79afe2098f02.html platform.twitter.com/widgets/ Frame F763	0 0	29ms 10ms	Document text/html	2606:2800:234:59:254c:406:2366:268c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fnetenrich.com Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67C0) / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Age 4166096 Cache-Control public, max-age=315360000 Content-Encoding gzip Content-Length 105429 Content-Type text/html; charset=utf-8 Date Sun, 12 May 2024 09:15:38 GMT Etag "81267302efdfb3e4524a22631a8fc99e+gzip" Last-Modified Mon, 11 Dec 2023 17:19:49 GMT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server ECS (frb/67C0) Server-Timing x-cache;desc= HIT,x-tw-cdn;desc=VZ Vary Accept-Encoding X-Cache HIT x-amz-server-side-encryption AES256 x-tw-cdn VZ
GET H3	200	widget Show response netenrich.com/_hcms/livechat/	3 KB 4 KB	261ms 260ms	XHR application/json	104.18.29.212 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netenrich.com/_hcms/livechat/widget?portalId=128884&conversations-embed=static-1.16230&mobile=false&messagesUtk=625e2453c0a04fc3a6b1b43dcdfc4314&traceId=625e2453c0a04fc3a6b1b43dcdfc4314 Requested by Host: js.usemessages.com URL: https://js.usemessages.com/conversations-embed.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 32f6d809ee4fdd6123b1d95729775e54d0f50640cc10692eac41e01afce9e417 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 X-HubSpot-Messages-Uri https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} content-security-policy upgrade-insecure-requests x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 57fa6d00-6f50-41ef-b106-44773e9bfd77 x-envoy-upstream-service-time 78 alt-svc h3=":443"; ma=86400 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 57fa6d00-6f50-41ef-b106-44773e9bfd77 server cloudflare vary origin, Accept-Encoding access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD content-type application/json;charset=utf-8 x-evy-trace-served-by-pod iad02/hubapi-td/envoy-proxy-5d47c8d44f-qgm8w x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform, must-revalidate, max-age=0 access-control-allow-credentials false report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ooI6cAl%2FYjbPIXAlcBwHhk2b3Y7kg7N5xARf8NqLWZSQEWa4lNcwqlwKNRlpJe3%2FngD%2BExD7qQfkmVUI83oVDs23snPomyi4%2FRu5pQZSIkbxGYkXzliqTcidyBq5%2BR4%3D"}],"group":"cf-nel","max_age":604800} cf-ray 88294e2c5d8a9a21-FRA access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
GET H2	200	combinedConfigs Show response cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/	3 KB 2 KB	155ms 149ms	Fetch application/json	2606:4700::6810:7674 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?contentIds=166301402018&contentIds=166299908487&portalId=128884&currentUrl=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&contentId=131497384969 Requested by Host: js.hubspot.com URL: https://js.hubspot.com/web-interactives-embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40719918c7ee8fb08fd87ebf0caa0558dede52ed5eaf041efc3a037a5554ee6f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id fa6827a1-08b6-4090-8017-eaedc57a06a8 content-encoding br x-envoy-upstream-service-time 32 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id fa6827a1-08b6-4090-8017-eaedc57a06a8 server cloudflare vary origin access-control-allow-methods OPTIONS, GET content-type application/json;charset=utf-8 access-control-allow-origin https://netenrich.com x-evy-trace-virtual-host all access-control-max-age 180 access-control-allow-credentials true cache-control max-age=0, no-cache, no-store report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bO0lST4qLYkFCBHsyzZMdQXboIurzhzYH9vNW5F5jBnnsZdcZ%2FsbE1wlS1XzT6gK%2FM8HXzhMRWr%2B8WrDQgwA4KklfX63RbZSGuUA1dRSZIbEi5tye2S2%2FhxH0zMSQqP8xf8wNs%2Fg1exoum3pKCwjl0qYHTnuzON8wMs%3D"}],"group":"cf-nel","max_age":604800} x-robots-tag noindex, follow access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent cf-ray 88294e2c7e049f35-FRA x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-7rkbr
GET H2	200	html Show response cta-service-cms2.hubspot.com/web-interactives/public/v1/render/	2 KB 1 KB	180ms 175ms	Fetch application/json	2606:4700::6810:7674 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cta-service-cms2.hubspot.com/web-interactives/public/v1/render/html?contentIds=166301402018&contentIds=166299908487&portalId=128884&currentUrl=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&contentId=131497384969&isHubspotPage=true Requested by Host: js.hubspot.com URL: https://js.hubspot.com/web-interactives-embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f37d5506c6c2968793dd994c1891e47d67f5b77067186847563b5a5923de783f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id e7e5a665-d742-47a9-ae35-1c1e87ebc95a content-encoding br x-envoy-upstream-service-time 52 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id e7e5a665-d742-47a9-ae35-1c1e87ebc95a server cloudflare vary origin access-control-allow-methods OPTIONS, GET content-type application/json;charset=utf-8 access-control-allow-origin https://netenrich.com x-evy-trace-virtual-host all access-control-max-age 180 access-control-allow-credentials true cache-control max-age=0, no-cache, no-store report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GuMtKoXtrFPQ8KgwIv3q88sC1bXgTB%2FC%2BUtxnLe7X5OTeg337BTqZN%2Bn3qLOSmCLsqA6Mq6SnuS1N7e96Su386GAOrTuqFESZUSrNezh4GSUnXF66Yp5ZoPXba1jrzADfICedj%2Bij6yH5HKcoTQwVcydtRbQqUlAF%2BY%3D"}],"group":"cf-nel","max_age":604800} x-robots-tag noindex, follow access-control-allow-headers Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent cf-ray 88294e2c7e039f35-FRA x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-md7fl
GET H2	200	cf-location Show response js.hs-banner.com/v2/	5 B 148 B	41ms 21ms	Fetch text/plain	2606:4700:4400::6812:22e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/v2/cf-location Requested by Host: js.hs-banner.com URL: https://js.hs-banner.com/v2/128884/banner.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d2714df7747a8114a96372d68a1246208e3049e2f3805121e404f04ab943c508 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT server cloudflare vary Accept-Encoding content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control private, max-age=1500 cf-ray 88294e2c9f9d5d5d-FRA content-length 5
GET H3	200	counters.gif forms.hsforms.com/embed/v3/	35 B 881 B	440ms 121ms	Image image/gif	104.18.80.204 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1 Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 29bac6fc-75c4-4c3e-ac7e-025209d3e412 x-envoy-upstream-service-time 2 alt-svc h3=":443"; ma=86400 content-length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 29bac6fc-75c4-4c3e-ac7e-025209d3e412 server cloudflare vary origin content-type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-6c4ls access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false x-robots-tag none cf-ray 88294e2ecf88a037-FRA
GET H3	200	counters.gif forms-na1.hsforms.com/embed/v3/	35 B 848 B	421ms 121ms	Image image/gif	104.19.175.188 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1 Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 5a50ccdd-da42-455b-b0ee-1edce127b8c6 x-envoy-upstream-service-time 1 alt-svc h3=":443"; ma=86400 content-length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 5a50ccdd-da42-455b-b0ee-1edce127b8c6 server cloudflare vary origin content-type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-kkb7j access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false x-robots-tag none cf-ray 88294e2ecfa8373e-FRA
GET H3	200	counters.gif perf-na1.hsforms.com/embed/v3/	35 B 925 B	336ms 119ms	Image image/gif	104.19.175.188 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1 Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 24d87da1-2570-4597-8ab0-d2109c0708d0 x-envoy-upstream-service-time 1 alt-svc h3=":443"; ma=86400 content-length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 24d87da1-2570-4597-8ab0-d2109c0708d0 last-modified Sun, 12 May 2024 09:15:38 GMT server cloudflare vary origin, Accept-Encoding content-type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-fl6gb access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false accept-ranges bytes x-robots-tag none cf-ray 88294e2ecfac373e-FRA
GET H2	200	blank001.gif static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/ Redirect Chain https://cta-service-cms2.hubspot.com/web-interactives/public/v1/track/view?webInteractiveId=326434714387&containerType=EMBEDDED&portalId=128884&audienceId=null&pageUrl=https%3A%2F%2Fnetenrich.com%2... https://static.hubspot.com/img/trackers/blank001.gif https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif	43 B 600 B	20ms 20ms	Image image/gif	2606:4700::6811:ad5b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H2 Server 2606:4700::6811:ad5b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 115c7f3cf61e4ec19070b9e59e20e78756d39d193eb9b544065059b9935d2491 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Sun, 12 May 2024 09:15:38 GMT via 1.1 3345a8f17bb96a1199a195b00a8d2c0e.cloudfront.net (CloudFront) x-amz-version-id MFfZlkR4U8_6aknbgflTSIqo4fNbniK3 cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=31536000; includeSubDomains; preload age 303340 x-amz-cf-pop CDG52-P2 cf-polished origSize=49, status=webp_bigger x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 43 cf-bgj imgq:85,h2pri last-modified Thu, 15 Apr 2021 16:47:19 GMT server cloudflare etag "51416c7ff0b9d7efc8c9b16d84052fab" vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ol9NTldeIxid8vrjurAEtUmghxFJ6CQEkWiCBK80cI7dAoMeBvHrQ%2Fn5A7RendbsudSKWRLRzJh6cymSqRIbT%2BmpVqYKSGypHuESEJsl3hGdVunEgmfr73Q%2FFM3QfMlxnZtiJ5Asis6p%2BHFeFDi28%2F%2BgmAk%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control public, max-age=31536000 accept-ranges bytes cf-ray 88294e2e6e352bb0-FRA x-amz-cf-id E9G1DroEnRDN8l7Ya_K1Kxq1EqqVI2zdYLrYNPOQ7-taIkJWueVmog== expires Mon, 12 May 2025 09:15:38 GMT Redirect headers date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000; includeSubDomains; preload nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NHGE4TvBXzu%2Byt4rwTyZm6WA5XLHvNs%2FY8PmOl0tk1WbTnsLdMytkFE5PJ4dnXmXVxRA5iICXkaoy6lVyF9NnUtTauxDFvZNnB5LmFejaGMy8gMiRoAJAV1ZfZp%2BoX80snqC6PmaB2EgVlfM74GoAQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html location https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif cache-control max-age=3600 cf-ray 88294e2e487d1e20-FRA content-length 167 expires Sun, 12 May 2024 10:15:38 GMT
GET H2	200	blank001.gif static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/ Redirect Chain https://cta-service-cms2.hubspot.com/web-interactives/public/v1/track/view?webInteractiveId=326434647444&containerType=EMBEDDED&portalId=128884&audienceId=null&campaignId=26dca121-75bf-48e4-8158-79... https://static.hubspot.com/img/trackers/blank001.gif https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif	43 B 0	21ms 21ms	Image image/gif	2606:4700::6811:ad5b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H2 Server 2606:4700::6811:ad5b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 115c7f3cf61e4ec19070b9e59e20e78756d39d193eb9b544065059b9935d2491 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Sun, 12 May 2024 09:15:38 GMT via 1.1 3345a8f17bb96a1199a195b00a8d2c0e.cloudfront.net (CloudFront) x-amz-version-id MFfZlkR4U8_6aknbgflTSIqo4fNbniK3 cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 303340 x-amz-cf-pop CDG52-P2 cf-polished origSize=49, status=webp_bigger x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 43 cf-bgj imgq:85,h2pri last-modified Thu, 15 Apr 2021 16:47:19 GMT server cloudflare etag "51416c7ff0b9d7efc8c9b16d84052fab" vary Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ol9NTldeIxid8vrjurAEtUmghxFJ6CQEkWiCBK80cI7dAoMeBvHrQ%2Fn5A7RendbsudSKWRLRzJh6cymSqRIbT%2BmpVqYKSGypHuESEJsl3hGdVunEgmfr73Q%2FFM3QfMlxnZtiJ5Asis6p%2BHFeFDi28%2F%2BgmAk%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control public, max-age=31536000 accept-ranges bytes cf-ray 88294e2e6e352bb0-FRA x-amz-cf-id E9G1DroEnRDN8l7Ya_K1Kxq1EqqVI2zdYLrYNPOQ7-taIkJWueVmog== expires Mon, 12 May 2025 09:15:38 GMT Redirect headers date Sun, 12 May 2024 09:15:38 GMT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NHGE4TvBXzu%2Byt4rwTyZm6WA5XLHvNs%2FY8PmOl0tk1WbTnsLdMytkFE5PJ4dnXmXVxRA5iICXkaoy6lVyF9NnUtTauxDFvZNnB5LmFejaGMy8gMiRoAJAV1ZfZp%2BoX80snqC6PmaB2EgVlfM74GoAQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html location https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif cache-control max-age=3600 cf-ray 88294e2e487d1e20-FRA content-length 167 expires Sun, 12 May 2024 10:15:38 GMT
GET H3	200	hs-web-interactive-128884-124147055201 128884.hs-sites.com/ Frame 56DC	0 0	366ms 339ms	Document text/html	104.16.192.117 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://128884.hs-sites.com/hs-web-interactive-128884-124147055201 Requested by Host: js.hubspot.com URL: https://js.hubspot.com/web-interactives-embed.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.192.117 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Content-Security-Policy upgrade-insecure-requests X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-credentials false alt-svc h3=":443"; ma=86400 cache-control s-maxage=10,max-age=5 cache-tag CT-124147055201,P-128884,PGS-ALL,SW-3 cf-cache-status EXPIRED cf-ray 88294e2eddec927f-FRA content-encoding br content-security-policy upgrade-insecure-requests content-type text/html;charset=utf-8 date Sun, 12 May 2024 09:15:39 GMT edge-cache-tag CT-124147055201,P-128884,PGS-ALL,SW-3 last-modified Sun, 12 May 2024 09:15:21 GMT server cloudflare vary origin, Accept-Encoding x-content-type-options nosniff x-envoy-upstream-service-time 86 x-evy-trace-listener listener_https x-evy-trace-route-configuration listener_https/all x-evy-trace-route-service-name envoyset-translator x-evy-trace-served-by-pod iad02/cms-hs-sites-td/envoy-proxy-7d555df78d-jlwsf x-evy-trace-virtual-host all x-hs-cache-config BrowserCache-5s-EdgeCache-10s x-hs-content-campaign-id 5d480177-7b41-4a2a-8f9d-4a6232c8eb96 x-hs-content-id 124147055201 x-hs-hub-id 128884 x-hubspot-correlation-id 240d96c1-8fa5-4746-911b-0d894ef4ee81 x-request-id 240d96c1-8fa5-4746-911b-0d894ef4ee81 x-robots-tag none
GET H2	200	625e2453c0a04fc3a6b1b43dcdfc4314 app.hubspot.com/conversations-visitor/128884/threads/utk/ Frame 07E6	0 0	965ms 698ms	Document text/html	2606:4700::6810:7674 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.hubspot.com/conversations-visitor/128884/threads/utk/625e2453c0a04fc3a6b1b43dcdfc4314?uuid=e9d64e6c9dbb4413b291c9656a70c65b&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=netenrich.com&inApp53=false&messagesUtk=625e2453c0a04fc3a6b1b43dcdfc4314&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=true Requested by Host: js.usemessages.com URL: https://js.usemessages.com/conversations-embed.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options no-sniff Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-credentials false age 3350 cache-control max-age=600 cache-tag staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod cf-cache-status DYNAMIC cf-ray 88294e305a1e1945-FRA content-encoding br content-security-policy-report-only script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.18682/html/index.html&cfRay=88294e305a1e1945&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F128884%2Fthreads%2Futk%2F625e2453c0a04fc3a6b1b43dcdfc4314%3Fuuid%3De9d64e6c9dbb4413b291c9656a70c65b%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Dnetenrich.com%26inApp53%3Dfalse%26messagesUtk%3D625e2453c0a04fc3a6b1b43dcdfc4314%26url%3Dhttps%253A%252F%252Fnetenrich.com%252Fblog%252Fdiscovering-the-adhubllka-ransomware-family%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dtrue&referrer=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&cfenv=prod&pdt=2024-05-12&csp=ro content-type text/html; charset=utf-8 date Sun, 12 May 2024 09:15:39 GMT etag W/"327d2ca13e405df4796405743b38b4c0" last-modified Tue, 07 May 2024 16:33:15 UTC origin-trial Aqk2Dm2ZNOeMxifFm26pJzN4DTOHc1z7UYEx7QaWtHTVqsFhooI36f0r5tbw602aKbEI4WJ0fgx7+KHwlyi4HwwAAABceyJvcmlnaW4iOiJodHRwczovL2h1YnNwb3QuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0= report-to {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]} reporting-endpoints default="https://send.hsbrowserreports.com/csp/reports?cfRay=88294e305a1e1945&resource=conversations-visitor-ui/static-1.18682/html/index.html" server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload vary origin, Accept-Encoding via 1.1 3d4bfc42e9575ee1f9559241c9e3f464.cloudfront.net (CloudFront) x-amz-cf-id eFxeLeQBs-kku4iTKykv9DbI_kXgwhiYJUByjA8LraT3tUUzvpx5nQ== x-amz-cf-pop IAD12-P3 x-amz-replication-status COMPLETED x-amz-server-side-encryption AES256 x-amz-version-id C1C1wnctiLIX_f8uHX960ZJ_YmRiaIr9 x-cache Hit from cloudfront x-content-type-options no-sniff x-envoy-upstream-service-time 6 x-evy-trace-listener listener_https x-evy-trace-route-configuration listener_https/all x-evy-trace-route-service-name envoyset-translator x-evy-trace-served-by-pod iad02/app-td/envoy-proxy-68b7f7fbff-ncdrp x-evy-trace-virtual-host all x-hs-cache-status MISS x-hs-target-asset conversations-visitor-ui/static-1.18682/html/index.html x-hs-worker-debug-mode false x-hubspot-correlation-id 77d399fc-356f-4346-9494-7c25d8f3a0d7 x-request-id 77d399fc-356f-4346-9494-7c25d8f3a0d7
GET H3	200	counters.gif perf-na1.hsforms.com/embed/v3/	35 B 890 B	145ms 132ms	Image image/gif	104.19.175.188 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://perf-na1.hsforms.com/embed/v3/counters.gif?key=inline-interactive-render-success&value=1 Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id e10e5e22-85c8-4666-ba5f-93277f2154fb x-envoy-upstream-service-time 2 alt-svc h3=":443"; ma=86400 content-length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id e10e5e22-85c8-4666-ba5f-93277f2154fb last-modified Sun, 12 May 2024 09:15:38 GMT server cloudflare vary origin, Accept-Encoding content-type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-rcnzv access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false accept-ranges bytes x-robots-tag none cf-ray 88294e2ecfae373e-FRA
OPTIONS H2	200	view js.hs-banner.com/v2/activity/ Frame	0 0	148ms 147ms	Preflight application/octet-stream	2606:4700:4400::6812:22e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/v2/activity/view Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://netenrich.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD access-control-allow-origin https://netenrich.com access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing access-control-max-age 604800 cf-cache-status DYNAMIC cf-ray 88294e2ec9d25d5d-FRA content-length 0 content-type application/octet-stream date Sun, 12 May 2024 09:15:38 GMT server cloudflare timing-allow-origin * vary origin x-envoy-upstream-service-time 0 x-evy-trace-listener listener_https x-evy-trace-route-configuration listener_https/all x-evy-trace-route-service-name envoyset-translator x-evy-trace-served-by-pod iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-qr8zh x-evy-trace-virtual-host all x-hubspot-correlation-id cdd7610d-7d39-400c-ab2f-a1dbbefc3dc7 x-request-id cdd7610d-7d39-400c-ab2f-a1dbbefc3dc7
GET H2	200	gtm.js Show response www.googletagmanager.com/	319 KB 107 KB	44ms 43ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MKFBWW5 Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5a1af4851feab16fac622a6d1cf3f0e2eccf5a152a2899d8243f3a82661032d1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 109030 x-xss-protection 0 last-modified Sun, 12 May 2024 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 12 May 2024 09:15:38 GMT
GET H2	200	css2 fonts.googleapis.com/	2 KB 866 B	55ms 20ms	Stylesheet text/css	2a00:1450:4001:81c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap Requested by Host: js.hs-banner.com URL: https://js.hs-banner.com/v2/128884/banner.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash fba31c2cd9699431dba47604216525f9bcc0cb1d5980fbae9b19c8b86454d2fc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Sun, 12 May 2024 09:15:38 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 12 May 2024 07:33:37 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 12 May 2024 09:15:38 GMT
POST H2	204	view js.hs-banner.com/v2/activity/	0 0	145ms 145ms	Fetch	2606:4700:4400::6812:22e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.hs-banner.com/v2/activity/view Requested by Host: js.hs-banner.com URL: https://js.hs-banner.com/v2/128884/banner.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type application/json Response headers date Sun, 12 May 2024 09:15:38 GMT x-content-type-options nosniff cf-cache-status DYNAMIC x-evy-trace-route-service-name envoyset-translator, envoyset-translator x-hubspot-correlation-id ce73fd6f-ad05-44db-a67a-4e1e606765ad x-envoy-upstream-service-time 26 x-evy-trace-route-configuration listener_http/all, listener_https/all x-evy-trace-listener listener_http, listener_https x-request-id ce73fd6f-ad05-44db-a67a-4e1e606765ad server cloudflare vary origin access-control-allow-methods GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD x-evy-trace-virtual-host all, all x-evy-trace-served-by-pod iad02/private-hubapi-td/envoy-proxy-5f998ff6dc-cjbdp, iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-qr8zh access-control-expose-headers x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing access-control-allow-origin https://netenrich.com access-control-allow-credentials true access-control-max-age 604800 timing-allow-origin * access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id cf-ray 88294e2fbaad5d5d-FRA
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v24/	23 KB 24 KB	34ms 9ms	Font font/woff2	2a00:1450:4001:800::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://fonts.googleapis.com/ Origin https://netenrich.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 07 May 2024 08:02:21 GMT x-content-type-options nosniff age 436397 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23580 x-xss-protection 0 last-modified Tue, 02 May 2023 15:17:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 07 May 2025 08:02:21 GMT
POST H3	200	landing pagead2.googlesyndication.com/pagead/	42 B 64 B	61ms 42ms	Ping image/gif	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5&rnd=2002761369.1715505339&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&dma_cps=-&dma=1&npa=1&gtm=45He4580n81MKFBWW5v830664036za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKFBWW5 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 09:15:38 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	32ms 8ms	Script text/javascript	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKFBWW5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 12 May 2024 08:07:49 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 4069 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sun, 12 May 2024 10:07:49 GMT
GET H2	200	8170.js Show response script.crazyegg.com/pages/scripts/0099/	6 KB 2 KB	77ms 32ms	Script text/javascript	2606:4700::6813:9308 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/scripts/0099/8170.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKFBWW5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f760cb1f36aac74cfa6b4b8cc6eafa53d34d076d8c33732215b160a77843d329 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT content-encoding gzip cf-cache-status HIT age 93600 cf-polished origSize=6229 ce-version 11.5.210 cf-bgj minify last-modified Sat, 11 May 2024 07:15:38 GMT server cloudflare vary Accept-Encoding content-type text/javascript access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 timing-allow-origin * cf-ray 88294e2f9f329be0-FRA
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	47 KB 17 KB	53ms 9ms	Script application/javascript	2a02:26f0:3500:16::215:1496 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKFBWW5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:1496 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 06 May 2024 17:20:18 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=63785 accept-ranges bytes content-length 16683
GET H2	200	app.js Show response scatec.io/t/	34 KB 10 KB	51ms 17ms	Script application/javascript	34.120.116.101 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://scatec.io/t/app.js?id=e7e2c29a-fb48-47e3-97d3-fe4bdab50350&mode=gtm-template Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKFBWW5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.116.101 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 101.116.120.34.bc.googleusercontent.com Software / Resource Hash ed1466b5922a88a97d4192470e36b2c6fcf1cf94e23e3754d44a71877be2f8ae Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains content-encoding br via 1.1 google date Sun, 12 May 2024 07:49:32 GMT last-modified Mon, 06 May 2024 10:58:47 GMT age 5166 etag W/"6638b7e7-89bc" vary Accept-Encoding content-type application/javascript cache-control public,max-age=3600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10173
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	218 KB 57 KB	10ms 9ms	Script application/x-javascript	2a03:2880:f084:d:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 12 May 2024 09:15:38 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 57845 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=5, rtx=0, c=20, mss=1294, tbw=6570, tp=-1, tpl=-1, uplat=1, ullat=-1 pragma public x-fb-debug LoMC2gtCzcE4Vg6QJ3f6ylHK1XuPocyRFalemNYe0skV4Q/U+YUG1VcOwqn+F6k3Q5Bd35eD+W7UrhF8Mobgwg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	61dd90b099faa8001c628fb2 Show response ws.zoominfo.com/pixel/	3 KB 2 KB	254ms 228ms	Script text/javascript	104.16.117.43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ws.zoominfo.com/pixel/61dd90b099faa8001c628fb2 Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.16.117.43 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 8aa4f0902a99dd8a09dfa117c37ec598651fd62f0cfed9f5791dadd5fcd5cd46 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:39 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status DYNAMIC via 1.1 google server cloudflare x-powered-by Express vary Accept-Encoding content-type text/javascript access-control-allow-origin * access-control-allow-credentials true x-robots-tag noindex, nofollow access-control-allow-headers Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url alt-svc h3=":443"; ma=86400 cf-ray 88294e2f7e169153-FRA
GET H2	200	tags.js Show response tag.clearbitscripts.com/v1/pk_b1a4bd8b467a95966f5c0565871ccd15/	16 KB 5 KB	236ms 196ms	Script application/javascript	2600:9000:20ae:ec00:7:d7d6:3c40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tag.clearbitscripts.com/v1/pk_b1a4bd8b467a95966f5c0565871ccd15/tags.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKFBWW5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20ae:ec00:7:d7d6:3c40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Clearbit / Resource Hash ec27aafeef48bbed9741946792bdea6ddf5d9f1cbc377fbe1cab6b573adfdf40 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT content-encoding gzip x-content-type-options nosniff x-envoy-response-flags - via 1.1 e876a7ec501bf47e275a943cac96c3fe.cloudfront.net (CloudFront) server Clearbit strict-transport-security max-age=63072000; includeSubDomains; preload x-amz-cf-pop MUC50-P5 etag W/"4a3f4649c7f6d2962fa14e8b237e453d" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript;charset=utf-8 cache-control private, max-age=600 x-amz-cf-id Yln4ulhot-xUQPQcUW_Jng6rTWRwCqVlnmCf76sQIVkxAYBen1wuvw==
GET H2	200	lftracker_v1_lYNOR8xpgOq8WQJZ.js Show response sc.lfeeder.com/	31 KB 11 KB	66ms 8ms	Script application/javascript	2600:9000:225b:8c00:4:d7e1:700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://sc.lfeeder.com/lftracker_v1_lYNOR8xpgOq8WQJZ.js Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225b:8c00:4:d7e1:700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 76320e9ae821b0af50f456ed4cfa5ba0ce6b05c4eb68bccda3ef8d20f876f401 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id Ie.8yDYsbhbnGee7QMGA4.8Cnq9gD.0C content-encoding br via 1.1 c3f546c2f6132a41e608317139aa8faa.cloudfront.net (CloudFront) date Sun, 12 May 2024 09:14:15 GMT last-modified Thu, 07 Mar 2024 13:07:54 GMT server AmazonS3 x-amz-cf-pop MUC50-P1 age 83 x-amz-server-side-encryption AES256 etag W/"abfc6069c131fd078e9ba86349186f3c" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=3600 x-amz-cf-id We8AFJR0E_FR_aZSQi-K2lvmx4a1ZICNg2KIa4l-PZcKdJ-McQxG6A==
GET H2	200	42oln8temh Show response www.clarity.ms/tag/	667 B 1 KB	191ms 124ms	Script application/x-javascript	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/tag/42oln8temh?ref=gtm2 Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash c4d9591376bfff0ea4be200bd91918adcffb2b2d6cb860cd24a4307af920f983 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires -1 date Sun, 12 May 2024 09:15:38 GMT x-azure-ref 20240512T091538Z-1675f555588fd2w4rqst5bczhw0000000ct000000001081p x-cache CONFIG_NOCACHE content-type application/x-javascript cache-control no-cache, no-store accept-ranges bytes content-length 667 request-context appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608
GET H3	200	222020709404491 Show response connect.facebook.net/signals/config/	56 KB 12 KB	10ms 10ms	Script application/x-javascript	157.240.252.13 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/222020709404491?v=2.9.156&r=stable&domain=netenrich.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-fra3.fbcdn.net Software / Resource Hash 6e4bcfaf738c9349b9d3f54c04a58671be522a72de8bdee8e33d5735078e8640 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sun, 12 May 2024 09:15:38 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 11782 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=7, rtx=0, c=23, mss=1232, tbw=4329, tp=9, tpl=0, uplat=0, ullat=-1 pragma public x-fb-debug yW7iKyQCgcELUpYBquLqrHMvuwR/lujlO8ww6vx3DMQHKyLHuqMocAuE2mq/y0ZhRl7teT6Fxxu9MDhWpaERrA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 194 B	10ms 9ms	Image image/gif	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=732247585&t=pageview&_s=1&dl=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&ul=de-de&de=UTF-8&dt=Identifying%20ADHUBLLKA%20Ransomware%3A%20LOLKEK%2C%20BIT%2C%20OBZ%2C%20U2K%2C%20TZW%20Variants&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAgAAAABAAAAAAAAIk~&cid=400265052.1715505338&tid=UA-169611029-1&_gid=138211399.1715505339&gtm=45He4580n81MKFBWW5v830664036za200&gcs=G100&gcd=13p3p3p2p5&dma_cps=-&dma=1&npa=1&z=1382630610 Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sun, 12 May 2024 03:08:09 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 22049 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 274 B	34ms 8ms	Image text/plain	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=222020709404491&ev=PageView&dl=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&rl=&if=false&ts=1715505338821&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1715505338820.1280612802&ler=empty&cdl=API_unavailable&it=1715505338803&coo=false&rqm=GET Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=11, rtx=0, c=10, mss=1294, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Sun, 12 May 2024 09:15:38 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	402	collect scatec.io/	21 B 21 B	109ms 109ms	Image text/plain	34.120.116.101 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://scatec.io/collect?event=pageview&timestamp=1715505338831&campaignId=e7e2c29a-fb48-47e3-97d3-fe4bdab50350&clientId=CAT1.2.456124922.1715505338829&title=Identifying%20ADHUBLLKA%20Ransomware%3A%20LOLKEK%2C%20BIT%2C%20OBZ%2C%20U2K%2C%20TZW%20Variants&location=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&sessionId=76dbd16d-6591-4121-b74e-5bf9e512e9b2 Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.116.101 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 101.116.120.34.bc.googleusercontent.com Software / Resource Hash a137aa6f1c4d93d3b102967fec9732f985f310cbceefc12d4f4f4a3f928adfa8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=31536000; includeSubDomains via 1.1 google access-control-max-age 1728000 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization content-length 21 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET H/1.1	200 OK	button.856debeac157d9669cf51e73a08fbc93.js Show response platform.twitter.com/js/	8 KB 3 KB	12ms 12ms	Script application/javascript	2606:2800:234:59:254c:406:2366:268c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67D3) / Resource Hash 426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Sun, 12 May 2024 09:15:38 GMT Content-Encoding gzip Age 4172974 x-amz-server-side-encryption AES256 X-Cache HIT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server-Timing x-cache;desc= HIT,x-tw-cdn;desc=VZ Content-Length 2620 Last-Modified Mon, 11 Dec 2023 17:19:47 GMT Server ECS (frb/67D3) Etag "fdf02dd038ed38dbf3c240d56262af0c+gzip" Vary Accept-Encoding Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * x-tw-cdn VZ Cache-Control public, max-age=315360000
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=113428&time=1715505338834&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=113428&time=1715505338834&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&cookiesTest=true https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D113428%26time%3D1715505338834%26url%3Dhttps%253A%252F%252Fnetenrich.com%252Fblog%... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=113428&time=1715505338834&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&cookiesTest=true&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=113428&time=1715505338834&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&cookiesTest=true&liSync=true&e_ipv...	0 266 B	229ms 159ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=113428&time=1715505338834&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&cookiesTest=true&liSync=true&e_ipv6=AQKm6rRp9uIvmgAAAY9sFhwtra1OlCSc7DwpmL9tk_w21b5hGzrPlxYCntlU4zYq Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers date Sun, 12 May 2024 09:15:39 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: DCEE2436E134453EA9C25771676C67C2 Ref B: FRAEDGE1421 Ref C: 2024-05-12T09:15:39Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-ltx1 x-li-proto http/2 content-length 0 x-li-uuid AAYYPjZhXkPKtwISqqu+qA== Redirect headers date Sun, 12 May 2024 09:15:39 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 795E73154A1A4CADBFC3B1E7B6053531 Ref B: FRAEDGE1213 Ref C: 2024-05-12T09:15:39Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=113428&time=1715505338834&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&cookiesTest=true&liSync=true&e_ipv6=AQKm6rRp9uIvmgAAAY9sFhwtra1OlCSc7DwpmL9tk_w21b5hGzrPlxYCntlU4zYq x-li-proto http/2 content-length 0 x-li-uuid AAYYPjZd8yGWLzxjdeLDYg==
GET H2	200	netenrich.com.json Show response script.crazyegg.com/pages/data-scripts/0099/8170/site/	19 KB 3 KB	49ms 29ms	XHR application/json	2606:4700::6813:9308 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/data-scripts/0099/8170/site/netenrich.com.json?t=1 Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0099/8170.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 349b7ed6255d38731c904feb3b1434b414df8afb6645c20d6640cc83aeb14bb0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT content-encoding gzip cf-cache-status HIT age 93599 ce-version 11.5.210 content-length 3255 last-modified Sat, 11 May 2024 07:15:39 GMT server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes timing-allow-origin * cf-ray 88294e2fef0a9036-FRA
GET H/1.1	200 OK	tweet_button.2f70fb173b9000da126c79afe2098f02.en.html platform.twitter.com/widgets/ Frame EE5B	0 0	8ms 8ms	Document text/html	2606:2800:234:59:254c:406:2366:268c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67BD) / Resource Hash Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Age 4172947 Cache-Control public, max-age=315360000 Content-Encoding gzip Content-Length 12332 Content-Type text/html; charset=utf-8 Date Sun, 12 May 2024 09:15:38 GMT Etag "e29e65db7bf0a096587728e1faacfd9c+gzip" Last-Modified Mon, 11 Dec 2023 17:19:48 GMT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server ECS (frb/67BD) Server-Timing x-cache;desc= HIT,x-tw-cdn;desc=VZ Vary Accept-Encoding X-Cache HIT x-amz-server-side-encryption AES256 x-tw-cdn VZ
GET H2	200	embeds syndication.twitter.com/i/jot/	43 B 292 B	132ms 112ms	Image image/gif	104.244.42.8 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22Netenrich%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1715505338856%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=ad8f1d547af19c446b4bd6ace55f0fd1f29d7cd2 Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.8 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-response-time 103 date Sun, 12 May 2024 09:15:37 GMT strict-transport-security max-age=631138519 last-modified Sun, 12 May 2024 09:15:38 GMT server tsa_o vary Origin content-type image/gif x-transaction-id 11264463d3edfd43 cache-control must-revalidate, max-age=600 perf 7402827104 x-connection-hash 671fe379e4124b3d13a24139a2fd3a3aa872bb2c7a52ebc507cda6f01db8eb3f content-length 43
GET H2	200	/ tr-rc.lfeeder.com/	43 B 294 B	94ms 61ms	Image image/gif	18.173.187.39 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://tr-rc.lfeeder.com/?sid=lYNOR8xpgOq8WQJZ&data=eyJnYVRyYWNraW5nSWRzIjpbIlVBLTE2OTYxMTAyOS0xIl0sImdhTWVhc3VyZW1lbnRJZHMiOlsiRy0wWktORzYzWVZUIl0sImdhQ2xpZW50SWRzIjpbIjQwMDI2NTA1Mi4xNzE1NTA1MzM4Il0sImNvbnRleHQiOnsibGlicmFyeSI6eyJuYW1lIjoibGZ0cmFja2VyIiwidmVyc2lvbiI6IjIuNjIuMyJ9LCJwYWdlVXJsIjoiaHR0cHM6Ly9uZXRlbnJpY2guY29tL2Jsb2cvZGlzY292ZXJpbmctdGhlLWFkaHVibGxrYS1yYW5zb213YXJlLWZhbWlseSIsInBhZ2VUaXRsZSI6IklkZW50aWZ5aW5nIEFESFVCTExLQSBSYW5zb213YXJlOiBMT0xLRUssIEJJVCwgT0JaLCBVMkssIFRaVyBWYXJpYW50cyIsInJlZmVycmVyIjoiIn0sImV2ZW50IjoidHJhY2tpbmctZXZlbnQiLCJjbGllbnRFdmVudElkIjoiYzIwYzk5ZTVhMjRjMWRlYyIsInNjcmlwdElkIjoibFlOT1I4eHBnT3E4V1FKWiIsImNvb2tpZXNFbmFibGVkIjp0cnVlLCJjb25zZW50TGV2ZWwiOiJub25lIiwiYW5vbnltaXplSXAiOmZhbHNlLCJsZkNsaWVudElkIjoiTEYxLjEuZTk0ZDVhZjAxYTFmMjgyMy4xNzE1NTA1MzM4ODcxIiwiZm9yZWlnbkNvb2tpZXMiOltdLCJwcm9wZXJ0aWVzIjp7fSwiYXV0b1RyYWNraW5nRW5hYmxlZCI6dHJ1ZSwiYXV0b1RyYWNraW5nTW9kZSI6InNwYSJ9 Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.173.187.39 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-173-187-39.muc50.r.cloudfront.net Software CloudFront / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT via 1.1 0b2ae559ee268e62d32798bba4c8c014.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop MUC50-P4 x-cache LambdaGeneratedResponse from cloudfront content-type image/gif content-length 43 x-amz-cf-id 3AWXuNu1jV13ma1OFJHoRwjLSUZLmKYm6lTLjT7JVpPOSpyZoJfdXg==
GET H2	200	2e23b996f30aa45a4331ff625e76329e.js Show response script.crazyegg.com/pages/versioned/common-scripts/	95 KB 31 KB	18ms 18ms	Script text/javascript	2606:4700::6813:9308 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/versioned/common-scripts/2e23b996f30aa45a4331ff625e76329e.js Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0099/8170.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dd63265ed07d13fa2b0422ae4b2324ba4a8ff29bf5460b90c09d7cdaa8bd568b Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 30 Apr 2024 18:50:58 GMT server cloudflare age 123954 vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=31536000 accept-ranges bytes timing-allow-origin * cf-ray 88294e301fca9be0-FRA content-length 31432
GET H2	200	netenrich.com.json Show response script.crazyegg.com/pages/data-scripts/0099/8170/sampling/	160 B 241 B	22ms 22ms	XHR application/json	2606:4700::6813:9308 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/data-scripts/0099/8170/sampling/netenrich.com.json?t=476529 Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/versioned/common-scripts/2e23b996f30aa45a4331ff625e76329e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 55568372563c02bbed3f4e3ecfabb294c9cbd7840b5b580434e456fe4effe942 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT content-encoding gzip cf-cache-status HIT age 4863 ce-version 11.5.210 content-length 148 last-modified Sun, 12 May 2024 07:54:35 GMT server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-expose-headers CE-Version cache-control public, max-age=300, s-maxage=1209600 accept-ranges bytes timing-allow-origin * cf-ray 88294e304f6e9036-FRA
GET H2	200	healthcheck Show response pagestates-tracking.crazyegg.com/	19 B 462 B	33ms 8ms	XHR application/json	54.230.228.39 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pagestates-tracking.crazyegg.com/healthcheck Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/versioned/common-scripts/2e23b996f30aa45a4331ff625e76329e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.39 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-39.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 20 Sep 2023 01:43:28 GMT via 1.1 59c812f2c62b260446c519ec0c6279cc.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 age 20331131 x-cache Hit from cloudfront content-length 19 last-modified Fri, 08 Jul 2022 22:25:51 GMT server AmazonS3 etag "d06f04fccf68d0b228a5923187ce1afd" access-control-max-age 31536000 access-control-allow-methods GET, HEAD content-type application/json access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin accept-ranges bytes x-amz-cf-id yztbXSsUEMFN7l3LCXrlrKzE8EXfvXZvkhvno1oqbKLAl9jyJbOoIw==
GET H2	200	healthcheck Show response assets-tracking.crazyegg.com/	19 B 462 B	31ms 7ms	XHR application/json	54.230.228.113 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-tracking.crazyegg.com/healthcheck Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/versioned/common-scripts/2e23b996f30aa45a4331ff625e76329e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.230.228.113 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-230-228-113.muc50.r.cloudfront.net Software AmazonS3 / Resource Hash 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 20 Dec 2023 01:23:29 GMT via 1.1 38f46facdae93530546676e451869f4c.cloudfront.net (CloudFront) x-amz-cf-pop MUC50-P5 age 12469930 x-cache Hit from cloudfront content-length 19 last-modified Fri, 08 Jul 2022 22:25:51 GMT server AmazonS3 etag "d06f04fccf68d0b228a5923187ce1afd" access-control-max-age 31536000 access-control-allow-methods GET, HEAD content-type application/json access-control-allow-origin * access-control-expose-headers Access-Control-Allow-Origin accept-ranges bytes x-amz-cf-id 4WoVn5m5EkzOb9Dg8zx_-t2TmBl7r7_8pm2M_Wql5ZB6-Vv5HhfR3w==
GET BLOB	200 OK	0bb2b8f9-26d2-4286-bbba-b750417be3a4 https://netenrich.com/	45 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://netenrich.com/0bb2b8f9-26d2-4286-bbba-b750417be3a4 Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Length 45 Content-Type text/javascript
GET H2	200	clock Show response tracking.crazyegg.com/	39 B 146 B	138ms 70ms	XHR text/plain	63.32.181.161 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tracking.crazyegg.com/clock?t=1715505338988&tk=1d0f90711c001cd9bf03498991113cee&s=367242&p=%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&u=998170&v=a6923c06cb0d731589b0de8401f09e2a0bca48d8&f=netenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&ul=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/versioned/common-scripts/2e23b996f30aa45a4331ff625e76329e.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 63.32.181.161 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-32-181-161.eu-west-1.compute.amazonaws.com Software awselb/2.0 / Resource Hash a299dcfa1ad61752c6172fdbc7064e0a2988a019fc6eff2f5f02b962ae4bae74 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * date Sun, 12 May 2024 09:15:39 GMT cache-control no-store server awselb/2.0 content-length 39 content-type text/plain
GET H2	200	clarity.js Show response www.clarity.ms/s/0.7.32/	61 KB 26 KB	14ms 14ms	Script application/javascript	2620:1ec:bdf::45 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.clarity.ms/s/0.7.32/clarity.js Requested by Host: www.clarity.ms URL: https://www.clarity.ms/tag/42oln8temh?ref=gtm2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT content-encoding br last-modified Fri, 10 May 2024 17:30:20 GMT etag W/"0x8DC7116DE09E645" vary Accept-Encoding x-azure-ref 20240512T091538Z-1675f555588fd2w4rqst5bczhw0000000ct0000000010820 content-type application/javascript;charset=utf-8 access-control-allow-origin * x-ms-request-id a3598f78-501e-0064-5e0b-a3df43000000 cache-control public, max-age=86400 x-cache TCP_HIT x-ms-version 2018-03-28 x-fd-int-roxy-purgeid 51562430
GET H2	200	destinations.min.js Show response x.clearbitjs.com/v2/pk_b1a4bd8b467a95966f5c0565871ccd15/	0 21 B	241ms 203ms	Script application/javascript	18.158.205.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://x.clearbitjs.com/v2/pk_b1a4bd8b467a95966f5c0565871ccd15/destinations.min.js Requested by Host: tag.clearbitscripts.com URL: https://tag.clearbitscripts.com/v1/pk_b1a4bd8b467a95966f5c0565871ccd15/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.205.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-205-16.eu-central-1.compute.amazonaws.com Software Clearbit / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-envoy-response-flags - server Clearbit content-type application/javascript;charset=utf-8 cache-control private, max-age=600 content-length 0
GET H2	200	tracking.min.js Show response x.clearbitjs.com/v2/pk_b1a4bd8b467a95966f5c0565871ccd15/	168 KB 45 KB	230ms 192ms	Script application/javascript	18.158.205.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://x.clearbitjs.com/v2/pk_b1a4bd8b467a95966f5c0565871ccd15/tracking.min.js Requested by Host: tag.clearbitscripts.com URL: https://tag.clearbitscripts.com/v1/pk_b1a4bd8b467a95966f5c0565871ccd15/tags.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.158.205.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-158-205-16.eu-central-1.compute.amazonaws.com Software Clearbit / Resource Hash 54c646a9f2c8d222be1292c26771328e9064cb23de26e771a493644987600361 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:38 GMT content-encoding gzip x-content-type-options nosniff x-envoy-response-flags - server Clearbit strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control private, max-age=600
POST H/1.1	204 No Content	collect Show response u.clarity.ms/	0 293 B	490ms 209ms	XHR text/plain	4.227.249.197 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://u.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.32/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/x-clarity-gzip Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin https://netenrich.com Date Sun, 12 May 2024 09:15:39 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
GET H2	200	dda53996456118190a640875fa0663b1.js Show response script.crazyegg.com/pages/versioned/trackingpagestate-scripts/	20 KB 8 KB	19ms 19ms	Script text/javascript	2606:4700::6813:9308 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/dda53996456118190a640875fa0663b1.js Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0099/8170.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ac3da9cfd5c1a08a07b9b3a69d4baf42d25ff62dcc6b65789b94a770091fe30 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:39 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 08 May 2024 20:11:58 GMT server cloudflare age 123956 vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=31536000 accept-ranges bytes timing-allow-origin * cf-ray 88294e31993f9be0-FRA content-length 8015
GET BLOB	200 OK	868471c5-9a47-4304-aff8-a453cbc3de4f https://netenrich.com/	241 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://netenrich.com/868471c5-9a47-4304-aff8-a453cbc3de4f Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 49dd51efa6cf7deacbe8ffc88e4d1149f6a69a5d6da403ea5f97dda990a0fe00 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Length 241 Content-Type text/javascript
GET H2	200	bd3cf4fdad82d5b7119c9bb8c5d92327.js Show response script.crazyegg.com/pages/versioned/tracking-scripts/	95 KB 30 KB	21ms 21ms	Script text/javascript	2606:4700::6813:9308 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.crazyegg.com/pages/versioned/tracking-scripts/bd3cf4fdad82d5b7119c9bb8c5d92327.js Requested by Host: script.crazyegg.com URL: https://script.crazyegg.com/pages/scripts/0099/8170.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef774bedbe77e522d4744a3309c90dbbc745df5253eb4972485898ba8ccf9bdd Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:39 GMT content-encoding gzip cf-cache-status HIT last-modified Wed, 08 May 2024 20:11:55 GMT server cloudflare age 123955 vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000, s-maxage=31536000 accept-ranges bytes timing-allow-origin * cf-ray 88294e31c9629be0-FRA content-length 30761
GET H3	200	counters.gif perf-na1.hsforms.com/embed/v3/	35 B 579 B	114ms 114ms	Image image/gif	104.19.175.188 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://perf-na1.hsforms.com/embed/v3/counters.gif?key=interactive-shown&value=1 Requested by Host: netenrich.com URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Protocol H3 Security QUIC, , AES_128_GCM Server 104.19.175.188 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:39 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status MISS x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 217d0c60-d437-4407-860d-11df0f22a4be x-envoy-upstream-service-time 2 alt-svc h3=":443"; ma=86400 content-length 35 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 217d0c60-d437-4407-860d-11df0f22a4be last-modified Sun, 12 May 2024 09:15:39 GMT server cloudflare vary origin, Accept-Encoding content-type image/gif x-evy-trace-virtual-host all x-evy-trace-served-by-pod iad02/star-hubspot-td/envoy-proxy-9fd6b4b-rcnzv access-control-expose-headers X-Origin-Hublet cache-control max-age=0, no-cache, no-store access-control-allow-credentials false accept-ranges bytes x-robots-tag none cf-ray 88294e320b73373e-FRA
POST H2	200	p Show response app.clearbit.com/v1/	16 B 1 KB	202ms 178ms	XHR application/json	3.127.196.46 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.clearbit.com/v1/p Requested by Host: x.clearbitjs.com URL: https://x.clearbitjs.com/v2/pk_b1a4bd8b467a95966f5c0565871ccd15/tracking.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.127.196.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-127-196-46.eu-central-1.compute.amazonaws.com Software Clearbit / Resource Hash c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain Response headers date Sun, 12 May 2024 09:15:38 GMT content-encoding gzip x-content-type-options nosniff x-envoy-response-flags - server Clearbit strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding, Origin access-control-max-age 7200 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://netenrich.com access-control-expose-headers content-security-policy-report-only default-src 'self'; script-src 'unsafe-inline' 'report-sample' 'self' https://browser.sentry-cdn.com https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js https://cdn.clearbit.com https://cdn.segment.com/analytics.js/v1/auzWlbWIBrAsKnGQIiT0X3IjfZyepgW5/analytics.min.js https://checkout.stripe.com https://connect.facebook.net https://edge.fullstory.com/s/fs.js https://fast.appcues.com https://www.google-analytics.com/analytics.js https://x.clearbitjs.com https://cdn.clearbit.com https://*.commandbar.com; style-src 'unsafe-inline' 'report-sample' 'self' https://cdn.clearbit.com https://*.commandbar.com https://fast.appcues.com https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.amplitude.com https://*.commandbar.com https://api.segment.io https://checkout.stripe.com https://rs.fullstory.com https://www.google-analytics.com wss://api.appcues.net https://stats.g.doubleclick.net https://sentry.io https://logo.clearbit.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*.commandbar.com https://checkout.stripe.com; img-src 'self' https://*.commandbar.com https://*.stripe.com data: https://cdn.clearbit.com https://images.ctfassets.net https://logo.clearbit.com https://www.facebook.com https://connect.facebook.net https://www.google.com https://unpkg.com/react-flag-kit https://cloudfront.net/v1/avatars https://*.googleusercontent.com; manifest-src 'self'; media-src 'self'; worker-src 'none'; access-control-allow-credentials true content-type application/json
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 193 B	158ms 158ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Accept * Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:39 GMT x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 3662F02C7EEF46399785D3A46D30B1D3 Ref B: FRAEDGE1213 Ref C: 2024-05-12T09:15:39Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-ltx1 access-control-allow-origin https://netenrich.com x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYYPjZj0+uR32SxBg73fg==
GET H2	200	__ptq.gif track.hubspot.com/	45 B 1 KB	140ms 129ms	Image image/gif	2606:4700::6810:7574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2492303821&v=1.1&a=128884&pi=131497384969&ct=blog-post&ccu=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&cpi=131497384969&cgi=333284061&lpi=131497384969&lvi=131497384969&lvc=en&pu=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&t=Identifying+ADHUBLLKA+Ransomware%3A+LOLKEK%2C+BIT%2C+OBZ%2C+U2K%2C+TZW+Variants&cts=1715505339823&vi=491ac4ba72c701b3e5199eab7ec27a9e&nc=true&u=64409904.491ac4ba72c701b3e5199eab7ec27a9e.1715505339820.1715505339820.1715505339820.1&b=64409904.1.1715505339821&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:39 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id e67cd31b-cada-4f61-9585-c97bb8f3cf02 p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 5 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id e67cd31b-cada-4f61-9585-c97bb8f3cf02 server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mfi8TCC6vwUGje6gUDeSHTscUcLQaKKzOSl5xvC%2F3QNCCAopSFRikjV3wmp%2FjdKid5CkR1%2BLOdp2uomIqXS%2F9Bry4I50sJK5vuLb0Z52PtDFwGmv9oBXtzS9MwypUnuAtZ%2F5ihpe1MNdBjP4jkgM"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-fn8tt x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 88294e360a7d1e20-FRA x-robots-tag none
GET H2	200	__ptq.gif track.hubspot.com/	45 B 833 B	137ms 131ms	Image image/gif	2606:4700::6810:7574 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://track.hubspot.com/__ptq.gif?k=15&fi=2cdeda77-b5d1-4d8e-9b86-d734e175d511&fci=34743fce-617f-49dd-9623-8fd8e6f3673a&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=2492303821&v=1.1&a=128884&pi=131497384969&ct=blog-post&ccu=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&cpi=131497384969&cgi=333284061&lpi=131497384969&lvi=131497384969&lvc=en&pu=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&t=Identifying+ADHUBLLKA+Ransomware%3A+LOLKEK%2C+BIT%2C+OBZ%2C+U2K%2C+TZW+Variants&cts=1715505339828&vi=491ac4ba72c701b3e5199eab7ec27a9e&nc=true&u=64409904.491ac4ba72c701b3e5199eab7ec27a9e.1715505339820.1715505339820.1715505339820.1&b=64409904.1.1715505339821&cc=15 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:39 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-evy-trace-route-service-name envoyset-translator x-hubspot-correlation-id 5288eed7-f0b2-45e8-9be3-dbc4f0c99e7e p3p CP="NOI CUR ADM OUR NOR STA NID" x-envoy-upstream-service-time 4 content-length 45 x-evy-trace-route-configuration listener_https/all x-evy-trace-listener listener_https x-request-id 5288eed7-f0b2-45e8-9be3-dbc4f0c99e7e server cloudflare vary origin, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zrlYixcqdjPoTZkr4sr%2FubgnDYbDyH2B%2FyuWYEwUv4s8hfFF3ex%2FeJTwgrxggjc9xbqnWgu3EmcvKrnQuBlcSsNDz8S%2FGBMr2R5czuDJm9onpfPLs%2Fp9KR%2B5bqVFALw1cseAZ8fIj9gL2MhU%2FYVQ"}],"group":"cf-nel","max_age":604800} content-type image/gif x-evy-trace-served-by-pod iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-zw6hg x-evy-trace-virtual-host all cache-control no-cache, no-store, no-transform access-control-allow-credentials false cf-ray 88294e360a7b1e20-FRA x-robots-tag none
GET DATA	200 OK	truncated /	371 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 126f3dcbd089125cb9ced50c741a5f3c179321e3d0e31bc276c2df2b097da34c Request headers Referer Origin https://netenrich.com Accept-Language de-DE,de;q=0.9;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	share_button.php www.facebook.com/v3.0/plugins/ Frame 4586	0 0	508ms 477ms	Document text/html	2a03:2880:f177:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/v3.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa32eb1cd1ad7f7ec%26domain%3Dnetenrich.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnetenrich.com%252Ff2078f2e0400a01f3%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&layout=button_count&locale=en_GB&sdk=joey Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_GB/sdk.js?hash=ca63dbde99335326d46b63565efe3e7f Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-encoding zstd content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-type text/html; charset="utf-8" cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" cross-origin-resource-policy cross-origin date Sun, 12 May 2024 09:15:40 GMT document-policy force-load-at-top expires Sat, 01 Jan 2000 00:00:00 GMT facebook-api-version v13.0 origin-agent-cluster ?0 permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" pragma no-cache report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" strict-transport-security max-age=15552000; preload vary Accept-Encoding x-content-type-options nosniff x-fb-connection-quality EXCELLENT; q=0.9, rtt=12, rtx=0, c=10, mss=1294, tbw=2795, tp=-1, tpl=-1, uplat=469, ullat=0 x-fb-debug O5wBnDXoe/sAEDCU01oZs2Zpac/YSO7LpMvyAqepKOyHxt4b3HTKY1TLsjC3zRQggbA3lx414rigDSLS0kJU8g== x-xss-protection 0
GET H2	200	c.gif c.clarity.ms/ Redirect Chain https://c.clarity.ms/c.gif https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=5EB011A73C81410BB2F961990818CA15&RedC=c.clarity.ms&MXFR=3A326E1C77F264261F5C7A6173F26A39 https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5EB011A73C81410BB2F961990818CA15&MUID=3643829852926AFB0AC896E5533E6B19	42 B 442 B	26ms 26ms	Image image/gif	68.219.88.97 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5EB011A73C81410BB2F961990818CA15&MUID=3643829852926AFB0AC896E5533E6B19 Protocol H2 Server 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Response headers pragma no-cache date Sun, 12 May 2024 09:15:39 GMT last-modified Fri, 01 Mar 2024 22:54:48 GMT server Microsoft-IIS/10.0 etag "3e26b762b6cda1:0" x-powered-by ASP.NET content-type image/gif p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" cache-control private, no-cache, proxy-revalidate, no-store accept-ranges bytes content-length 42 Redirect headers pragma no-cache date Sun, 12 May 2024 09:15:39 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: E327460866044F39AA87B1DC93EBA225 Ref B: FRA31EDGE0814 Ref C: 2024-05-12T09:15:39Z x-powered-by ASP.NET x-cache CONFIG_NOCACHE p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" location https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=5EB011A73C81410BB2F961990818CA15&MUID=3643829852926AFB0AC896E5533E6B19 cache-control private, no-cache, proxy-revalidate, no-store content-length 0
GET H3	200	js Show response www.googletagmanager.com/gtag/	191 KB 69 KB	27ms 24ms	Script application/javascript	142.250.181.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-169611029-1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKFBWW5 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f8.1e100.net Software Google Tag Manager / Resource Hash 4289c13d9082477e664876112b583bd2e4212470631e7af55aabd5e45aaa8fbe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 09:15:39 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 70958 x-xss-protection 0 last-modified Sun, 12 May 2024 09:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 12 May 2024 09:15:39 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 0	0ms 0ms	Script text/javascript	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-169611029-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Sun, 12 May 2024 08:07:49 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 4069 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sun, 12 May 2024 10:07:49 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	10ms 9ms	Image image/gif	142.250.185.142 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=732247585&t=pageview&_s=1&dl=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&ul=de-de&de=UTF-8&dt=Identifying%20ADHUBLLKA%20Ransomware%3A%20LOLKEK%2C%20BIT%2C%20OBZ%2C%20U2K%2C%20TZW%20Variants&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDgAAQABAAAAAAAAIk~&cid=400265052.1715505338&tid=UA-169611029-1&_gid=368634007.1715505340&gtm=457e4580za200&gcs=G100&gcd=13p3p3p2p5&dma_cps=-&dma=1&did=dZTQ1Zm&gdid=dZTQ1Zm&jsscut=1&npa=1&z=1121809743 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.142 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f14.1e100.net Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Sat, 11 May 2024 16:52:47 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 58972 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H/1.1	204 No Content	collect Show response u.clarity.ms/	0 293 B	96ms 95ms	XHR text/plain	4.227.249.197 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://u.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.32/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/x-clarity-gzip Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin https://netenrich.com Date Sun, 12 May 2024 09:15:40 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
GET H2	200	1X.png 128884.fs1.hubspotusercontent-na1.net/hubfs/128884/	336 B 1 KB	89ms 70ms	Other image/webp	2606:4700:4400::6812:297c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://128884.fs1.hubspotusercontent-na1.net/hubfs/128884/1X.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e6e8656b00fd547e80d9ce58ba5e4707b3e8f530683698d43f36f829000afab2 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-meta-cache-tag F-90235424062,P-128884,FLS-ALL age 9697 x-amz-request-id WD5A6EPJZ0CTMZQ1 x-amz-server-side-encryption AES256 edge-cache-tag F-90235424062,P-128884,FLS-ALL x-amz-replication-status COMPLETED content-disposition inline; filename="1X.webp" x-hs-cf-lambda us-east-1.EnforceAclForReads 3 cf-bgj imgq:85,h2pri etag "cf2622308dcc2346f116732ab9b3c4c9" vary Accept, Accept-Encoding access-control-allow-methods GET content-type image/webp access-control-allow-origin * x-amz-meta-created-unix-time-millis 1667380153055 cache-control s-maxage=2592000, max-age=1209600, stale-while-revalidate=900 x-robots-tag none x-hs-cf-lambda-enforce us-east-1.EnforceAclForReads 3 date Sun, 12 May 2024 09:15:40 GMT via 1.1 f59e52adbf3a58a76dec03547cb4b34c.cloudfront.net (CloudFront) cf-cache-status HIT x-amz-version-id Mk2m5HLPgwzo8JUTxbjbpSCyNku9ChQp x-amz-cf-pop FRA60-P7 x-hs-alternate-content-type text/plain cf-polished origFmt=png, origSize=855 x-cache RefreshHit from cloudfront cache-tag F-90235424062,P-128884,FLS-ALL x-amz-meta-index-tag none x-amz-storage-class INTELLIGENT_TIERING content-length 336 x-amz-id-2 MreCMRbFYEJDzwGKkBlzpVubNmcBBQvNU7aKf0AyzOQE9Ei7zxnI6HPuV8gk6pA6GEpfCaAwYiU= last-modified Wed, 02 Nov 2022 09:09:14 GMT server cloudflare accept-ranges bytes cf-ray 88294e39fe719048-FRA timing-allow-origin 128884.fs1.hubspotusercontent-na1.net x-amz-cf-id e7H2rFR5uqHKf2tkpD4j-pYnntwcXDZ2iqM4WqMBFxbnApJJY4fXCg==
POST H3	402	collect scatec.io/	21 B 40 B	111ms 111ms	Ping text/plain	34.120.116.101 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://scatec.io/collect Requested by Host: scatec.io URL: https://scatec.io/t/app.js?id=e7e2c29a-fb48-47e3-97d3-fe4bdab50350&mode=gtm-template Protocol H3 Security QUIC, , AES_128_GCM Server 34.120.116.101 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 101.116.120.34.bc.googleusercontent.com Software / Resource Hash a137aa6f1c4d93d3b102967fec9732f985f310cbceefc12d4f4f4a3f928adfa8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-platform "Win32" Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sun, 12 May 2024 09:15:41 GMT strict-transport-security max-age=31536000; includeSubDomains via 1.1 google access-control-max-age 1728000 access-control-allow-methods GET, PUT, POST, DELETE, PATCH, OPTIONS content-type text/plain; charset=utf-8 access-control-allow-origin * access-control-allow-credentials true access-control-allow-headers DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization content-length 21 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
POST H/1.1	204 No Content	collect Show response u.clarity.ms/	0 293 B	92ms 92ms	XHR text/plain	4.227.249.197 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://u.clarity.ms/collect Requested by Host: www.clarity.ms URL: https://www.clarity.ms/s/0.7.32/clarity.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 4.227.249.197 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Accept application/x-clarity-gzip Referer https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Access-Control-Allow-Origin https://netenrich.com Date Sun, 12 May 2024 09:15:42 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Vary Origin Request-Context appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
POST		collect region1.google-analytics.com/g/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

region1.google-analytics.com

URL

https://region1.google-analytics.com/g/collect?v=2&tid=G-0ZKNG63YVT&gtm=45je4580v869853017z8830664036za200&_p=1715505338070&gcs=G100&gcd=13p3pPp2p5&npa=1&dma_cps=-&dma=1&gdid=dZTQ1Zm&cid=400265052.1715505338&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=denied&_eu=AAAC&_s=2&sid=1715505338&sct=1&seg=1&dl=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&dt=Identifying%20ADHUBLLKA%20Ransomware%3A%20LOLKEK%2C%20BIT%2C%20OBZ%2C%20U2K%2C%20TZW%20Variants&en=page_view&ep.false=true&_et=542&tfd=5999