netenrich.com Open in urlscan Pro
2606:4700::6812:1dd4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Submission: On June 14 via manual (June 14th 2024, 1:10:57 pm UTC) from US — Scanned from DE

Summary HTTP 134 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 48 IPs in 4 countries across 32 domains to perform 134 HTTP transactions. The main IP is 2606:4700::6812:1dd4, located in United States and belongs to CLOUDFLARENET, US. The main domain is netenrich.com. The Cisco Umbrella rank of the primary domain is 265675.
TLS certificate: Issued by GTS CA 1P5 on May 10th 2024. Valid for: 3 months.

This is the only time netenrich.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	2606:4700::68... 2606:4700::6812:1dd4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	104.18.88.62 104.18.88.62	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:440... 2606:4700:4400::ac40:9284	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2 3	2606:4700::68... 2606:4700::6811:f8cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:2800:233... 2606:2800:233:66b5:799a:7cd3:f74d:7071	15133 (EDGECAST) (EDGECAST)
19	104.18.29.212 104.18.29.212	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6811:af5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:440... 2606:4700:4400::6812:297c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700::68... 2606:4700::6810:6efe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:afc9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 12	2606:4700::68... 2606:4700::6810:7674	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4e8e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.18.80.204 104.18.80.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:f36c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:310... 2a02:26f0:3100::1735:2823	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	34.120.116.101 34.120.116.101	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.16.118.43 104.16.118.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:267... 2600:9000:2670:8800:7:d7d6:3c40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:ac00:4:d7e1:700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:29:1... 2620:1ec:29:1::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:7574	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.19.175.252 104.19.175.252	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
4 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.239.83.66 18.239.83.66	16509 (AMAZON-02) (AMAZON-02)
2	3.127.196.46 3.127.196.46	16509 (AMAZON-02) (AMAZON-02)
1	18.158.205.16 18.158.205.16	16509 (AMAZON-02) (AMAZON-02)
1	13.35.58.27 13.35.58.27	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.45 18.66.122.45	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	20.114.190.119 20.114.190.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.248.94.5 34.248.94.5	16509 (AMAZON-02) (AMAZON-02)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	216.58.212.136 216.58.212.136	15169 (GOOGLE) (GOOGLE)
1	216.58.206.46 216.58.206.46	15169 (GOOGLE) (GOOGLE)
134	48

8 2606:4700::6812:1dd4 (United States)

ASN13335 (CLOUDFLARENET, US)

netenrich.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.18.88.62 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn2.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::ac40:9284 (United States)

ASN13335 (CLOUDFLARENET, US)

39666904.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:f8cb (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:66b5:799a:7cd3:f74d:7071 (United States)

ASN15133 (EDGECAST, US)

platform.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.18.29.212 (None, )

ASN13335 (CLOUDFLARENET, US)

netenrich.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:af5b (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:4400::6812:297c (United States)

ASN13335 (CLOUDFLARENET, US)

128884.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
39666904.fs1.hubspotusercontent-na1.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:6efe (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:afc9 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6810:7674 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

js.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cta-service-cms2.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4e8e (United States)

ASN13335 (CLOUDFLARENET, US)

js.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.80.204 (None, )

ASN13335 (CLOUDFLARENET, US)

forms-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
perf-na1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:f36c (United States)

ASN13335 (CLOUDFLARENET, US)

api-na1.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::1735:2823 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.120.116.101 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 101.116.120.34.bc.googleusercontent.com

scatec.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.118.43 (None, )

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2670:8800:7:d7d6:3c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.clearbitscripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:ac00:4:d7e1:700:93a1 (United States)

ASN16509 (AMAZON-02, US)

sc.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:29:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7574 (United States)

ASN13335 (CLOUDFLARENET, US)

app.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.175.252 (None, )

ASN13335 (CLOUDFLARENET, US)

128884.hs-sites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.83.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-83-66.ams58.r.cloudfront.net

tr-rc.lfeeder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.196.46 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-196-46.eu-central-1.compute.amazonaws.com

x.clearbitjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.158.205.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-205-16.eu-central-1.compute.amazonaws.com

app.clearbit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.58.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-27.fra60.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-45.fra60.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

x.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.94.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-94-5.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.136 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f136.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.46 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	netenrich.com netenrich.com — Cisco Umbrella Rank: 265675	729 KB
13	hubspot.com 4 redirects js.hubspot.com — Cisco Umbrella Rank: 4636 cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 4672 app.hubspot.com — Cisco Umbrella Rank: 6048 static.hubspot.com — Cisco Umbrella Rank: 23759 track.hubspot.com — Cisco Umbrella Rank: 2789	46 KB
12	hubspot.net cdn2.hubspot.net — Cisco Umbrella Rank: 9928	127 KB
9	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 3003 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 6741 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 6587 tracking.crazyegg.com — Cisco Umbrella Rank: 5463	80 KB
9	hubspotusercontent-na1.net 39666904.fs1.hubspotusercontent-na1.net — Cisco Umbrella Rank: 196548 128884.fs1.hubspotusercontent-na1.net	174 KB
8	linkedin.com 4 redirects platform.linkedin.com — Cisco Umbrella Rank: 3751 px.ads.linkedin.com — Cisco Umbrella Rank: 352 www.linkedin.com — Cisco Umbrella Rank: 558 px4.ads.linkedin.com — Cisco Umbrella Rank: 6457	164 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 776 x.clarity.ms — Cisco Umbrella Rank: 7537 c.clarity.ms — Cisco Umbrella Rank: 1472	28 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 68 region1.google-analytics.com — Cisco Umbrella Rank: 2347	21 KB
6	hsforms.com forms-na1.hsforms.com — Cisco Umbrella Rank: 8105 forms.hsforms.com — Cisco Umbrella Rank: 5216 perf-na1.hsforms.com — Cisco Umbrella Rank: 4902	4 KB
5	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1430 syndication.twitter.com — Cisco Umbrella Rank: 1670	31 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 6185	53 KB
4	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2567	27 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	159 KB
3	scatec.io scatec.io — Cisco Umbrella Rank: 46604	10 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	4 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 1017	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	289 KB
2	clearbitjs.com x.clearbitjs.com — Cisco Umbrella Rank: 19795	45 KB
2	lfeeder.com sc.lfeeder.com — Cisco Umbrella Rank: 17529 tr-rc.lfeeder.com — Cisco Umbrella Rank: 22119	11 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 5335 forms.hscollectedforms.net — Cisco Umbrella Rank: 5451	25 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 226	763 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 136	64 B
1	clearbit.com app.clearbit.com — Cisco Umbrella Rank: 20840	1 KB
1	hs-sites.com 128884.hs-sites.com
1	gstatic.com fonts.gstatic.com	24 KB
1	clearbitscripts.com tag.clearbitscripts.com — Cisco Umbrella Rank: 16529	5 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 5178	2 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 958	17 KB
1	hubapi.com api-na1.hubapi.com — Cisco Umbrella Rank: 36417	896 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	865 B
1	usemessages.com js.usemessages.com — Cisco Umbrella Rank: 5805	24 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2600	24 KB
134	32

	Domain	Requested by
27	netenrich.com	netenrich.com js.usemessages.com
12	cdn2.hubspot.net	netenrich.com
7	39666904.fs1.hubspotusercontent-na1.net	netenrich.com static.hsappstatic.net
6	script.crazyegg.com	www.googletagmanager.com script.crazyegg.com
5	px.ads.linkedin.com	3 redirects snap.licdn.com
5	static.hsappstatic.net	netenrich.com
4	www.google-analytics.com	www.googletagmanager.com netenrich.com
4	cta-service-cms2.hubspot.com	2 redirects js.hubspot.com
4	js.hs-banner.com	netenrich.com js.hs-banner.com
4	platform.twitter.com	netenrich.com platform.twitter.com
4	connect.facebook.net	netenrich.com connect.facebook.net
3	perf-na1.hsforms.com	netenrich.com
3	scatec.io	www.googletagmanager.com netenrich.com scatec.io
3	www.facebook.com	connect.facebook.net netenrich.com
3	app.hubspot.com	netenrich.com js.usemessages.com js.hubspot.com
3	unpkg.com	2 redirects netenrich.com
3	www.googletagmanager.com	netenrich.com www.googletagmanager.com
2	c.clarity.ms	1 redirects
2	track.hubspot.com
2	x.clarity.ms	www.clarity.ms
2	region1.google-analytics.com	www.googletagmanager.com
2	x.clearbitjs.com	tag.clearbitscripts.com
2	static.hubspot.com	2 redirects
2	www.clarity.ms	netenrich.com www.clarity.ms
2	forms-na1.hsforms.com	netenrich.com
2	js.hubspot.com	netenrich.com 39666904.fs1.hubspotusercontent-na1.net
2	128884.fs1.hubspotusercontent-na1.net	cdn2.hubspot.net
1	c.bing.com	1 redirects
1	tracking.crazyegg.com	script.crazyegg.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	app.clearbit.com	x.clearbitjs.com
1	tr-rc.lfeeder.com	netenrich.com
1	px4.ads.linkedin.com	netenrich.com
1	www.linkedin.com	1 redirects
1	syndication.twitter.com	netenrich.com
1	128884.hs-sites.com	js.hubspot.com
1	fonts.gstatic.com	fonts.googleapis.com
1	sc.lfeeder.com	netenrich.com
1	tag.clearbitscripts.com	www.googletagmanager.com
1	ws.zoominfo.com	netenrich.com
1	snap.licdn.com	www.googletagmanager.com
1	forms.hsforms.com	netenrich.com
1	api-na1.hubapi.com	netenrich.com
1	fonts.googleapis.com	js.hs-banner.com
1	forms.hscollectedforms.net	js.hscollectedforms.net
1	js.usemessages.com	netenrich.com
1	js.hs-analytics.net	netenrich.com
1	js.hscollectedforms.net	netenrich.com
1	platform.linkedin.com	netenrich.com
134	51

This site contains links to these domains. Also see Links.

Domain
support.netenrich.com
www.netenrich.com
know.netenrich.com
cta-service-cms2.hubspot.com
twitter.com
yip.su
www.joesandbox.com
www.pcrisk.com
www.facebook.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
netenrich.com GTS CA 1P5	`2024-05-10` - `2024-08-08`	3 months	crt.sh
hubspot.net Cloudflare Inc ECC CA-3	`2024-03-06` - `2024-12-31`	10 months	crt.sh
hubspotusercontent-na1.net Cloudflare Inc ECC CA-3	`2023-12-26` - `2024-12-25`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
platform.linkedin.com DigiCert SHA2 Secure Server CA	`2023-07-11` - `2024-07-10`	a year	crt.sh
hsappstatic.net E1	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-23` - `2024-06-21`	3 months	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-28` - `2024-07-26`	a year	crt.sh
hscollectedforms.net E1	`2024-05-27` - `2024-08-25`	3 months	crt.sh
hs-analytics.net WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
hubspot.com E1	`2024-05-23` - `2024-08-21`	3 months	crt.sh
usemessages.com E5	`2024-06-10` - `2024-09-08`	3 months	crt.sh
hs-banner.com E1	`2024-05-30` - `2024-08-28`	3 months	crt.sh
hsforms.com GTS CA 1P5	`2024-04-17` - `2024-07-16`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
hubapi.com E1	`2024-05-04` - `2024-08-02`	3 months	crt.sh
script.crazyegg.com E1	`2024-06-03` - `2024-09-01`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
scatec.io GTS CA 1D4	`2024-04-19` - `2024-07-18`	3 months	crt.sh
zoominfo.com E1	`2024-05-20` - `2024-08-18`	3 months	crt.sh
clearbitscripts.com Amazon RSA 2048 M03	`2024-05-11` - `2025-06-08`	a year	crt.sh
*.lfeeder.com Amazon RSA 2048 M02	`2024-02-20` - `2025-03-20`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.gstatic.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
hs-sites.com Cloudflare Inc ECC CA-3	`2024-03-10` - `2024-12-31`	10 months	crt.sh
syndication.twitter.com R3	`2024-05-21` - `2024-08-19`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh
clearbitjs.com Amazon RSA 2048 M02	`2024-02-15` - `2025-03-16`	a year	crt.sh
clearbit.com Amazon RSA 2048 M03	`2024-02-15` - `2025-03-16`	a year	crt.sh
crazyegg.com Amazon RSA 2048 M02	`2024-04-28` - `2025-05-27`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh

This page contains 6 frames:

Primary Page: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Frame ID: 1DE08D55357D623B69F6C627173E30C6
Requests: 129 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fnetenrich.com
Frame ID: 2D0897CCF17DD9DA6C9514F90A6F4821
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa2c16ee21fc95036%26domain%3Dnetenrich.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnetenrich.com%252Ff4945110058aa548b%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&layout=button_count&locale=en_GB&sdk=joey
Frame ID: AFB79BAC32CB5A7D638A26BD8C744EAE
Requests: 1 HTTP requests in this frame

Frame: https://app.hubspot.com/conversations-visitor/128884/threads/utk/439a2b43cc594395a5e14766951f95b1?uuid=ba4a3a350a514b76886aa02c4f48c517&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=netenrich.com&inApp53=false&messagesUtk=439a2b43cc594395a5e14766951f95b1&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=true&hideScrollToButton=true
Frame ID: 3A3450ACDD2C91206BED87731367CC42
Requests: 1 HTTP requests in this frame

Frame: https://128884.hs-sites.com/hs-web-interactive-128884-167583958873?enableResponsiveStyles=true
Frame ID: E1C57FDDDF388627E8013943C0D77AAE
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: A8D10D45EFAABC6BCEDE6D3255094260
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Identifying ADHUBLLKA Ransomware: LOLKEK, BIT, OBZ, U2K, TZW Variants

Detected technologies

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.linkedin\.com/in\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

134
Requests

95 %
HTTPS

58 %
IPv6

32
Domains

51
Subdomains

48
IPs

4
Countries

2125 kB
Transfer

5393 kB
Size

44
Cookies

14 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

URL: https://www.netenrich.com/?__hstc=64409904.46ac73846210f8b7ce9c375d66591f53.1718370652863.1718370652863.1718370652863.1&__hssc=64409904.1.1718370652863&__hsfp=3598200494

Search URL Search Domain Scan URL

URL: https://know.netenrich.com/content/track/top-stories?__hstc=64409904.46ac73846210f8b7ce9c375d66591f53.1718370652863.1718370652863.1718370652863.1&__hssc=64409904.1.1718370652863&__hsfp=3598200494
Title: Knowledge Now (KNOW) threat intel

Search URL Search Domain Scan URL

URL: https://cta-service-cms2.hubspot.com/web-interactives/public/v1/track/click?encryptedPayload=AVxigLKoqeOkOLbKnJV5QJ6yRWX2CD6B%2BQaC49f6dp8FzE5B5G%2BIHFLpSX8GyePmdq1QmMzU8Y%2FJdtJZf1JmSeDmHhZArM4IWZSGuB1zimcJ%2FFnz5VZ2%2FkU8Fc%2F%2Bzzf2ZXBHGGuLw95Ha9TsFRNpbLZ9iBl%2F5xktjTnI0SVlpjWzHEbmJoCTUT1K4FerjzhJIaIXQEWorg%3D%3D&portalId=128884&pageUrl=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&pageTitle=Identifying+ADHUBLLKA+Ransomware%3A+LOLKEK%2C+BIT%2C+OBZ%2C+U2K%2C+TZW+Variants&referrer=&userAgent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F126.0.0.0+Safari%2F537.36&hutk=46ac73846210f8b7ce9c375d66591f53&hssc=64409904.1.1718370652863&hstc=64409904.46ac73846210f8b7ce9c375d66591f53.1718370652863.1718370652863.1718370652863.1&pageId=131497384969&webInteractiveId=326434714387&containerType=EMBEDDED&analyticsPageId=131497384969&hsfp=3598200494&canonicalUrl=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&contentType=blog-post
Title: CONTACT US

Search URL Search Domain Scan URL

URL: https://cta-service-cms2.hubspot.com/web-interactives/public/v1/track/click?encryptedPayload=AVxigLJ1KRLvMDjOOwS7D2e1CtG4wjepWphozSyU0W0tugVY%2FXJ7JBwy0JD9eWVAl9bzzAJGk1aXSkEKbtJG7YqFpoyQEu4n%2FBj4GiqbPdQDCo4e%2BpIg8XIX9znReEZu1H70HtyEXnPI%2FHAOHjG%2FQBMBOi9btEi0LpoWXfGc04I8RDBaL%2F4HdY19sQyWfSc02tg%3D&portalId=128884&pageUrl=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&pageTitle=Identifying+ADHUBLLKA+Ransomware%3A+LOLKEK%2C+BIT%2C+OBZ%2C+U2K%2C+TZW+Variants&referrer=&userAgent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F126.0.0.0+Safari%2F537.36&hutk=46ac73846210f8b7ce9c375d66591f53&hssc=64409904.1.1718370652863&hstc=64409904.46ac73846210f8b7ce9c375d66591f53.1718370652863.1718370652863.1718370652863.1&pageId=131497384969&webInteractiveId=326434647444&containerType=EMBEDDED&analyticsPageId=131497384969&hsfp=3598200494&canonicalUrl=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&contentType=blog-post
Title: SCHEDULE A DEMO

Search URL Search Domain Scan URL

URL: https://twitter.com/grujars/status/1220377483914235905
Title: appeared

Search URL Search Domain Scan URL

URL: https://yip.su/2QstD5
Title: https://yip.su/2QstD5

Search URL Search Domain Scan URL

URL: https://www.joesandbox.com/analysis/1283552/0/html
Title: Joe Sandbox Report

Search URL Search Domain Scan URL

URL: https://www.pcrisk.com/removal-guides/16797-adhubllka-ransomware
Title: confirmed

Search URL Search Domain Scan URL

URL: https://support.netenrich.com/hc/en-us?__hstc=64409904.46ac73846210f8b7ce9c375d66591f53.1718370652863.1718370652863.1718370652863.1&__hssc=64409904.1.1718370652863&__hsfp=3598200494&_gl=1*moss0b*_ga*MjAzODMwMy4xNjc3MDYxNTA5*_ga_0ZKNG63YVT*MTY4MDg2NTg5NC4xNi4xLjE2ODA4NjcwNDguNDkuMC4w
Title: Support

Search URL Search Domain Scan URL

URL: https://www.facebook.com/netenrich
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/Netenrich

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/netenrich/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@netenrich
Title: YouTube

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://unpkg.com/default-passive-events HTTP 302
https://unpkg.com/default-passive-events@2.0.0 HTTP 302
https://unpkg.com/default-passive-events@2.0.0/dist/index.umd.js

Request Chain 91

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/track/view?webInteractiveId=326434714387&containerType=EMBEDDED&portalId=128884&audienceId=null&pageUrl=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&pageTitle=Identifying+ADHUBLLKA+Ransomware%3A+LOLKEK%2C+BIT%2C+OBZ%2C+U2K%2C+TZW+Variants&userAgent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F126.0.0.0+Safari%2F537.36&pageId=131497384969 HTTP 307
https://static.hubspot.com/img/trackers/blank001.gif HTTP 301
https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif

Request Chain 92

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/track/view?webInteractiveId=326434647444&containerType=EMBEDDED&portalId=128884&audienceId=null&campaignId=26dca121-75bf-48e4-8158-79ada2498518&pageUrl=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&pageTitle=Identifying+ADHUBLLKA+Ransomware%3A+LOLKEK%2C+BIT%2C+OBZ%2C+U2K%2C+TZW+Variants&userAgent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F126.0.0.0+Safari%2F537.36&pageId=131497384969 HTTP 307
https://static.hubspot.com/img/trackers/blank001.gif HTTP 301
https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif

Request Chain 99

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=113428&time=1718370650902&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=113428&time=1718370650902&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D113428%26time%3D1718370650902%26url%3Dhttps%253A%252F%252Fnetenrich.com%252Fblog%252Fdiscovering-the-adhubllka-ransomware-family%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=113428&time=1718370650902&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=113428&time=1718370650902&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&cookiesTest=true&liSync=true&e_ipv6=AQL21rx5HN8BswAAAZAW31BLPqXoPPgMBFyEDMPyY9jsHM5Lpjy-zS-HKv13VG-SyICHBjE

Request Chain 124

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FF36ADD20D874F7DB4D34C8DA168A22A&RedC=c.clarity.ms&MXFR=054338FC177D66AE3F4B2C62137D6884 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FF36ADD20D874F7DB4D34C8DA168A22A&MUID=102A0587D9E06E370CBD1119D86B6F21

134 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request discovering-the-adhubllka-ransomware-family Show response
netenrich.com/blog/ 239 KB
37 KB 385ms
255ms Document
text/html 2606:4700::6812:1dd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1dd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6442d8f23160f841c939c658df9c64877a67ff6c596a13df125b439bcf73a61f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=10800, max-age=0
cf-ray: 893a900d6f18690a-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Fri, 14 Jun 2024 13:10:49 GMT
edge-cache-tag: CT-131497384969,CG-128884,CG-333284061,P-128884,W-76605222706,CW-102551015997,CW-109981603486,CW-146212862572,CW-89841304858,CW-94707865239,E-89832012173,E-89832145677,E-89832528536,E-89832529306,E-89840403873,E-89840555887,E-89840581256,E-89840853842,E-90055683725,E-90056481369,E-90058492740,E-95437070235,MENU-103236192906,MENU-76605222706,PGS-ALL,SW-3,B-333284061,GC-102551218067,GC-109982188345,GC-90074376205,TS-90055265808
etag: W/"61b89c359ea387955fed8f175cd2393f"
last-modified: Sat, 08 Jun 2024 07:14:33 GMT
link: </hs/hsstatic/AsyncSupport/static-1.122/js/comment_listing_asset.js>; rel=preload; as=script,</hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>; rel=preload; as=script,</hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script,</_hcms/forms/v2.js>; rel=preload; as=script
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sspZ%2Bq5lH5jEZinAK2W0YKZgTEeyBvwYPdawDSGe2RE2GDPWsFCrd6KDhvgn84sMIqaQjEA%2Fhzy8Fsq06yg%2FOBqGvAVyXp1Xf0gbf3LjqL1Ek6%2FvdbcqDShZ%2FywIIwOlnLOGxrn0WZJsSnY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=10800, max-age=0
x-hs-cf-cache-status: MISS
x-hs-content-id: 131497384969
x-hs-hub-id: 128884
x-hs-prerendered: Sat, 08 Jun 2024 07:14:33 GMT

GET
H2 200 comment_listing_asset.js Show response
netenrich.com/hs/hsstatic/AsyncSupport/static-1.122/js/ 8 KB
3 KB 112ms
110ms Script
application/javascript 2606:4700::6812:1dd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netenrich.com/hs/hsstatic/AsyncSupport/static-1.122/js/comment_listing_asset.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1dd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

043cfebfa4ec302e0368eadbae54853a5b6caff633b3d1e02a32f2cd2f71e1fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:49 GMT
content-encoding: gzip
via: 1.1 039ee779486557ccf22d128d6266e00e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
age: 247215
x-amz-cf-pop: AMS58-P5
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: Hit from cloudfront
x-amz-version-id: 4D3b_.jtdSCbU1XTktruWk73HT0wxWk7
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 17 Dec 2021 15:26:09 GMT
server: cloudflare
etag: W/"2455723721db341ff86a4f64384a9c0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jRkJ11%2FvF5BLeN1arp7VblFX%2Bg4r0rY818ohtLnMx3TRjKJFKjzKt5cRzkNa6t0lnvM2d2W8Dd%2Feuee4fOh%2FYGWzzEbnJLXEowUyzZ5Zl2cgQhayx7ZBKaj6gqaetGeBcKcsLfz4f%2FmFIQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 893a900f190c690a-FRA
x-amz-cf-id: QhBdainyTkA71EgxLwV1G8Q4UE0bgsuqHFzj1tf-HC39bdXo95AOPQ==
expires: Sat, 14 Jun 2025 13:10:49 GMT

GET
H2 200 project.js Show response
netenrich.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 2 KB
964 B 113ms
112ms Script
application/javascript 2606:4700::6812:1dd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netenrich.com/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1dd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:49 GMT
content-encoding: gzip
via: 1.1 93c19401e4c3042840b49b10b9478098.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
age: 8012978
x-amz-cf-pop: VIE50-P2
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: Hit from cloudfront
x-amz-version-id: gEenO44eZUewxnIWfgj9q6LB.g9OszNv
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 19 Aug 2020 22:24:11 GMT
server: cloudflare
etag: W/"ef84f26c310485299d6b75777414eddb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HlXlc5SlnGp9nAxxJOODuopXDYdBDHMew71Vq6WtX%2FJBV6Rniez7h85sxT3IQe38x0HiTgd9xrFkBOKDcfEeH4owi5u5c7VM5yhULYzt0%2BWhhIDfheIvHh2d3E37IU%2ByvJ1woYV%2FUy%2F%2B4zQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 893a900f1910690a-FRA
x-amz-cf-id: taibrJxhl0Pv-g2kLxYdkl-I0t1gMNjDW9iJ8n3fVTWw3x2RnykuiQ==
expires: Sat, 14 Jun 2025 13:10:49 GMT

GET
H2 200 project.js Show response
netenrich.com/hs/hsstatic/cos-i18n/static-1.53/bundles/ 1 KB
1 KB 108ms
107ms Script
application/javascript 2606:4700::6812:1dd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netenrich.com/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1dd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:49 GMT
content-encoding: gzip
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
age: 1098182
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: Hit from cloudfront
x-amz-version-id: P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 09 Nov 2021 16:12:42 GMT
server: cloudflare
etag: W/"61ca66de658cab9587e4636894680d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q34UdwQAVzXoq28EQLWXMhILrfDP9rxRw9L4%2BmycuE5pkJeK9cMSPIId5BKfy1OsfoutaMFZCcmoamohqN72iG98tphDjv8YSYQp2GoDzwB%2BxhlBKjQJXQU358vSgADNHoLSlzS7pMB4NM8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 893a900f1913690a-FRA
x-amz-cf-id: vMxH2clCDRRjd7emHmifSLXhLc2TFOGFc0VsUqlcTSiVQmWY_1aUGQ==
expires: Sat, 14 Jun 2025 13:10:49 GMT

GET
H2 200 v2.js Show response
netenrich.com/_hcms/forms/ 482 KB
160 KB 116ms
115ms Script
application/javascript 2606:4700::6812:1dd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netenrich.com/_hcms/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1dd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee3184f88b136b6ad521ec8d57fcf138b0c78172ee82e5d8773998bebac6486d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
age: 207
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.5387/bundles/project-v2.js&cfRay=893a8b01351e6949-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"56164b8f5dbcf6e65e555e48d5d6176a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.5387/bundles/project-v2.js
date: Fri, 14 Jun 2024 13:10:49 GMT
strict-transport-security: max-age=31536000
via: 1.1 fb41e17254dfd781519e95cedd257826.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-amz-version-id: mnlqbpb.vUvH_hPLxl7NeOxIrfIBia92
x-amz-cf-pop: IAD89-C3
x-hubspot-correlation-id: 107f05b6-ca08-480c-b01b-b0aa0773b384
x-cache: Hit from cloudfront
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 107f05b6-ca08-480c-b01b-b0aa0773b384
last-modified: Thu, 06 Jun 2024 13:36:59 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rspeyaeaNJ585urSl8%2FNCwLbarQw0TUMTDCNnMvcGilpWTnuBu2wvZhI9aUsIyWkz%2FxppgOpWzOOorpeyrFlNN5H1X5b32dTfpNyvxfDJB9eQjixw6viGLKuYoU9f8xHvbr15bnJzFoVHWs%3D"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-mgch5
cf-ray: 893a900f1914690a-FRA
x-amz-cf-id: jqbCLTD4qa_W8K8U3lF1VFW5ozuzExyBhc3WgDK7RtVYDS5sSA2AKg==

GET
H2 200 jquery-1.11.2.js Show response
netenrich.com/hs/hsstatic/jquery-libs/static-1.4/jquery/ 94 KB
33 KB 121ms
121ms Script
application/javascript 2606:4700::6812:1dd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netenrich.com/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1dd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:49 GMT
content-encoding: gzip
via: 1.1 6d96f6742a3e24fad8577272b38c550a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
age: 411490
x-amz-cf-pop: FRA60-P6
content-security-policy: upgrade-insecure-requests
x-cache: Hit from cloudfront
x-amz-version-id: null
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 08 Jan 2015 18:08:00 GMT
server: cloudflare
etag: W/"5790ead7ad3ba27397aedfa3d263b867"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ya%2BRSHTIJruf0ZZYm04gdsVw3FERabZZde04qXBBNErp5CNwoGwpMF9ht56Cc%2FTHOt%2FTAd4NRVR8iaUuWqSTqyafZHGojZfVCZRvL8uy9oy6NRtQDQuwicXZkeqgedT0fkB9AD9RxFyRDh4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 893a900f1915690a-FRA
x-amz-cf-id: bUBe-qK9va05gSPSLkJK5K4Bql1QoUP79yw63i3sCW7G34fYp41zFQ==
expires: Sat, 14 Jun 2025 13:10:49 GMT

GET
H3 200 main-head.min.css
cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840403873/1687914918034/CLEAN-6-1-Child-Netenrich/css/ 98 KB
22 KB 392ms
321ms Stylesheet
text/css 104.18.88.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840403873/1687914918034/CLEAN-6-1-Child-Netenrich/css/main-head.min.css
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.88.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb24743a033792831ff70d2da0f339190c21eb879d8194d7569a358354a091de

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
age: 76034
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"062e49d13e171949cbdbcdcc6312bbcb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1687914919015
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 6d222ffc-db46-495f-861d-8db56d5caf37
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 200
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 6d222ffc-db46-495f-861d-8db56d5caf37
last-modified: Wed, 28 Jun 2023 01:15:20 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nQRqX9NjZyaXJgrgNT3lBe3fM%2Fj%2FjjAVXXuuthNghaq0cBATZ%2FJDyT%2F3cIfXZO3aLB55vwGUN95B%2BRrS7jM9hE9lSAzX4XM2xU%2FKsPSi7LgUh2MKGUXsmryZjG7%2B2HKHZXw%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-c8b596779-fckn5
cf-ray: 893a900f7b7fb5f1-WAW
timing-allow-origin: cdn2.hubspot.net

GET
H3 200 main-foot.min.css
cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840581256/1687914924342/CLEAN-6-1-Child-Netenrich/css/ 113 KB
21 KB 339ms
268ms Stylesheet
text/css 104.18.88.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840581256/1687914924342/CLEAN-6-1-Child-Netenrich/css/main-foot.min.css
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.88.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f2b1d32241758db7748beef6f79403c974a780b30aef31fc2c5599bc5c9bae1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
age: 76034
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"10bd1277eb87df74d9c0eeb9d77f204b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1687914925388
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 93b3045b-de5e-490a-938a-158f8626aa0c
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 168
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 93b3045b-de5e-490a-938a-158f8626aa0c
last-modified: Wed, 28 Jun 2023 01:15:26 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YEoQBlcKgh%2FeRup%2BgZS5JsHk22SPw0xPvpn1%2FE0lbQ5UTkNoOi1PdIsn5Jq%2FMPgcPIDlc7pPpfIL5ueip3ouCNu8JqAA27CJaFbHtNGZpc7wMkWVOO5phUuBJslrwV9%2FOk4%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-6f9f79465b-4f62g
cf-ray: 893a900f7b76b5f1-WAW
timing-allow-origin: cdn2.hubspot.net

GET
H3 200 child.css
cdn2.hubspot.net/hub/128884/hub_generated/template_assets/90056481369/1717498696929/CLEAN-6-1-Child-Netenrich/ 50 KB
14 KB 290ms
219ms Stylesheet
text/css 104.18.88.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/90056481369/1717498696929/CLEAN-6-1-Child-Netenrich/child.css
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.88.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec55540302b7f50421320084c85a660db43bae6f453f7d147c1d46ad4fe9b653

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
age: 15990
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"42a96d76d99509959b49d70d09d70634"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1717498696929
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 28f765f0-2363-4ea9-b6c6-819dc529234c
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 129
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 28f765f0-2363-4ea9-b6c6-819dc529234c
last-modified: Tue, 04 Jun 2024 10:58:17 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SnmrBwEXff1XWKv8xoTyS5Fj1GgGw1yvqcqTZLVjt736sOBYG%2BhiF6LVvDLFmPb7y9bp8JBVeV%2FC5Q%2FMizLR9w40FpmSsUA%2Fylykj4XYFb9rJo0Q%2BvBkSSAAxMFQWSl7FnA%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-6f9f79465b-qd96f
cf-ray: 893a900f7b71b5f1-WAW
timing-allow-origin: cdn2.hubspot.net

GET
H3 200 global-header-v2.min.css
cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89832012173/1687914910733/CLEAN-6-1-Child-Netenrich/css/modules/ 19 KB
6 KB 339ms
269ms Stylesheet
text/css 104.18.88.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89832012173/1687914910733/CLEAN-6-1-Child-Netenrich/css/modules/global-header-v2.min.css
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.88.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 151fbdbb420761759cb84fb37f0765faaa24dd3a10cdb7ff54f9029a8f92c1d0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
age: 15990
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"348ab221490473ed3a2d4d45bc5543c8"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1687914911455
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: ac248124-d74f-4502-a550-720ba3036254
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 220
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: ac248124-d74f-4502-a550-720ba3036254
last-modified: Wed, 28 Jun 2023 01:15:12 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DkN3tHMueAEuSeHNUi2CyC66xJfK2u1F2qkyEq9gXdvhfmx4iVXukKdnuqtmgV5%2BAPSnMJcGJMMBhZ3kpmGFYOLRjSi7LraNIHrHAoh0jVPzGc%2BTAWz5lryS44EtAghk5S0%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-f6gc6
cf-ray: 893a900f7b79b5f1-WAW
timing-allow-origin: cdn2.hubspot.net

GET
H3 200 global-footer.min.css
cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89832145677/1687914918914/CLEAN-6-1-Child-Netenrich/css/modules/ 4 KB
2 KB 337ms
266ms Stylesheet
text/css 104.18.88.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89832145677/1687914918914/CLEAN-6-1-Child-Netenrich/css/modules/global-footer.min.css
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.88.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae59996935bc4d38092cdfcb128911966ba6dc228867f83eeb77a6bfaf3976f3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
age: 15990
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"6888ac6feabc8e51df9159a15eb9711b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1687914919551
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 8f78c8f5-1493-4bff-8e6b-9fccc8f7b5c2
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 210
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 8f78c8f5-1493-4bff-8e6b-9fccc8f7b5c2
last-modified: Wed, 28 Jun 2023 01:15:20 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tz0SfaxNVnWcn%2BxBw5aRD0VyoL65SeICasKS3HUnEkc0i5Htr3zHreay67bEVIz%2FKu9TneuAPwUvLKBAq9fcIAl2nkpXr7ZGhCOp2HS23%2FU14VaZpDSq1XrSzDVsH4oqlLQ%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z
cf-ray: 893a900f7b6db5f1-WAW
timing-allow-origin: cdn2.hubspot.net

GET
H3 200 module_94707865239_Menu_Top_Blog_Categories.min.css
cdn2.hubspot.net/hub/128884/hub_generated/module_assets/94707865239/1688586631715/ 3 KB
2 KB 390ms
320ms Stylesheet
text/css 104.18.88.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/128884/hub_generated/module_assets/94707865239/1688586631715/module_94707865239_Menu_Top_Blog_Categories.min.css
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.88.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12ba54a7acc0e192734c0985cfd00c04f3447c19ddffc9619b67cac107456f57

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"6a8df27406af1125d355a64fa9a3d6e7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1688586631715
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hubspot-correlation-id: 7c26a25c-d63b-402a-b0dc-69af6b1b5622
x-hs-alternate-content-type: text/plain
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 191
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 7c26a25c-d63b-402a-b0dc-69af6b1b5622
last-modified: Wed, 05 Jul 2023 19:50:32 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6L26s%2BmmiM6mQYgCDBZX1hyHf%2FEZU7rEljDKaP6FYAoqAKsqGejxWFYfsEcA74KuoBIk0eNmSKfmY%2BqxdXYPzfDVyjDoXtAS6yikIwMDVLTTwYxcIIXpSgmduTG0DNdYS%2FQ%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-6f9f79465b-4f62g
cf-ray: 893a900f7b7db5f1-WAW
timing-allow-origin: cdn2.hubspot.net

GET
H3 200 row-multi-column-content.min.css
cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89832528536/1687914912452/CLEAN-6-1-Child-Netenrich/css/modules/ 833 B
1 KB 482ms
412ms Stylesheet
text/css 104.18.88.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89832528536/1687914912452/CLEAN-6-1-Child-Netenrich/css/modules/row-multi-column-content.min.css
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.88.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc3eb3b3977d5a539871b653bd3e5d50f6a364a17cc3d5beed43fc5928fe1afb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
age: 15989
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"02af04e886c6e6f3ade3b560da65c941"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1687914913027
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 69453f10-6cf8-4426-a174-57b4f04315a2
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 155
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 69453f10-6cf8-4426-a174-57b4f04315a2
last-modified: Wed, 28 Jun 2023 01:15:14 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9iFL6e4dMC5Sy8iRuqa9tNMvt9D8RTtsDbXa%2FJf9lGQGWj%2BDKrFvbrp20zlEj86VZxUF%2FrxZVWqYXdRz%2FZGB%2F9lN%2BZudxSEo307tYP0nEmtFP3Ur%2FKoK%2BX96fjbyeExQmbk%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z
cf-ray: 893a900f7b83b5f1-WAW
timing-allow-origin: cdn2.hubspot.net

GET
H2 200 project.css
netenrich.com/hs/hsstatic/BlogSocialSharingSupport/static-1.258/bundles/ 720 B
837 B 111ms
110ms Stylesheet
text/css 2606:4700::6812:1dd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netenrich.com/hs/hsstatic/BlogSocialSharingSupport/static-1.258/bundles/project.css

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1dd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf3e0ecae28a70c5e010c24c160321243efe54f497d49a6a8f31ca12ee7eb972

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:49 GMT
strict-transport-security: max-age=31536000
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
age: 7410202
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: 8ccI4weZqJTdCHtwNm3UqetXb_uUGb6Y
content-encoding: br
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 19 Mar 2024 20:21:22 GMT
server: cloudflare
etag: W/"a81c70764750950eb72d4537c41e781f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R5FP0pyyuBaQIog1ovKYGwWN4h48h97CAkWIbCEg6FysGVqKm%2Bqq9DWhoOIQsVZ1laMYw0v%2FmHK%2Bb6tJVCW81OfYVXasm%2B4FAsgQ%2Bb0L%2B0cqgxXqcqvd8hm7bga06aW9gh59tXxHD%2BWLR1I%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 893a900f1917690a-FRA
x-amz-cf-id: g7Xq0RBZkXYErLa84Vt7JzfPtPOIstnRQrqC3IhE4nOzaCNhgj_NTA==
expires: Sat, 14 Jun 2025 13:10:49 GMT

GET
H2 200 comments_listing_asset.css
netenrich.com/hs/hsstatic/AsyncSupport/static-1.122/sass/ 1 KB
964 B 156ms
155ms Stylesheet
text/css 2606:4700::6812:1dd4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netenrich.com/hs/hsstatic/AsyncSupport/static-1.122/sass/comments_listing_asset.css

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1dd4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed92c951c39983af4f5fac78a5bab4c390b3faf7c46e2a35256ee38f5443ffa2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:49 GMT
content-encoding: gzip
via: 1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
age: 7473549
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: RefreshHit from cloudfront
x-amz-version-id: LQgaE1SSZjkxZtePb5jE9vLc6kDw7LTx
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 17 Dec 2021 15:26:10 GMT
server: cloudflare
etag: W/"6b1d31d121f4c84e5ee3b7d7446495d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d8JNVjFU6u2%2B3xMoHx1V0Nz3GHCaKMAMS5bOraORQEtxlPAo1g56JCHJuo3P2MtfHmZAHqHEuvPak77fdUF70o1ffazXIPxOCpnpVgA0ItDWZ4zyp7gLSv9SeQytU6ksc9mHc0f769t0hG0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 893a900f1919690a-FRA
x-amz-cf-id: Zu3gHbwRo2ZWbQ-lVbPI2yoEVlDCHpKfbUbS8ktmCaWxkXqGguGdgw==
expires: Sat, 14 Jun 2025 13:10:49 GMT

GET
H2 200 AudioPlayer-0db2b8a5.css
39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/221/js_client_assets/assets/ 6 KB
3 KB 177ms
73ms Stylesheet
text/css 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/221/js_client_assets/assets/AudioPlayer-0db2b8a5.css
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db2b8a5378da25cdcada19dc2492b0b5e215f5eb9c7f1131db607be9aaf8bb1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-167655304208,FD-167655797834,P-39666904,FLS-ALL
age: 2404705
x-amz-request-id: BVDPC00GQ9WBMKK1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-167655304208,FD-167655797834,P-39666904,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-meta-access-tag: public-not-indexable
etag: W/"27cc411518a5273ca5cc243f88bbefed"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1715893200067
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:49 GMT
via: 1.1 0833e8be76641de099b8f4a92c7a1c4e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: BuQ.BG1A5fFfVA0Yclv9lPetDBlT7.iq
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-167655304208,FD-167655797834,P-39666904,FLS-ALL
x-amz-meta-index-tag: none
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-id-2: hbOldrQ6c1HfEp9CXUvEviGI062JtnccqSto5ptVFMJCC73Ftzc7tZsbMvB5oI6j6uXqhu4QJKOiddQd088fZuWzaVZystcvmviVlPO4Ycw=
last-modified: Thu, 16 May 2024 21:00:01 GMT
server: cloudflare
cf-ray: 893a900fb8c74d3d-FRA
timing-allow-origin: 39666904.fs1.hubspotusercontent-na1.net
x-amz-cf-id: UFI_dl7b0Jl_eTRXplE_MydgqztHe7qHUPvfgXVBlghBZ946KEtIEw==

GET
H2 200 Tooltip-f20fb632.css
39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/221/js_client_assets/assets/ 3 KB
1 KB 178ms
74ms Stylesheet
text/css 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/221/js_client_assets/assets/Tooltip-f20fb632.css
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f20fb6328a121a22aab9616a52310c6bab4fd7d683a35e5cacd8afbc236492a4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-167654885520,FD-167655797834,P-39666904,FLS-ALL
age: 2408531
x-amz-request-id: YR02PNGHY85DFK4W
x-amz-server-side-encryption: AES256
edge-cache-tag: F-167654885520,FD-167655797834,P-39666904,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-meta-access-tag: public-not-indexable
etag: W/"c61853a76bec17d9243236d5bc51a19c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1715893200159
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:49 GMT
via: 1.1 4f2a14569b371893f3851a804b6ae8dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: A4HmJxzlV8jBQZRBaHHHNgJJX0ECdm1H
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-167654885520,FD-167655797834,P-39666904,FLS-ALL
x-amz-meta-index-tag: none
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-id-2: cAR+0Hji2m1AEU8E+xICwwJc7llQjefwvbSGwnAxohwQ2+QVp2k+4F9S71zkrQGIsb8CqeERhV4=
last-modified: Thu, 16 May 2024 21:00:01 GMT
server: cloudflare
cf-ray: 893a900fb8cb4d3d-FRA
timing-allow-origin: 39666904.fs1.hubspotusercontent-na1.net
x-amz-cf-id: ZeDQyr9xgvP2c_RbPd_QUxEI3eAYHrwVK_9htC5IZDAofzpCsooYdA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 352 KB
109 KB 171ms
79ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0ZKNG63YVT

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eac58b72aed3883faa3cd723257a86a8c1314c7bcea9d58dbf5b09f9a1bb18dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 111205
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 14 Jun 2024 13:10:50 GMT

GET
H2

200

index.umd.js Show response
unpkg.com/default-passive-events@2.0.0/dist/
Redirect Chain

https://unpkg.com/default-passive-events
https://unpkg.com/default-passive-events@2.0.0
https://unpkg.com/default-passive-events@2.0.0/dist/index.umd.js

947 B
743 B

62ms
61ms

Script
application/javascript

2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/default-passive-events@2.0.0/dist/index.umd.js

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10bcc81da88bb60d7f0b8df32d4bc7953268fb4d44e9a9d8aca98c020c579c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 14 Jun 2024 13:10:49 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 245686
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J043M9QV7ZXHQTHF9GBQGBTT-fra
server: cloudflare
etag: "3b3-54EGb0sww7FhRg0xHqrYtqdqln4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 893a90106d8718c7-FRA

Redirect headers

date: Fri, 14 Jun 2024 13:10:49 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01HSQAJTWDDGJYP5PQF7AVT4P9-fra
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 7117069
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /default-passive-events@2.0.0/dist/index.umd.js
cache-control: public, max-age=31536000
cf-ray: 893a900ffcde18c7-FRA

GET
H2 200 in.js Show response
platform.linkedin.com/ 510 KB
160 KB 440ms
48ms Script
text/javascript 2606:2800:233:66b5:799a:7cd3:f74d:7071
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://platform.linkedin.com/in.js

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE6) /

Resource Hash

f16a9696b3176614d3fe439def6fd9754fd489877999517b99b3b2f265cb7990

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-cdn-client-ip-version: IPV6
x-cdn: ECST
age: 1417
x-cache: HIT
x-cdn-proto: HTTP2
content-length: 163630
x-li-uuid: AAYa2QOrrYLXu+/Mma64Eg==
last-modified: Fri, 14 Jun 2024 12:47:12 GMT
server: ECAcc (frc/4CE6)
x-li-pop: prod-lva1-x
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
x-li-fabric: prod-lva1
cache-control: public, max-age=3600
x-li-proto: http/1.1
accept-ranges: bytes
expires: Fri, 14 Jun 2024 13:47:12 GMT

GET
H3 200 Netenrich-Logo-2%20Colors%20Positive.svg
netenrich.com/hubfs/logos/brand-logo/tiny-svg/ 2 KB
2 KB 134ms
133ms Image
image/svg+xml 104.18.29.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netenrich.com/hubfs/logos/brand-logo/tiny-svg/Netenrich-Logo-2%20Colors%20Positive.svg

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

482246d76f3af4849f6dc64b57bf5822df1d4ce0920823caa7b45f8a1a48bf99

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-107369326595,FD-107369597565,P-128884,FLS-ALL
age: 15990
x-amz-request-id: SG5SK3R96AWC4CN9
x-amz-server-side-encryption: AES256
edge-cache-tag: F-107369326595,FD-107369597565,P-128884,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"113352d465de12725b3a703ec92bb9b5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1679414240108
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:50 GMT
strict-transport-security: max-age=31536000
via: 1.1 90ecdc7529deb4cf6ecb56c4626e0ac8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: KcUsPChXEFgn1V2GSTOPm.nr_EspTxNy
x-amz-cf-pop: WAW51-P1
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-107369326595,FD-107369597565,P-128884,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: G7Frh2F/mJFHbBjIYRcqg5qI8gcSm+ds1mBdy0ffgepXbie6/uvUO6MPcP0jHOZT5GGZTjL8+p0=
last-modified: Tue, 21 Mar 2023 15:57:21 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HdyXmgCM%2Fap7CDABMD7%2FvR47Up6rhob2F%2Fw5a7nAlKv2f4rxV3L8pJKF5Q3amHTA25w%2BuKiH%2FJuOXt2rM5C2INclTgOzK4lojr5K8mxOKAVnfkQCpkfmirGx%2Bk9asKQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 893a90128ca4bf51-WAW
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: q3C0uMBEopcSX94_PRKyvdpW1WvJ5wZ2gH72jseo0zr7bCDibTEQ4g==

GET
H2 200 react-combined.mjs Show response
static.hsappstatic.net/cms-js-static/ex/js/react/v18/ 139 KB
45 KB 566ms
465ms Script
application/javascript 2606:4700::6811:af5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/cms-js-static/ex/js/react/v18/react-combined.mjs

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:af5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc6feb89fccf3b00229b9c72188394a08b6a773cfebc4b5f17abbd51f858c799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Origin: https://netenrich.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:49 GMT
x-amz-version-id: SLn5wMnMgfABRD31bKmVYL3lMOLJ5XMk
content-encoding: gzip
cf-cache-status: MISS
via: 1.1 debf5a1694fcb96cc13d895660321eda.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 04 Jun 2024 17:57:17 GMT
server: cloudflare
etag: W/"3ec026802b6a8f022fda20aa030ac4a8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7sbBgUI6xdy2Pv04AtDQDbFNFYCFX8p3Kkf5S65H%2FTR6hJgOBOs6q1JPWtpiQS2%2BT7BMDYn8AezhaGjJ3iJTWBHMrwa9fPJJ%2FvKcnnlSB78aTAAnaqeq2ifGrmJK%2FMxUBWAQ36%2BJAmab1%2B1wKXjWa3sPUUg%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: public, max-age=60
cf-ray: 893a900fb8d065d1-FRA
x-amz-cf-id: p62cS8ZN2ZQL-4f7kMUjXiU72oCkz_AwTdPFJYtRQMrFhdSJvuEjww==
expires: Fri, 14 Jun 2024 13:11:49 GMT

GET
H2 200 embed.js Show response
static.hsappstatic.net/content-cwv-embed/static-1.971/ 13 KB
5 KB 140ms
57ms Script
application/javascript 2606:4700::6811:af5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/content-cwv-embed/static-1.971/embed.js

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:af5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98dfeb1d061e8788b320a130a84723813efed0b2518921f30b40cc8a09bf8ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
x-amz-version-id: 1gm1MaaLzWiIBc2FerIVtLdckhSMSaY7
content-encoding: gzip
cf-cache-status: HIT
via: 1.1 18fab39b23fb6b3013058d6df5faf0bc.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P6
age: 615664
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 05 Jun 2024 15:05:39 GMT
server: cloudflare
etag: W/"26c40482b55a607cd44486a2958741d4"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MA%2B1PBeqsDAPzPGMKeZKwn5jr%2BFhgVAVPqRqVKnD4eJhsyyrRLLhdgzQ1dxdXgwg5YkTPaafGOSf%2BGaMb4KJxmIRF9aAPXaO82xwma94zunGI1Oh2HXbPNhaWT1TB8dau07DwqHW9eraJh1uZh2iEYSvlhM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 893a90130b2191f5-FRA
x-amz-cf-id: lEGvwrTGJqZ2O6fxk0_3bnjSm4fK8__hUDVF23Uszs_fPcZWhCrfhQ==
expires: Sat, 14 Jun 2025 13:10:50 GMT

GET
H3 200 clean-theme.min.js Show response
cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89832529306/1686068712261/CLEAN-6-1-Child-Netenrich/js/ 176 KB
52 KB 98ms
98ms Script
application/javascript 104.18.88.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89832529306/1686068712261/CLEAN-6-1-Child-Netenrich/js/clean-theme.min.js
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.88.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4adb7831865a2a887ca2cac64fcbb9715c01e7f3bae951cf9f6df7df7e312559

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
age: 76034
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"cef587f9fcabc87d9ff546c4f933a60c"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1686068713362
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: b7aa2ca8-4a77-4903-a78d-042502b5ada1
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 172
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: b7aa2ca8-4a77-4903-a78d-042502b5ada1
last-modified: Tue, 06 Jun 2023 16:25:14 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ei6adG%2FIrwPY%2BVpDHB%2FeiFADgVHTSj6X%2FZLO9OodAIJmYhIIoumXGVXofalFFAhFW9g1cHSVelOnaW5Dz6xrDBcFUQWTvQl1HH6VlmOX54TLDFwjjbEZNyuFwcbqjU0cSm4%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-6f9f79465b-qd96f
cf-ray: 893a90112ebcb5f1-WAW
timing-allow-origin: cdn2.hubspot.net

GET
H3 200 jquery-modal-min.min.js Show response
cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840555887/1687914914047/CLEAN-6-1-Child-Netenrich/js/ 5 KB
3 KB 104ms
104ms Script
application/javascript 104.18.88.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840555887/1687914914047/CLEAN-6-1-Child-Netenrich/js/jquery-modal-min.min.js
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.88.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed29c38a135cd8575eaa762bc9eaf674c2a546d06bcddcc98df69fd55d533803

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
age: 15991
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"7cbf02f1a5ef1a644b364f1f41322f51"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1687914914293
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: e5f5a71e-ed15-4773-a19c-d90ec83621b0
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 307
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: e5f5a71e-ed15-4773-a19c-d90ec83621b0
last-modified: Wed, 28 Jun 2023 01:15:15 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0F4sNw1f5Dogg%2BL6fjWUiaBhguAAF3Fua%2BfMMXeRtNiGywavvjZ936pBIcfQEZ7CxPtaRScJId9JqCHxQfPrqqGkGvQLsDTeDJNPhuzGu8Es%2FpAVCOzs8ald%2BXtdt10cmgE%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z
cf-ray: 893a90128914b5f1-WAW
timing-allow-origin: cdn2.hubspot.net

GET
H3 200 child.min.js Show response
cdn2.hubspot.net/hub/128884/hub_generated/template_assets/90058492740/1699332974728/CLEAN-6-1-Child-Netenrich/ 433 B
1 KB 102ms
101ms Script
application/javascript 104.18.88.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/90058492740/1699332974728/CLEAN-6-1-Child-Netenrich/child.min.js
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.88.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6e34e980fcc571b82024e51757363f2fd830751342f4ad52c9673013be82f44

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
age: 15990
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"fdebdedc959bfa8583e6b3f4b0109826"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1699332974861
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: c1d9d876-830e-4477-81ba-5042cacd8ce8
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 172
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: c1d9d876-830e-4477-81ba-5042cacd8ce8
last-modified: Tue, 07 Nov 2023 04:56:15 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Zn8mRLqyyn%2BEnPCuVTOJ2VM4D8kwFuSBZNAodEiXUhEP%2B0utLTG57pFSWCr2oTrEs%2FQzP6FvPboR%2BUDyDagAlcBDZCvnDAaalm%2BUdKpQXSPTQqRljiC%2FmwCk1aLeD9m5LY%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-6f9f79465b-jtb4w
cf-ray: 893a90112ebfb5f1-WAW
timing-allow-origin: cdn2.hubspot.net

GET
H3 200 mega-menu.min.js Show response
cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840853842/1687914910210/CLEAN-6-1-Child-Netenrich/js/ 672 B
1 KB 93ms
93ms Script
application/javascript 104.18.88.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840853842/1687914910210/CLEAN-6-1-Child-Netenrich/js/mega-menu.min.js
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.88.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6aa2b4b8e9bffc2525a3df9a517ae89876e34fefde827e5587edd591f16c268

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
age: 76034
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"d936444d4762e1f4b92dc50163090aed"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1687914910344
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: b8b92734-092a-4e6f-bf69-9b40a82affc1
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 194
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: b8b92734-092a-4e6f-bf69-9b40a82affc1
last-modified: Wed, 28 Jun 2023 01:15:11 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CfO3vl2WVLjXQNLEVaBTLH7fmHn4JErzZOOXQwzXfIjSNZW7ZkyyQF0Fkrd1k80t%2BvA5eoE42wICbveoKcIDLqBvyaTltqPJ6wRd86L7biheD0toCfEOmjXjGRvGuHdV%2B6w%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z
cf-ray: 893a90121862b5f1-WAW
timing-allow-origin: cdn2.hubspot.net

GET
H3 200 module_109981603486_Global_Footer.min.js Show response
cdn2.hubspot.net/hub/128884/hub_generated/module_assets/109981603486/1692179791572/ 289 B
1 KB 78ms
78ms Script
application/javascript 104.18.88.62
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.hubspot.net/hub/128884/hub_generated/module_assets/109981603486/1692179791572/module_109981603486_Global_Footer.min.js
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.88.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e0b01bc51c5b7d77b118d1fc2252d792616ec08f8b3acc0574b21c2bfaf4d63

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
age: 76034
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-evy-trace-listener: listener_https
etag: W/"9a6abf5bc72ecfd950d6edd226b8b428"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1692179791572
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-evy-trace-virtual-host: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: IAD89-C1
x-hs-alternate-content-type: text/plain
x-hubspot-correlation-id: 813a02df-5d3b-47b0-a3b8-c1619a61cf4b
x-amz-storage-class: INTELLIGENT_TIERING
x-envoy-upstream-service-time: 198
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-request-id: 813a02df-5d3b-47b0-a3b8-c1619a61cf4b
last-modified: Wed, 16 Aug 2023 09:56:32 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pLY6QM304xSQ1VWoxWxraZ6AsGWGXWDsy3pI0Q0dNlW3lQ7aVCuG5RKlnKEJvrftmx%2BEYoqe9QcS6d8fjVBcNj0e3VD1DWcaNw2sXt191zlOnm6YO0O4e6UBn%2FQBV3RfGgE%3D"}],"group":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod: iad02/cms-cdn2-td/envoy-proxy-64d59778d6-jrv7z
cf-ray: 893a90121865b5f1-WAW
timing-allow-origin: cdn2.hubspot.net

GET
H3 200 128884.js Show response
netenrich.com/hs/scriptloader/ 2 KB
2 KB 238ms
238ms Script
application/javascript 104.18.29.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netenrich.com/hs/scriptloader/128884.js

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

557b46264c328526d35d55e8c2c02840b73a5deab11d88f6b34710919dea3725

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: b5afdf62-be41-4e6f-bd53-6d35c83a5c9d
content-security-policy: upgrade-insecure-requests
x-envoy-upstream-service-time: 15
alt-svc: h3=":443"; ma=86400
content-length: 682
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b5afdf62-be41-4e6f-bd53-6d35c83a5c9d
last-modified: Fri, 14 Jun 2024 11:27:16 GMT
server: cloudflare
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://netenrich.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-l9tqr
cache-control: public, max-age=90
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9bHeVHiygLCFZPymCxCUin%2FOhnf8VdLQ3qMvGx6OqlRU1MCNVGbxCGPkEOe0SBmqf2I9hYl53CGP2I%2FHwA%2FsQnBEpdQ4g361%2BuMBPq8CtNAukYapWLI37K%2Byu%2FOzmuQ%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 893a90128ca7bf51-WAW
expires: Fri, 14 Jun 2024 13:12:20 GMT

GET
H3 200 index.js Show response
netenrich.com/hs/hsstatic/HubspotToolsMenu/static-1.321/js/ 12 KB
5 KB 112ms
111ms Script
application/javascript 104.18.29.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netenrich.com/hs/hsstatic/HubspotToolsMenu/static-1.321/js/index.js

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f826bcac220a5475477ee65fae659b0d8292d038d180a122df67fadb6742ed52

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
content-encoding: gzip
via: 1.1 44a23a2f4d4e9659f5b008d1f39e1318.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
age: 7419430
x-amz-cf-pop: WAW51-P3
x-amz-server-side-encryption: AES256
content-security-policy: upgrade-insecure-requests
x-cache: Hit from cloudfront
x-amz-version-id: 1rlxLpliQ7bEVIEMqiesE48_Sx9RmqkP
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Mar 2024 15:59:57 GMT
server: cloudflare
etag: W/"5885ac5129ee80f8b7e1e228e142587d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wiWRR3vDjXmBCoDidCE2kmS3lZ6jMHIBhxY%2FZcgzmMtW5OC1D8Hqune8WgaqbTTrHgMexbc2%2FzrqT0tSF8Gn9tq9BtXFH3GYB8FOiGeUKpCbUPH99Kg319pqWxTm8lc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 893a90128ca8bf51-WAW
x-amz-cf-id: 5LTyQyxZIRPK3NZXGJfmCy10Vf8EZlRquB0oSXT-gV1kjarqaNrJ5Q==
expires: Sat, 14 Jun 2025 13:10:50 GMT

GET
H3 200 Netenrich-Logo-2%20Colors%20Positive.svg
netenrich.com/hubfs/logos/brand-logo/tiny-svg/ 2 KB
0 132ms
132ms Image
image/svg+xml 104.18.29.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netenrich.com/hubfs/logos/brand-logo/tiny-svg/Netenrich-Logo-2%20Colors%20Positive.svg

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

482246d76f3af4849f6dc64b57bf5822df1d4ce0920823caa7b45f8a1a48bf99

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-107369326595,FD-107369597565,P-128884,FLS-ALL
age: 15990
x-amz-request-id: SG5SK3R96AWC4CN9
x-amz-server-side-encryption: AES256
edge-cache-tag: F-107369326595,FD-107369597565,P-128884,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: W/"113352d465de12725b3a703ec92bb9b5"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1679414240108
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:50 GMT
via: 1.1 90ecdc7529deb4cf6ecb56c4626e0ac8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: KcUsPChXEFgn1V2GSTOPm.nr_EspTxNy
x-amz-cf-pop: WAW51-P1
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-107369326595,FD-107369597565,P-128884,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: G7Frh2F/mJFHbBjIYRcqg5qI8gcSm+ds1mBdy0ffgepXbie6/uvUO6MPcP0jHOZT5GGZTjL8+p0=
last-modified: Tue, 21 Mar 2023 15:57:21 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HdyXmgCM%2Fap7CDABMD7%2FvR47Up6rhob2F%2Fw5a7nAlKv2f4rxV3L8pJKF5Q3amHTA25w%2BuKiH%2FJuOXt2rM5C2INclTgOzK4lojr5K8mxOKAVnfkQCpkfmirGx%2Bk9asKQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 893a90128ca4bf51-WAW
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: q3C0uMBEopcSX94_PRKyvdpW1WvJ5wZ2gH72jseo0zr7bCDibTEQ4g==

GET
H3 200 regular.woff2
netenrich.com/_hcms/googlefonts/Inter/ 95 KB
96 KB 967ms
964ms Font
font/woff2 104.18.29.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netenrich.com/_hcms/googlefonts/Inter/regular.woff2

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e79ab82e5909071c56baad1b43348ca00a1a53970967f812638c10a449e73bcd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Origin: https://netenrich.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 28 Jun 2024 13:10:50 GMT
date: Fri, 14 Jun 2024 13:10:50 GMT
strict-transport-security: max-age=31536000
via: 1.1 a06cb72e779e366fcd004926eacd5b84.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: ZRH50-C1
x-amz-request-id: A5V0P6VS4G4VN3S7
x-amz-server-side-encryption: AES256
x-amz-version-id: a6tm8WkyKaxah_2MSeNX09oFCmnJeRFh
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 97324
x-amz-id-2: CwU138FAzRJWo5kyOg1o/PEeuW3TxMIAxRErD1Jp/OL6iPo2j8phdl5yOfyiBlys4/6bV63Ev+E=
last-modified: Wed, 29 Nov 2023 20:01:28 GMT
server: cloudflare
etag: "707b265a9518d559e199cc66c84ae791"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kYBFnop0EgoAK%2F4823wi3aL%2FCmJcXrQYdj0znZZTHKCxNo6RhIheR5RJ1%2Bmu61e4s0fAoyJHXGxmkboo0Fg1IlCtA44xRdQUyZtKuYFC3exJxzoudZpMH%2B0Kc902%2BH4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 893a9012ed0ebf51-WAW
x-amz-cf-id: AYpmcqsWgSa-XWjmU3ODe1xJk8scMlMza_z4kS-5aAw3gxS2hg-eZQ==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 regular.woff2
netenrich.com/_hcms/googlefonts/Plus_Jakarta_Sans/ 22 KB
23 KB 228ms
225ms Font
font/woff2 104.18.29.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netenrich.com/_hcms/googlefonts/Plus_Jakarta_Sans/regular.woff2

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5e0a37084a3294633982723e79ddd3af0afa27825d7e3e0b28dd7714594d621

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Origin: https://netenrich.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 28 Jun 2024 13:10:50 GMT
date: Fri, 14 Jun 2024 13:10:50 GMT
strict-transport-security: max-age=31536000
via: 1.1 297a2b3ab6b9933e5d097fc4266514ae.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: WAW51-P1
x-amz-request-id: RSRMSADM51BGFH7K
x-amz-server-side-encryption: AES256
x-amz-version-id: zmEhT7lISB2J7NbQ5ndndy5omdOhMBXL
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 22136
x-amz-id-2: gWDS98qFS4PzP8bRg8Hk38Zzc1yrureJEORwUYXFLUGWUKGhmTQxxV8qrIMtyi9L7b6TNxeNfEY=
last-modified: Tue, 12 Sep 2023 22:25:53 GMT
server: cloudflare
etag: "c9486e9610491222e905dcd5bb108d85"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MuVc0VwinDQavtaCKJ94ExblIouWpaLTOfFSivOU85yy3g1J27q%2B%2BMdOinMXIMogzHlKKfmL1km%2BWdu%2BQ6sdnojYwZ4cdBT4ik0mbZrnXmXo0OwYSMvmT23eeYrTRCg%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 893a9012ed10bf51-WAW
x-amz-cf-id: UGM6lqmk3h-ayEXTYchSwaOmObhvIud58fSeBr6RsWfLxEQpvdFCPw==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 fa-solid-900.woff2
128884.fs1.hubspotusercontent-na1.net/hubfs/128884/raw_assets/public/@marketplace/Helpful_Hero/CLEAN-6-1-theme/webfonts/ 78 KB
78 KB 242ms
144ms Font
application/font-woff2 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://128884.fs1.hubspotusercontent-na1.net/hubfs/128884/raw_assets/public/@marketplace/Helpful_Hero/CLEAN-6-1-theme/webfonts/fa-solid-900.woff2
Requested by: Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840581256/1687914924342/CLEAN-6-1-Child-Netenrich/css/main-foot.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn2.hubspot.net/
Origin: https://netenrich.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-cache-tag: F-89840124208,FD-89830975632,P-128884,FLS-ALL
age: 218430
x-amz-request-id: 4BC2B1Z3V63T0FPW
x-amz-server-side-encryption: AES256
edge-cache-tag: F-89840124208,FD-89830975632,P-128884,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "b15db15f746f29ffa02638cb455b8ec0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1666982785827
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:50 GMT
via: 1.1 a5607d37f6322bee208b762f730550a0.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: SdqgGKRhZNWotq8SORxfIo9CiXTmWQMQ
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-89840124208,FD-89830975632,P-128884,FLS-ALL
x-amz-meta-index-tag: none
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 79444
x-amz-id-2: LMwn7RD36RI4+RB/HxZXJ3IBQsy4P0sMtk073GEL6vPsRlr+DRww8Y5xjU043CBg7Rn/WMwWNI4=
last-modified: Fri, 28 Oct 2022 18:46:26 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 893a90137c6b30c9-FRA
timing-allow-origin: 128884.fs1.hubspotusercontent-na1.net
x-amz-cf-id: oBNJZ6kIodcIQFXqbtKFnIasN7lk9M55V_vQL-oi4TQfcOprAPkYlw==

GET
H3 200 500.woff2
netenrich.com/_hcms/googlefonts/Plus_Jakarta_Sans/ 22 KB
24 KB 1154ms
1151ms Font
font/woff2 104.18.29.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netenrich.com/_hcms/googlefonts/Plus_Jakarta_Sans/500.woff2

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bdadbde2f846fcb4aa12c285bbc113f7f1470f0b5d72dd52671cce3e10ef0a2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Origin: https://netenrich.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 28 Jun 2024 13:10:50 GMT
date: Fri, 14 Jun 2024 13:10:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 28de398d6bd20bc440c06f568b49c876.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: WAW51-P1
x-amz-request-id: 5VVM67D42KAJJJ22
x-amz-server-side-encryption: AES256
x-amz-version-id: WRFtoH0Z888q6PFFiaw4FNCgDVdilrQ6
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 22988
x-amz-id-2: TmwFqxbX2y1+c1Mfk6Vk77Uu5+a/+l7YAhRiMJUzg/ZeAX8yqTBmD+wJ+uf/aUahejy43m+kjb4=
last-modified: Tue, 12 Sep 2023 22:25:42 GMT
server: cloudflare
etag: "a620c77219c25677b07fea63b2cb98a0"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LhI3KKcFbTTi3WFCKRhdLEmtxHTyRz2bUTILgsNqOG1aLtP%2B1UAY9PNNkWOKjR2V7ZWEj6ckN3kj%2BcxWyYtPzskqPZinYOVq9BKBUp31g%2FHws43ih8y%2FnJASF4Nh6fw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 893a9012ed13bf51-WAW
x-amz-cf-id: XYeyxOvmYaBjC_IAcd4PAgvTwNLRcPPU-8TZjgZKZfkfTicoxinC5A==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 800.woff2
netenrich.com/_hcms/googlefonts/Plus_Jakarta_Sans/ 22 KB
23 KB 320ms
318ms Font
font/woff2 104.18.29.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netenrich.com/_hcms/googlefonts/Plus_Jakarta_Sans/800.woff2

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3a045a55ce5bdb56ea57e37b6e25decab1313db2cc462e9c13c29797f2f2dfd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Origin: https://netenrich.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 28 Jun 2024 13:10:50 GMT
date: Fri, 14 Jun 2024 13:10:50 GMT
strict-transport-security: max-age=31536000
via: 1.1 9a5a7a128fa33b5594ad1cc4824deb8c.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: WAW51-P1
x-amz-request-id: D954XAV4A1DXGAZQ
x-amz-server-side-encryption: AES256
x-amz-version-id: ygC5bYh0Clc9I2SLFCOOSHGa7RfxexdQ
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 22348
x-amz-id-2: zEjiedQhbhdClvZBgOp/DHNwqtzF5QnFmZjXSNfnA6sPGQnwcm42BeDQ2iQNSaYZRQOOVu1P0v4=
last-modified: Tue, 12 Sep 2023 22:25:43 GMT
server: cloudflare
etag: "d01abaaef9aacc1eb8aa64a9af1504ba"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dCvec1s%2FLB7tOabsQj85jo7%2F%2FBqOnue5n%2FOWwDoXdiYVOfVmRSxrZPS8v1PElXsZIQDELnDCYrQCg3MvNW1%2F%2FC0be4w2FKNTyzDFPtv155jY9QEw2j1gyPoMx0db9gU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 893a9012ed15bf51-WAW
x-amz-cf-id: i1RsGvJU8kM3XWKB0yf7E2X1Ya591_C4p4cTQfe0XLCzjJjzqTmOMg==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 700.woff2
netenrich.com/_hcms/googlefonts/Inter/ 104 KB
105 KB 187ms
184ms Font
font/woff2 104.18.29.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netenrich.com/_hcms/googlefonts/Inter/700.woff2

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e11c5e343207d11c5d88db4a5e6ed9d1bec922ff9a3b40b8631fdef84b6a969

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Origin: https://netenrich.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 28 Jun 2024 13:10:50 GMT
date: Fri, 14 Jun 2024 13:10:50 GMT
strict-transport-security: max-age=31536000
via: 1.1 aba4c94d7226be4a72f6be3307b6227a.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: WAW51-P1
x-amz-request-id: R4DGMCQHVD5QG7P8
x-amz-server-side-encryption: AES256
x-amz-version-id: c5yuJTJWIqnopBvZzip_eovp09FlepSs
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 106168
x-amz-id-2: S/PpYUZvaUGb2LPQKbMsiHv+38R18KhCER01nGEUfDCQDmOOA3V8DRKzqUTSn1J+znPohfbnY+GqKwrfCiynCw==
last-modified: Wed, 29 Nov 2023 20:01:27 GMT
server: cloudflare
etag: "eff90385be9d3cfd841608f3446045a6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3wMHgz0IVl2jJICdrmqVrz4RJeVRyVIvPvaAN079azc%2Fk6e2gHEpl8rXzgU5BGX2IViO2y92uAXshO8ua%2FzqxhaFE9gv8Zq4hYjHFo26FF7O7HthE9S%2Fl5J7h2qIVCQ%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 893a9012ed18bf51-WAW
x-amz-cf-id: NnNZnzBrSoW2i-6itLqMi2x835A6bQi1DkRsFJKlDgufp2O_LjHzpw==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H3 200 800.woff2
netenrich.com/_hcms/googlefonts/Inter/ 104 KB
105 KB 1200ms
1198ms Font
font/woff2 104.18.29.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netenrich.com/_hcms/googlefonts/Inter/800.woff2

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

151a1622b0d73e0fe3a2f7ccf20f20a4b2b6b5b6878ebec7de8b06b77d89aa12

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Origin: https://netenrich.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 28 Jun 2024 13:10:50 GMT
date: Fri, 14 Jun 2024 13:10:50 GMT
strict-transport-security: max-age=31536000
via: 1.1 7831077905969c90ee4e09ffe271ccc8.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-amz-cf-pop: WAW51-P1
x-amz-request-id: 12BXMJWZJ06YH1P3
x-amz-server-side-encryption: AES256
x-amz-version-id: d_bMe..cwGROPfrN.aLAu55VlcU12z1P
x-cache: RefreshHit from cloudfront
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
alt-svc: h3=":443"; ma=86400
content-length: 106212
x-amz-id-2: BxVdYAhu35v7ktGrEPM/YpJ8yKw2d+wnBNYVMALQCImWIX5SF3Hgm1hU70ekpu20q5hfhN0NAQU=
last-modified: Wed, 29 Nov 2023 20:01:35 GMT
server: cloudflare
etag: "41de8ba5533482750f81fb5c7e764081"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oardO%2FgubjKnDEsWrKt0J7PYzyzxeB%2BrrECaz6V6itf0zmuOqdBq82t%2FLeMOhUhAi5%2F93AOl2iq79ETOaOP6JDAmisz3f4KyJk12fxJepJMMMdTyqiJjVBLcNro0%2B%2B8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=1209600
accept-ranges: bytes
cf-ray: 893a9012ed1abf51-WAW
x-amz-cf-id: _njV-9it07qgyeokSGsTDUoUoHGlczX5JXR-8RteYXblfouuHmIYCQ==
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3

GET
H2 200 fa-brands-400.woff2
128884.fs1.hubspotusercontent-na1.net/hubfs/128884/raw_assets/public/@marketplace/Helpful_Hero/CLEAN-6-1-theme/webfonts/ 75 KB
76 KB 200ms
104ms Font
application/font-woff2 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://128884.fs1.hubspotusercontent-na1.net/hubfs/128884/raw_assets/public/@marketplace/Helpful_Hero/CLEAN-6-1-theme/webfonts/fa-brands-400.woff2
Requested by: Host: cdn2.hubspot.net
URL: https://cdn2.hubspot.net/hub/128884/hub_generated/template_assets/89840581256/1687914924342/CLEAN-6-1-Child-Netenrich/css/main-foot.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdn2.hubspot.net/
Origin: https://netenrich.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-cache-tag: F-89840158827,FD-89830975632,P-128884,FLS-ALL
age: 232313
x-amz-request-id: 4QTA8KEVRGGBCEE8
x-amz-server-side-encryption: AES256
edge-cache-tag: F-89840158827,FD-89830975632,P-128884,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
etag: "ed311c7a0ade9a75bb3ebf5a7670f31d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1666982785902
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:50 GMT
via: 1.1 f2a51982e289d888963f4f93b48c5f22.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: DTfaAEKEuAdI2q_mFWNHJiw_SqcmrK5N
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-89840158827,FD-89830975632,P-128884,FLS-ALL
x-amz-meta-index-tag: none
x-amz-storage-class: INTELLIGENT_TIERING
content-length: 76736
x-amz-id-2: q+2L1IihBzLMBWYwVroIBx2L/NUzyZJBqm1JafkNZ3AlsxbONDrg27zy0I1qPiZDmsHWleI3HV0=
last-modified: Fri, 28 Oct 2022 18:46:26 GMT
server: cloudflare
accept-ranges: bytes
cf-ray: 893a90137c6930c9-FRA
timing-allow-origin: 128884.fs1.hubspotusercontent-na1.net
x-amz-cf-id: j3ZZoAcreN1Si6sOVd-LNX9zlaXYZWFYM4UP8XMcMpyCYrxyNBoZ2w==

GET
H3 200 featured-video-plarform-nav-dropdown.png
netenrich.com/hs-fs/hubfs/images/ 4 KB
5 KB 132ms
132ms Image
image/webp 104.18.29.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netenrich.com/hs-fs/hubfs/images/featured-video-plarform-nav-dropdown.png?width=400&height=176&name=featured-video-plarform-nav-dropdown.png

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0f37c0ed06bdcb1bad0b97f95ec804a1a0d41ec51ff36e887423e953f68e956

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
strict-transport-security: max-age=31536000
via: 1.1 ca4bc82573be586920ccabe8e2946522.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-165504546200,FD-16963137,P-128884,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 3676
cf-resized: internal=ok/m q=0 n=788+0 c=5+19 v=2024.6.0 l=3676
last-modified: Thu, 25 Apr 2024 12:03:18 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cflrKtOjr0AXpjgz8zR_fNziAwXBlIgwK1PqDV9LSdDQ:bed533fac620fd5a80d982e02ef34ec7"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RT6Tu5luzUCY6fnn88TGkOJB2C9rnOgl%2BAEM5IEQwdLEe4BA3CKIZpsGeaNHXsU0WHDoO0ITEWWsj3drEWAheCIPfLl3sdJABXZBqKP25QuoA%2FP%2Fwiw5C%2Bf9Upn2Xi8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 893a9012dd00bf51-WAW
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net

GET
H3 200 netenrich-gartner-emerging-tech-security-report.webp
netenrich.com/hs-fs/hubfs/blog/ 7 KB
8 KB 184ms
182ms Image
image/webp 104.18.29.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netenrich.com/hs-fs/hubfs/blog/netenrich-gartner-emerging-tech-security-report.webp?width=300&height=157&name=netenrich-gartner-emerging-tech-security-report.webp

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c71736af0ebc45a33daae647e8b3dd787e2ad795e1387f8aa779ca20790886a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
strict-transport-security: max-age=31536000
via: 1.1 b01cad2ed1269880253c38e06a99f4de.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-145604126835,FD-79326562910,P-128884,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 7028
cf-resized: internal=ok/h q=0 n=12+0 c=1+0 v=2024.6.0 l=7028
last-modified: Wed, 15 Nov 2023 11:13:15 GMT
cf-bgj: imgq:0,h2pri
server: cloudflare
etag: "cf9esPQ66hQFz1rk6KSaZkyFgHRmTpwU00oc4mJw8kDQ:c76f994df52b21cf057e733ee0d3135c"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7bZle0BPz92BwgsxtLkCLqX5q0nX7i%2F%2FhIGs6RMYnbJUDiM%2BpWHTjhoR8H1CzUjY%2FljNLr938h5N4cxlmTkkvw0aoV%2FOIHRRFVxgpmKu9jd%2Bl5p7XPnL4%2FbGcyPtJJo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 893a9012dd02bf51-WAW
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net

GET
H3 200 rakesh-krishnan.png
netenrich.com/hs-fs/hubfs/headshots/ 504 B
2 KB 142ms
138ms Image
image/webp 104.18.29.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netenrich.com/hs-fs/hubfs/headshots/rakesh-krishnan.png?width=30&name=rakesh-krishnan.png

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04bcf4dcb045d57f040ae091c4359ad66819cca73b3a6307b0e13ff63f91afd9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
strict-transport-security: max-age=31536000
via: 1.1 92835d2f5794bba6bff3a83645bbf4c4.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-127039472562,FD-80372026186,P-128884,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 504
cf-resized: internal=ok/m q=0 n=824+0 c=3+2 v=2024.6.0 l=504
last-modified: Wed, 26 Jul 2023 06:20:10 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cflvDyq06mBrnr_szBG8E_UB6j3cWOidFCnm1bBs3aDQ:ed71f1a50b6fb35a53d9f09a53af278f"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mXMuiuBSmgBCDIIrzD69ia6uDhyAjdosU3leOKC1LiN3%2B5QtTjVoA3aXh1cJXZ7ZficHGWi3h8SkIS1GHs4qvean3t7w2EJDPYW0kRQSEvAJUkL7DVtSXilMEM06jSI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 893a9012ed08bf51-WAW
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net

GET
H3 200 sample-test.png
netenrich.com/hs-fs/hubfs/blog/ 19 KB
20 KB 1175ms
1172ms Image
image/webp 104.18.29.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netenrich.com/hs-fs/hubfs/blog/sample-test.png?width=650&height=317&name=sample-test.png

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88a328c6eec221c93b11902a17da311aef52be7252081b668d9f3ae716da7394

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 174262b85c119d8208d4718b655e0b6c.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-131534746427,FD-79326562910,P-128884,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 19478
cf-resized: internal=ok/h q=0 n=897+0 c=3+53 v=2024.6.0 l=19478
last-modified: Fri, 25 Aug 2023 09:25:06 GMT
cf-bgj: imgq:86,h2pri
server: cloudflare
etag: "cfIg6HsKteqHOyU_fYjC0esIDNj086g3MbZSZ0DwegDQ:0f63acbec4bb029714ff7302907f8c48"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H3IbBARp%2FzOxRfns6MCQAumL5hEjZrO4VvPaJ3qQlHmM6i0eCjHcithP1fpJz91l%2BRUAhztcHvNsN%2FJurtHN7cUjy1%2BzfDIjCWz9z6ebQfCju0e5oINd2TeyCxJJ9Ag%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 893a9012ed09bf51-WAW
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net

GET
H3 200 ransom-note.png
netenrich.com/hs-fs/hubfs/blog/ 48 KB
49 KB 1106ms
1103ms Image
image/webp 104.18.29.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netenrich.com/hs-fs/hubfs/blog/ransom-note.png?width=500&height=349&name=ransom-note.png

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a60abe460a50d7523471f42c084f8b40c42d03d6042dff6d164430fe2b0cb625

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 b01cad2ed1269880253c38e06a99f4de.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-131496851562,FD-79326562910,P-128884,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 49160
cf-resized: internal=ok/m q=0 n=815+0 c=1+57 v=2024.6.0 l=49160
last-modified: Thu, 24 Aug 2023 12:50:13 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfoKOX5XHbXYMV77950gWz8_2BZIVwRjWZLoOB617CDQ:323f552aae1fd5a9534eed8d478db292"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6mFXO99y7IUxD24O2Iyr17cdQrhpsMZ0zAaoTr1fhb5cIgSGb2eynQMdVQ6rHXeZrraOHXctoUTL0lLxrY8RPZoY7ZahuI9FHQb%2BsI%2FfGz7OArQCGaVspGev%2FYKj11g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 893a9012ed0bbf51-WAW
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net

GET
H3 200 dark-web-panel.png
netenrich.com/hs-fs/hubfs/blog/ 11 KB
12 KB 1056ms
1053ms Image
image/webp 104.18.29.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://netenrich.com/hs-fs/hubfs/blog/dark-web-panel.png?width=500&height=236&name=dark-web-panel.png

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26b089bae9a21fc8b11a5e96c9be00be08dbb83b8ee88721845c18f682f9c7d1

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 0d8fb9ea76ca48d1884fa97507d30086.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'; upgrade-insecure-requests
cache-tag: F-131500705184,FD-79326562910,P-128884,FLS-ALL
alt-svc: h3=":443"; ma=86400
content-length: 11106
cf-resized: internal=ok/m q=0 n=798+0 c=0+25 v=2024.6.0 l=11106
last-modified: Thu, 24 Aug 2023 12:51:37 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "cfr9sX9g6m1ZXWeAi9PxIRuJ4phy2_C8uVcFdAn55NDQ:52d2ef5c68d0436592aed8a0a6405353"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RHD07mTDbgDYCYZXI7cXKuR7%2BVX7Ch43avyuzZ%2FSZdQUFv%2BtXypFyEjh8z0LJ7i4vK4KZcqiB7Em7Nt07ZyWdQ4atovV3V%2BhBxhzy1McnOgct5ax3yMnhVgYBnV%2F4O0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
accept-ranges: bytes
cf-ray: 893a9012ed0dbf51-WAW
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net

GET
H2 200 AudioPlayer-0db2b8a5.css
39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/221/js_client_assets/assets/ 6 KB
113 B 94ms
93ms Other
text/css 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/221/js_client_assets/assets/AudioPlayer-0db2b8a5.css
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0db2b8a5378da25cdcada19dc2492b0b5e215f5eb9c7f1131db607be9aaf8bb1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-167655304208,FD-167655797834,P-39666904,FLS-ALL
age: 2404706
x-amz-request-id: BVDPC00GQ9WBMKK1
x-amz-server-side-encryption: AES256
edge-cache-tag: F-167655304208,FD-167655797834,P-39666904,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-meta-access-tag: public-not-indexable
etag: W/"27cc411518a5273ca5cc243f88bbefed"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-meta-created-unix-time-millis: 1715893200067
access-control-allow-origin: *
content-type: text/css
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:50 GMT
via: 1.1 0833e8be76641de099b8f4a92c7a1c4e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: BuQ.BG1A5fFfVA0Yclv9lPetDBlT7.iq
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-167655304208,FD-167655797834,P-39666904,FLS-ALL
x-amz-meta-index-tag: none
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-id-2: hbOldrQ6c1HfEp9CXUvEviGI062JtnccqSto5ptVFMJCC73Ftzc7tZsbMvB5oI6j6uXqhu4QJKOiddQd088fZuWzaVZystcvmviVlPO4Ycw=
last-modified: Thu, 16 May 2024 21:00:01 GMT
server: cloudflare
cf-ray: 893a9012eda34d3d-FRA
timing-allow-origin: 39666904.fs1.hubspotusercontent-na1.net
x-amz-cf-id: UFI_dl7b0Jl_eTRXplE_MydgqztHe7qHUPvfgXVBlghBZ946KEtIEw==

GET
H2 200 Tooltip-f20fb632.css
39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/221/js_client_assets/assets/ 3 KB
90 B 117ms
116ms Other
text/css 2606:4700:4400::ac40:9284
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/221/js_client_assets/assets/Tooltip-f20fb632.css
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9284 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f20fb6328a121a22aab9616a52310c6bab4fd7d683a35e5cacd8afbc236492a4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-167654885520,FD-167655797834,P-39666904,FLS-ALL
age: 2408532
x-amz-request-id: YR02PNGHY85DFK4W
x-amz-server-side-encryption: AES256
edge-cache-tag: F-167654885520,FD-167655797834,P-39666904,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-meta-access-tag: public-not-indexable
etag: W/"c61853a76bec17d9243236d5bc51a19c"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-meta-created-unix-time-millis: 1715893200159
access-control-allow-origin: *
content-type: text/css
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:50 GMT
via: 1.1 4f2a14569b371893f3851a804b6ae8dc.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: A4HmJxzlV8jBQZRBaHHHNgJJX0ECdm1H
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: Miss from cloudfront
cache-tag: F-167654885520,FD-167655797834,P-39666904,FLS-ALL
x-amz-meta-index-tag: none
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-id-2: cAR+0Hji2m1AEU8E+xICwwJc7llQjefwvbSGwnAxohwQ2+QVp2k+4F9S71zkrQGIsb8CqeERhV4=
last-modified: Thu, 16 May 2024 21:00:01 GMT
server: cloudflare
cf-ray: 893a9012eda74d3d-FRA
timing-allow-origin: 39666904.fs1.hubspotusercontent-na1.net
x-amz-cf-id: ZeDQyr9xgvP2c_RbPd_QUxEI3eAYHrwVK_9htC5IZDAofzpCsooYdA==

GET
H2 200 island-runtime.mjs Show response
static.hsappstatic.net/cms-js-static/ex/js/island-runtime/v1/ 4 KB
2 KB 498ms
497ms Script
application/javascript 2606:4700::6811:af5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/cms-js-static/ex/js/island-runtime/v1/island-runtime.mjs

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:af5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3305eba930cdb81a9e972a226ad23973429e7726f2e9f5e7669b6c910372b853

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Origin: https://netenrich.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
x-amz-version-id: Zjl1Ow4Mnf3or6yZx7oPofKZ_guKlE29
content-encoding: gzip
cf-cache-status: MISS
via: 1.1 e3f7f612cf7d05edb500a43ad2f70e96.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 04 Jun 2024 17:57:17 GMT
server: cloudflare
etag: W/"9ac35d54d086e975a40cc28e56a69b38"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2BUrNW3WTNoevMRMb%2BeryyI0g%2F99Js%2FyMl%2B3b3wJuxkoEVL%2BGeciKJjB1D1tuHLWXi%2Fg7YvQyOmIoRMwa7hWnsSGFSJlJBWdvYbeIc6kpJYlirPRo7xpu85jerjpWiXyOLBbCKHFqPUA740a6ewh6DNKoF4%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: public, max-age=60
cf-ray: 893a9012eed965d1-FRA
x-amz-cf-id: nGKhvemRVI2S48kmp5tnKanlR8WDXAJJEFWdy-dKgNOBQxfDme1QJg==
expires: Fri, 14 Jun 2024 13:11:50 GMT

GET
H3 200 json Show response
netenrich.com/_hcms/forms/embed/v3/form/128884/2cdeda77-b5d1-4d8e-9b86-d734e175d511/ 29 KB
6 KB 434ms
434ms XHR
application/json 104.18.29.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netenrich.com/_hcms/forms/embed/v3/form/128884/2cdeda77-b5d1-4d8e-9b86-d734e175d511/json?hs_static_app=forms-embed&hs_static_app_version=1.5387&X-HubSpot-Static-App-Info=forms-embed-1.5387

Requested by

Host: netenrich.com
URL: https://netenrich.com/_hcms/forms/v2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a73bb1792086262e15aeb5c6f75fe36b71875521786fdb578f55248ad9827053

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-origin-hublet: na1
date: Fri, 14 Jun 2024 13:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 921ad99b-0e3f-433e-ad64-ce33f3ad6a18
content-security-policy: upgrade-insecure-requests
x-envoy-upstream-service-time: 30
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 921ad99b-0e3f-433e-ad64-ce33f3ad6a18
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-max-age: 180
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-q4fbt
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SSop2tcXtdbg3TYrJuCHomNljahEenwXkAcnbS5xVI%2B%2FqZiFIOcvkogMjHaH5Rk%2FTRyDA9icnC9iOybyBdeB08b%2BQkqHTIANu2VOXKr5L4lh%2BY6jvQP7o9UirNmZeik%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 893a90131d64bf51-WAW
access-control-allow-headers: *
x-robots-tag: none

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 3 KB
4 KB 121ms
40ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

11704397b6749e8c42e63f30a4821859a11a4dc9e36083f9e842fb6fdaa5b139

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Jun 2024 13:10:50 GMT
content-md5: qb9e8MOL2cHjpbmlxa6ctg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2780, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: tEqFkG5+9wCsbrAT2i6exvSIxQaKQ/LVRDtlXAFbT1O1MtTeqmxwKHjX0cxfW4PXDXMcFcW/BmlKKWeguuoQFA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: a5b29b59e9c480b5952efa44d57ac7ca
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "80a2dced485178408b68f5ae7f484b1a"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer: 1
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 14 Jun 2024 13:26:14 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 189ms
40ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668A) /
Resource Hash: 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 14 Jun 2024 13:10:50 GMT
Content-Encoding: gzip
Age: 1494
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27597
Last-Modified: Mon, 11 Dec 2023 17:20:28 GMT
Server: ECS (frb/668A)
Etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H3 200 sdk.js Show response
connect.facebook.net/en_GB/ 299 KB
86 KB 84ms
43ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=677446a44da9fd7c939dacfcfd4db23c

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

760070c7fa3439c655194fa2ac743c755286e3e538bf8c1fa453ec505e6e8710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Origin: https://netenrich.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Jun 2024 13:10:50 GMT
content-md5: tzd8qVAr7lmYgPszSNKkoQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87607
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=23, mss=1232, tbw=4297, tp=9, tpl=0, uplat=3, ullat=-1
x-fb-debug: xIiv41xgbOe0F7/OK6MX98VHekYgu5NXmXS/wJWA64+Wzlf9/8rFNiiWdgG5DCP0MEenX0xSgPyI0Q6zJQ4xOg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 7d48c0a2ca2f09034a7d1085e29baef4
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "8929b18c2a17b9660804e2a60f740bb3"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 14 Jun 2025 12:27:08 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 152ms
51ms Script
application/javascript 2606:4700::6810:6efe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: netenrich.com
URL: https://netenrich.com/hs/scriptloader/128884.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6efe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Origin: https://netenrich.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
age: 161
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.503/bundles/project.js&cfRay=893a8c295e7f1c3e-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"7d377a186677c174f204d466b8fa5fdb"
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: collected-forms-embed-js/static-1.503/bundles/project.js
date: Fri, 14 Jun 2024 13:10:50 GMT
x-amz-version-id: WQne3xdBhaNpu67z_dXMAVxQ_qJQQf8W
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 7eefe38d76087dfad8e2f0b7702246ee.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C3
x-hubspot-correlation-id: 670b940a-a2fd-45b2-8a50-babcbc6fe65b
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-request-id: 670b940a-a2fd-45b2-8a50-babcbc6fe65b
last-modified: Wed, 15 May 2024 14:34:44 UTC
server: cloudflare
access-control-max-age: 3000
x-hs-cache-status: MISS
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-rcvgx
cf-ray: 893a9014ad843a3e-FRA
x-amz-cf-id: hGbtYsq0JXrHIt2ryBKIBqf_pcALbgzC5iuS6pLnoIKOT09zBwIVpw==

GET
H2 200 128884.js Show response
js.hs-analytics.net/analytics/1718370600000/ 68 KB
24 KB 260ms
173ms Script
text/javascript 2606:4700::6811:afc9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1718370600000/128884.js
Requested by: Host: netenrich.com
URL: https://netenrich.com/hs/scriptloader/128884.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:afc9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9c41adbd166375898afd9ddd079181fa831ae8ce6113884d85857d8ff1748f9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: MISS
x-amz-request-id: 92JJJH9C5ZBQ29V7
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 1c2de9ee-0a72-4b9c-98a1-231a17b24f5e
x-envoy-upstream-service-time: 24
x-amz-id-2: zr2w1RhoxuA08sd4a14bg1IB7ALDOznNpmBJVI79upQ9z4jmDAKDj+x/NH9I0jZiSQF020J6fX0=
x-evy-trace-listener: listener_https
x-request-id: 1c2de9ee-0a72-4b9c-98a1-231a17b24f5e
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 31 May 2024 05:01:03 GMT
server: cloudflare
etag: W/"218f29b726f7178cef5bcdf52aba7def"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-gnznr
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 893a90149f7e03ac-FRA
expires: Fri, 14 Jun 2024 13:15:50 GMT

GET
H2 200 web-interactives-embed.js Show response
js.hubspot.com/ 82 KB
24 KB 262ms
163ms Script
application/javascript 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/web-interactives-embed.js

Requested by

Host: netenrich.com
URL: https://netenrich.com/hs/scriptloader/128884.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a89c8b374ed1c8906af70baa4a0f75993a4a43aa7545786598cf820e4d02517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Origin: https://netenrich.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1183/bundles/project.js&cfRay=893a9014ab0030cc-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"71d30408e8a4394bc3200e642ab7802d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-hs-target-asset: web-interactives-embed/static-2.1183/bundles/project.js
date: Fri, 14 Jun 2024 13:10:50 GMT
x-amz-version-id: c.dt9hh6keM4m12BcMYa6Rr6MpVATgRK
x-content-type-options: nosniff
cf-cache-status: EXPIRED
via: 1.1 156336391961f724345f6534c674b6ea.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD89-C3
x-hubspot-correlation-id: 77ffaf04-d8ea-452b-af9c-54d7bf44e374
x-cache: Hit from cloudfront
cache-tag: staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 4
x-evy-trace-route-configuration: listener_https/all
x-request-id: 77ffaf04-d8ea-452b-af9c-54d7bf44e374
last-modified: Thu, 13 Jun 2024 15:47:04 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2HK3ZFkLxAdvJQ0TGJLg0PdqAKrB32Z%2B7nLQVzBNdH8ThAySb0o2FGb2l24tEAxuevMlj%2FZMvQht6b8sdubvMH0djAx4HNAstNpZsKSCb52Qvp9dft9G8kwFMZ2I4t8FgzdkzGuIwXVIqeOm"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-mgch5
cf-ray: 893a9014ab0030cc-FRA
x-amz-cf-id: P6pdV1YiWLFHKzJSMcEKqBoUH_r5zAfqu4p5tp-Lmk1hWwIJUc6ALw==

GET
H2 200 conversations-embed.js Show response
js.usemessages.com/ 85 KB
24 KB 160ms
74ms Script
application/javascript 2606:4700::6810:4e8e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.usemessages.com/conversations-embed.js

Requested by

Host: netenrich.com
URL: https://netenrich.com/hs/scriptloader/128884.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4e8e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

089a2a4f2d6b7ba7a035e27acb41b1789cb3b1f5fd165d8bd54ddee7dcab4f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
x-amz-version-id: sL8KOhWUlTwf766F9ud3L.BsGnM8BVu6
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 613faec4b883bfe2ebdd8a74d5006f4c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: IAD89-C3
age: 93
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.16616/bundles/project.js&cfRay=893a8dcdbc99085c-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: e8fca518-4ff6-4b4f-858c-caab0d58d821
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e8fca518-4ff6-4b4f-858c-caab0d58d821
last-modified: Wed, 12 Jun 2024 20:15:05 UTC
server: cloudflare
etag: W/"9764365a96ddc7a9017a5e438f632178"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-lw8xd
cf-ray: 893a90149b8235e5-FRA
x-amz-cf-id: se3yWZaPxygGIcD0AykvH4mLXqGv6JddPWp6pFNU8DQKcGKKO954KQ==
x-hs-target-asset: conversations-embed/static-1.16616/bundles/project.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/128884/ 77 KB
27 KB 138ms
51ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/128884/banner.js
Requested by: Host: netenrich.com
URL: https://netenrich.com/hs/scriptloader/128884.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 159f484481abdd54f0202ef89ba14fb80c4497ee19a2cd7d3547502aa108ed44

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
x-amz-version-id: dhnzTjKCUnB0tNg_yry3zatWqWkoP0NP
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: 4JN7HGZDGG9R27DF
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 5222d9b8-8408-4c00-a45b-d5aa83c574e8
age: 160
x-envoy-upstream-service-time: 137
x-amz-id-2: 0FGJ6sTWCJ56V3qd892KOLLyajPPf3MkfhjwxZKBVvheCuo/rdLUl/cJxVRmFOM19ERYapujrYQ=
x-evy-trace-listener: listener_https
x-request-id: 5222d9b8-8408-4c00-a45b-d5aa83c574e8
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 31 May 2024 05:00:49 GMT
server: cloudflare
etag: W/"dc3062e7a7ff607cd4a4f6b5c89ae661"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://support.netenrich.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-2r68v
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 893a90149b129188-FRA
expires: Fri, 14 Jun 2024 13:13:10 GMT

GET
H/1.1 200
OK widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 2D08 0
0 155ms
39ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fnetenrich.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C0) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 7031408
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105429
Content-Type: text/html; charset=utf-8
Date: Fri, 14 Jun 2024 13:10:50 GMT
Etag: "81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:49 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67C0)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 cf-location Show response
js.hs-banner.com/v2/ 2 B
145 B 141ms
55ms Fetch
text/plain 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/cf-location
Requested by: Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/128884/banner.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=1500
cf-ray: 893a90157ed19bc2-FRA
content-length: 2

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 134 B
394 B 180ms
172ms XHR
application/json 2606:4700::6810:6efe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=128884&utk=

Requested by

Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:6efe , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d40cb1f086e878228e348a6959a27cb804448a8305498e2fb0133e0c40d52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 52a70935-8a57-44ab-9c08-938bfccf30f9
x-envoy-upstream-service-time: 8
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 52a70935-8a57-44ab-9c08-938bfccf30f9
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://netenrich.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-rcvgx
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 893a90152e4a3a3e-FRA

GET
H3 200 widget Show response
netenrich.com/_hcms/livechat/ 3 KB
4 KB 350ms
349ms XHR
application/json 104.18.29.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netenrich.com/_hcms/livechat/widget?portalId=128884&conversations-embed=static-1.16616&mobile=false&messagesUtk=439a2b43cc594395a5e14766951f95b1&traceId=439a2b43cc594395a5e14766951f95b1

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6ef3fcaeea4697a10f7b5a33b4ce73faf3fbb4b614be8d5ded45d85c8097d56

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
X-HubSpot-Messages-Uri: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy: upgrade-insecure-requests
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7020a5d9-1c18-4653-8b5c-c4a13f158805
x-envoy-upstream-service-time: 104
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7020a5d9-1c18-4653-8b5c-c4a13f158805
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-jwsqc
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I4p7kDeKFtoCdBqd4W4QNRnMqLuTV3vIGdAjdhYNEsqE%2BNtxDIlMLBDez%2BcMTzQFnVlYeW2qkaDaBaXZbMsD9GZpFjutFYLyt%2FzSmslfNEQWeD%2Bd1NKgVocPccx7bEc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 893a9015280ebf51-WAW
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

GET
H2 200 combinedConfigs Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/ 3 KB
2 KB 341ms
339ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?contentIds=166301402018&contentIds=166299908487&portalId=128884&currentUrl=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&contentId=131497384969

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9b65250e68e50a58ea8fd4268909004f60a9e5cf1d0fce02c8346854bef84a5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 38dbe386-a155-4f4a-8d9c-3090edd91d98
x-envoy-upstream-service-time: 80
content-length: 896
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 38dbe386-a155-4f4a-8d9c-3090edd91d98
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://netenrich.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cnRgLU7%2FBlRzQR7s1awYd9iLoQ9LtVKPfj1w41k2c7Ml4PoTNYWMzuyJCymeVW9c6GAmoxz66GvR9P2OQLEP%2FYAjjpY4I4BrLUutNykKEuiAumypkeB%2B5cCA6SWFq2SmQDfAiia2qogWC82nJ0F9oLZHi0%2B19zdRCWs%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 893a9015ccb130cc-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-fj6v4

GET
H2 200 html Show response
cta-service-cms2.hubspot.com/web-interactives/public/v1/render/ 2 KB
2 KB 217ms
215ms Fetch
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/render/html?contentIds=166301402018&contentIds=166299908487&portalId=128884&currentUrl=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&contentId=131497384969&isHubspotPage=true

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b92b108d69b5d9696c396c6151c31c058d000bab32a2960daca748adb3650eb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f5b2af7f-465f-4047-8524-8c5607eb513b
x-envoy-upstream-service-time: 56
content-length: 810
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f5b2af7f-465f-4047-8524-8c5607eb513b
server: cloudflare
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://netenrich.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: true
cache-control: max-age=0, no-cache, no-store
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VJFlKbMaH3ydJrqw6P6V3Qij0oncq6JiB5PKzvGUTt1sCTA1JtaRuezPQFlyjxikYjK%2FR3B3P0FL%2BzV2wyKtXAeAfrgPjr4Hr6BtlNeYZJTLAgEs1gY1OBzc37DwK3Yiz9g7GeLldxTtlnhBMUxCc38tYV38tio8qNI%3D"}],"group":"cf-nel","max_age":604800}
x-robots-tag: noindex, follow
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
cf-ray: 893a9015ccb730cc-FRA
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-rxkvm

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
885 B 229ms
176ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-DEFINITION_SUCCESS&count=1

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1e986ba2-486d-4b17-8d49-35b9a1a5402f
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1e986ba2-486d-4b17-8d49-35b9a1a5402f
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-fvfhp
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 893a90162d03bf25-WAW

GET
H3 200 counters.gif
forms-na1.hsforms.com/embed/v3/ 35 B
845 B 209ms
180ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-na1.hsforms.com/embed/v3/counters.gif?key=forms-embed-v2-RENDER_SUCCESS&count=1

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 508ecc97-ccf0-4627-a90f-39954f8240e2
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 508ecc97-ccf0-4627-a90f-39954f8240e2
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-plld4
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 893a90162d0bbf25-WAW

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 330 KB
110 KB 74ms
73ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKFBWW5

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1d210077a7d5d787c977cdc515b8020f18ecf90a645f9ca2feb54641235ba78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112131
x-xss-protection: 0
last-modified: Fri, 14 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Jun 2024 13:10:50 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
865 B 136ms
49ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap

Requested by

Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/128884/banner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fba31c2cd9699431dba47604216525f9bcc0cb1d5980fbae9b19c8b86454d2fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 14 Jun 2024 13:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 14 Jun 2024 12:51:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jun 2024 13:10:50 GMT

POST
H2 204 view
js.hs-banner.com/v2/activity/ 0
0 184ms
184ms Fetch 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-banner.com/v2/activity/view

Requested by

Host: js.hs-banner.com
URL: https://js.hs-banner.com/v2/128884/banner.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator, envoyset-translator
x-hubspot-correlation-id: aa1ff78e-3340-40a4-b57d-4fc5b8d860f8
x-envoy-upstream-service-time: 35
x-evy-trace-route-configuration: listener_http/all, listener_https/all
x-evy-trace-listener: listener_http, listener_https
x-request-id: aa1ff78e-3340-40a4-b57d-4fc5b8d860f8
server: cloudflare
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-evy-trace-virtual-host: all, all
x-evy-trace-served-by-pod: iad02/private-hubapi-td/envoy-proxy-5f998ff6dc-cpbk6, iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-gnznr
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-allow-origin: https://netenrich.com
access-control-allow-credentials: true
access-control-max-age: 604800
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 893a9016f9079bc2-FRA

OPTIONS
H2 200 view
js.hs-banner.com/v2/activity/ Frame 0
0 149ms
149ms Preflight
application/octet-stream 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/activity/view
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://netenrich.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://netenrich.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
access-control-max-age: 604800
cf-cache-status: DYNAMIC
cf-ray: 893a90160f869bc2-FRA
content-length: 0
content-type: application/octet-stream
date: Fri, 14 Jun 2024 13:10:50 GMT
server: cloudflare
timing-allow-origin: *
vary: origin
x-envoy-upstream-service-time: 0
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-78cb6f459b-gnznr
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 65aa5044-291f-4eac-9eab-7e7595e1eded
x-request-id: 65aa5044-291f-4eac-9eab-7e7595e1eded

GET
H2 200 BlogAudioModule-0395bc00.js Show response
39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/221/js_client_assets/assets/ 601 B
910 B 74ms
74ms Script
application/javascript 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/221/js_client_assets/assets/BlogAudioModule-0395bc00.js
Requested by: Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/cms-js-static/ex/js/island-runtime/v1/island-runtime.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab4aff40ac5c3a9f740a6434e739d9a55d0f2e6d5f53bb7ec7335db15f63ed46

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://static.hsappstatic.net/cms-js-static/ex/js/island-runtime/v1/island-runtime.mjs
Origin: https://netenrich.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-167654805301,FD-167655797834,P-39666904,FLS-ALL
age: 63964
x-amz-request-id: N0W2GYASZR0GRZHW
x-amz-server-side-encryption: AES256
edge-cache-tag: F-167654805301,FD-167655797834,P-39666904,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-meta-access-tag: public-not-indexable
etag: W/"ed2f4daca3aa9d5efc23a341c67d567f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1715893199967
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:50 GMT
via: 1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: cbDUtFIMtSwy4H3I1p9XnzYvB7iJq.ru
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-167654805301,FD-167655797834,P-39666904,FLS-ALL
x-amz-meta-index-tag: none
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-id-2: LhD4HAAEa8GQREtS7JNODqA0fqJSUIjdDoVDXDUKzOjTYvcruAKj9uLuHg6f5VKoJz+UBmDsevk=
last-modified: Thu, 16 May 2024 21:00:00 GMT
server: cloudflare
cf-ray: 893a90161fe830c9-FRA
timing-allow-origin: 39666904.fs1.hubspotusercontent-na1.net
x-amz-cf-id: TgcLpB93ioTUq975AfOuId53IdqkhyPmcbZFRIYhBuodzNNlapmmTw==

GET
H2 204 has-permission-json Show response
app.hubspot.com/content-tools-menu/api/v1/tools-menu/ 0
760 B 446ms
350ms XHR
text/plain 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission-json?portalId=128884

Requested by

Host: netenrich.com
URL: https://netenrich.com/hs/hsstatic/HubspotToolsMenu/static-1.321/js/index.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: no-sniff
cf-cache-status: DYNAMIC
x-hs-worker-debug-mode: false
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: bfa2d454-96c5-4e09-a77c-33e8b8a6c99a
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=893a9016baa24d28&resource=unknown"
x-evy-trace-listener: listener_https
x-request-id: bfa2d454-96c5-4e09-a77c-33e8b8a6c99a
server: cloudflare
vary: origin, Accept-Encoding
access-control-allow-methods: GET
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
access-control-allow-origin: https://netenrich.com
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-wlmbb
cache-control: max-age=0
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 893a9016baa24d28-FRA

GET
H2 200 public Show response
api-na1.hubapi.com/comments/v3/comments/thread/ 76 B
896 B 468ms
368ms Script
application/javascript 2606:4700::6812:f36c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-na1.hubapi.com/comments/v3/comments/thread/public?portalId=128884&offset=0&limit=10000&contentId=131497384969&collectionId=333284061&callback=jsonp_1718370650558_38800

Requested by

Host: netenrich.com
URL: https://netenrich.com/hs/hsstatic/AsyncSupport/static-1.122/js/comment_listing_asset.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:f36c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9de3a925cbe4406570dcaf58d0ba631f70928f58c0e957766133b461dcdab1a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 59ef94b2-3dc3-4519-b288-2507811004da
content-encoding: br
x-envoy-upstream-service-time: 7
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 59ef94b2-3dc3-4519-b288-2507811004da
server: cloudflare
vary: origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bc4BvuVyi4ll2im1AYIZy9Ta3bWy5BmTFKlk0Fb8RkemeQRpMraL3T%2FnSbULuNmuaxeBhrW4WpbeXfIqGyaliPsnbTHtCFwubWyAqmsrYjPbPV5UzYRZuz8jyj4p9o9IWmMZwsT9sUkzmFBa8ZDjgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-rsdn9
access-control-allow-credentials: false
cf-ray: 893a9016b8165d9f-FRA

GET
H2 200 share_button.php
www.facebook.com/v3.0/plugins/ Frame AFB7 0
0 446ms
366ms Document
text/html 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.0/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfa2c16ee21fc95036%26domain%3Dnetenrich.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fnetenrich.com%252Ff4945110058aa548b%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&layout=button_count&locale=en_GB&sdk=joey

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js?hash=677446a44da9fd7c939dacfcfd4db23c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: zstd
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jun 2024 13:10:50 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v14.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7380345745458395852"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7380345745458395852", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=10, mss=1297, tbw=2794, tp=-1, tpl=-1, uplat=322, ullat=0
x-fb-debug: z4ptCxbzyIBdeLuLj1RJs27Dff8WmCMfFwynR9dIrMr6O4yHRHYma5qhGbs3P7KD/Y/GHBnRShDgEYpglsZM/g==
x-xss-protection: 0

GET
H3 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
850 B 229ms
227ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=3

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ffa288a7-93f6-46f6-9ee5-3a42425ca98c
x-envoy-upstream-service-time: 10
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: ffa288a7-93f6-46f6-9ee5-3a42425ca98c
server: cloudflare
vary: origin
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-cgx6f
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none
cf-ray: 893a90164d2ebf25-WAW

GET
H2 200 AudioPlayer-f82ab71f.js Show response
39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/221/js_client_assets/assets/ 36 KB
14 KB 95ms
95ms Script
application/javascript 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/221/js_client_assets/assets/AudioPlayer-f82ab71f.js
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a37b5ac02e83d20db0e01006abf5ded9a7cb6a96abb5040bd6539a67facad4e2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/221/js_client_assets/assets/BlogAudioModule-0395bc00.js
Origin: https://netenrich.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-167657410200,FD-167655797834,P-39666904,FLS-ALL
age: 137811
x-amz-request-id: 1KZ5N2A9Z9C7S41H
x-amz-server-side-encryption: AES256
edge-cache-tag: F-167657410200,FD-167655797834,P-39666904,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-meta-access-tag: public-not-indexable
etag: W/"b723e281254b9c204509aa9d7a0cdaf7"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1715893199663
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:50 GMT
via: 1.1 d1c024cefd6257426def0fc2fd2fb7ba.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: a8Tv6vUY7T1Mc9QIHsRoE9C1Jqt2NME7
x-amz-cf-pop: IST50-P2
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-167657410200,FD-167655797834,P-39666904,FLS-ALL
x-amz-meta-index-tag: none
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-id-2: 7hzRGmbmDOji+c1skzogMAh+BoayQX3u6esX6UVt6BEAIaooAqKIp5JXwrNpQ0a0NRno2qkR5AQaujzR4tquxDuBERyJzAR4k5DnRI2JL2A=
last-modified: Thu, 16 May 2024 21:00:00 GMT
server: cloudflare
cf-ray: 893a9016988630c9-FRA
timing-allow-origin: 39666904.fs1.hubspotusercontent-na1.net
x-amz-cf-id: uNzW0xykp-vBa3QjO6_7MZ8ML5pUFzSL4EIcRk0nuDkXXTcbNtgG6Q==

GET
H2 200 Translations-94002250.js Show response
39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/221/js_client_assets/assets/ 383 B
1 KB 72ms
72ms Script
application/javascript 2606:4700:4400::6812:297c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/221/js_client_assets/assets/Translations-94002250.js
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:297c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 850b7422ac8b0ba4f667db9d1cddc5d760641431268fa9e611220f86f2ef9beb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/221/js_client_assets/assets/BlogAudioModule-0395bc00.js
Origin: https://netenrich.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: br
x-amz-meta-cache-tag: F-167656856630,FD-167655797834,P-39666904,FLS-ALL
age: 601441
x-amz-request-id: VSEHQ4AQG6XYGBTE
x-amz-server-side-encryption: AES256
edge-cache-tag: F-167656856630,FD-167655797834,P-39666904,FLS-ALL
x-amz-replication-status: COMPLETED
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-meta-access-tag: public-not-indexable
etag: W/"ecdca0bdde50d028ecbc84eb6cabe2ad"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1715893199084
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: none
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:50 GMT
via: 1.1 6ca8e27dbbf453f10039db7154486394.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-version-id: mnvm8G_GiAzSnkzb4umKlwHjDJ8bRlDF
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-167656856630,FD-167655797834,P-39666904,FLS-ALL
x-amz-meta-index-tag: none
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-id-2: Mh8/QXQl+XkMbicEv45ABaeKQ0MnwLNxI5dGjAWMh1/RQTBbeF4JoVb1GZrYaeb0vIj0UhwBELM=
last-modified: Thu, 16 May 2024 21:00:00 GMT
server: cloudflare
cf-ray: 893a9016988830c9-FRA
timing-allow-origin: 39666904.fs1.hubspotusercontent-na1.net
x-amz-cf-id: 2PwWJrVW1LA8vXoO7N6SABL-hM7y4YYdHZ8EFG-eK2XB-i40gmFiow==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKFBWW5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 14 Jun 2024 12:29:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2502
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 14 Jun 2024 14:29:08 GMT

GET
H2 200 8170.js Show response
script.crazyegg.com/pages/scripts/0099/ 7 KB
3 KB 618ms
519ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0099/8170.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKFBWW5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb3df8892e2145862279f895ab3a7c84eac1b1cb72b5358f3c23325ab65ff95a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:51 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 14 Jun 2024 13:10:51 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
ce-version: 11.5.221
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 893a90178c992c23-FRA
content-length: 2461

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 47 KB
17 KB 200ms
63ms Script
application/javascript 2a02:26f0:3100::1735:2823
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKFBWW5

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2823 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 20 May 2024 16:52:20 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=69890
accept-ranges: bytes
content-length: 16683

GET
H2 200 app.js Show response
scatec.io/t/ 34 KB
10 KB 253ms
134ms Script
application/javascript 34.120.116.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://scatec.io/t/app.js?id=e7e2c29a-fb48-47e3-97d3-fe4bdab50350&mode=gtm-template

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKFBWW5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.116.101 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

101.116.120.34.bc.googleusercontent.com

Software

Resource Hash

ed1466b5922a88a97d4192470e36b2c6fcf1cf94e23e3754d44a71877be2f8ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
last-modified: Thu, 13 Jun 2024 11:48:23 GMT
via: 1.1 google
etag: W/"666adc87-89bc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
57 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 14 Jun 2024 13:10:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58024
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=20, mss=1297, tbw=6625, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: QiDsxfid7kk5GkwA62mP0ezNawT9f08rQ9vSuILnCUMBFzj04Vk55Y0E1LT4QMsjDnHvAR1SskiP1+PwtiaTUw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 61dd90b099faa8001c628fb2 Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 428ms
372ms Script
text/javascript 104.16.118.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/61dd90b099faa8001c628fb2

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.118.43 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

58e0026622999c60893e5e51b4d02705bca759c705542aa4046620d834b1fd09

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type,requestFromZITag,unifiedScriptVerified,_zitok,_vtok,visited-url
alt-svc: h3=":443"; ma=86400
cf-ray: 893a90174ecf34d3-WAW

GET
H2 200 tags.js Show response
tag.clearbitscripts.com/v1/pk_b1a4bd8b467a95966f5c0565871ccd15/ 16 KB
5 KB 312ms
223ms Script
application/javascript 2600:9000:2670:8800:7:d7d6:3c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.clearbitscripts.com/v1/pk_b1a4bd8b467a95966f5c0565871ccd15/tags.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKFBWW5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2670:8800:7:d7d6:3c40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Clearbit /

Resource Hash

ec27aafeef48bbed9741946792bdea6ddf5d9f1cbc377fbe1cab6b573adfdf40

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
via: 1.1 79d85d2de1f5aa38558ef6bab6274390.cloudfront.net (CloudFront)
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: FRA56-P9
etag: W/"4a3f4649c7f6d2962fa14e8b237e453d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
x-amz-cf-id: b24X7h3uRNdmd5sFhLRDFIBzBBRQyIRVQsxq1MGEkkHSfot3MZ5LbQ==

GET
H2 200 lftracker_v1_lYNOR8xpgOq8WQJZ.js Show response
sc.lfeeder.com/ 31 KB
11 KB 166ms
48ms Script
application/javascript 2600:9000:2250:ac00:4:d7e1:700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc.lfeeder.com/lftracker_v1_lYNOR8xpgOq8WQJZ.js
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:ac00:4:d7e1:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7132b1dec37b9e44bff9262a86d81a709899270fd6575382926beb840fe0e70

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: pZb4j_AfEFmyfdmKEIT46gHo13s5NfNG
content-encoding: br
via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
date: Fri, 14 Jun 2024 12:37:54 GMT
last-modified: Tue, 28 May 2024 07:08:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 1977
x-amz-server-side-encryption: AES256
etag: W/"c71ff235c52097971ed21dace3c7e10f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: jEBdKNtaskVeSsIE-b-BjIlUtEY_ZgJJUYrDZVZGl3yfAbWLGrZ0ww==

GET
H2 200 42oln8temh Show response
www.clarity.ms/tag/ 637 B
1000 B 983ms
800ms Script
application/x-javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/42oln8temh?ref=gtm2
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e1fa121ced1f32890fe758e7f432921bf704f2412f62326f051f511f4bcc2544

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Fri, 14 Jun 2024 13:10:51 GMT
x-azure-ref: 20240614T131050Z-15f57b858d4dlpg6f4skruvx7000000001dg000000001hy3
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 637
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
24 KB 128ms
41ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,400;0,700;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://netenrich.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 05:05:37 GMT
x-content-type-options: nosniff
age: 115513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 05:05:37 GMT

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
578 B 330ms
317ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=inline-interactive-render-success&value=1

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 142a5df7-e807-44e3-8fbc-6e463e90e50e
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 142a5df7-e807-44e3-8fbc-6e463e90e50e
last-modified: Fri, 14 Jun 2024 13:10:51 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-sdxr7
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 893a9017cfcebf25-WAW

GET
H/1.1 200
OK button.856debeac157d9669cf51e73a08fbc93.js Show response
platform.twitter.com/js/ 8 KB
3 KB 40ms
39ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/668A) /
Resource Hash: 426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 14 Jun 2024 13:10:50 GMT
Content-Encoding: gzip
Age: 7038284
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 2620
Last-Modified: Mon, 11 Dec 2023 17:19:47 GMT
Server: ECS (frb/668A)
Etag: "fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=315360000

GET
H2 200 cdn.js Show response
js.hubspot.com/ut-js/ 35 KB
13 KB 69ms
69ms Script
application/javascript 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hubspot.com/ut-js/cdn.js

Requested by

Host: 39666904.fs1.hubspotusercontent-na1.net
URL: https://39666904.fs1.hubspotusercontent-na1.net/hubfs/39666904/raw_assets/media-default-modules/master/221/js_client_assets/assets/AudioPlayer-f82ab71f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45e407b3b8e70ff049f5b227099572a1560572859d6add8d56f10ca2e718dc0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
age: 316
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=usage-tracker-cdn/static-1.696/bundles/cdn.js&cfRay=893a885a7a72380e-FRA
x-amz-replication-status: COMPLETED
x-evy-trace-listener: listener_https
etag: W/"ede446f3197dd3ba61e97bd2a7bc0af4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
cache-control: s-maxage=600, max-age=300, stale-while-revalidate=86400, immutable, must-revalidate
x-hs-target-asset: usage-tracker-cdn/static-1.696/bundles/cdn.js
date: Fri, 14 Jun 2024 13:10:50 GMT
x-amz-version-id: 3pCqmeefhWThWkW_QvLsKdVB.bRFZGB3
x-content-type-options: nosniff
cf-cache-status: HIT
via: 1.1 077b94dab77b8114aebf503be197d7d8.cloudfront.net (CloudFront)
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD89-C3
x-hubspot-correlation-id: 19912ab1-c742-4813-97fd-10d9208bbe07
x-cache: Hit from cloudfront
cache-tag: staticjsapp-usage-tracker-cdn-web-prod,staticjsapp-prod
x-envoy-upstream-service-time: 1
x-evy-trace-route-configuration: listener_https/all
x-request-id: 19912ab1-c742-4813-97fd-10d9208bbe07
last-modified: Thu, 23 May 2024 14:43:11 UTC
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f9AoHiRO5Ztfn%2FlSJmTMdOaX6bhZA4p0hdz4otS9qvNyJkHn4FOre1ILQnAv50DdKYur4OtU%2FnxqKgd92kg8GaXwvdQc7sk8XOiWDZlrNBcxrQXz%2FnKxCcLnCICnPtwjwhAbOVwJBwwsTfYx"}],"group":"cf-nel","max_age":604800}
x-hs-cache-status: HIT
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-r5jtt
cf-ray: 893a90173b5a4d28-FRA
x-amz-cf-id: CoPsfYgJHqDG3rnNo6yI-jNF_jXc7WBLKVTsJttiWDuEYCwskX0qEg==

GET
H2 200 439a2b43cc594395a5e14766951f95b1
app.hubspot.com/conversations-visitor/128884/threads/utk/ Frame 3A34 0
0 321ms
240ms Document
text/html 2606:4700::6810:7574
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/conversations-visitor/128884/threads/utk/439a2b43cc594395a5e14766951f95b1?uuid=ba4a3a350a514b76886aa02c4f48c517&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=netenrich.com&inApp53=false&messagesUtk=439a2b43cc594395a5e14766951f95b1&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=true&hideScrollToButton=true

Requested by

Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7574 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	no-sniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: false
age: 692
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 893a9017d8213656-FRA
content-encoding: gzip
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.19068/html/index.html&cfRay=893a9017d8213656&reqUrl=https%3A%2F%2Fapp.hubspot.com%2Fconversations-visitor%2F128884%2Fthreads%2Futk%2F439a2b43cc594395a5e14766951f95b1%3Fuuid%3Dba4a3a350a514b76886aa02c4f48c517%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Dnetenrich.com%26inApp53%3Dfalse%26messagesUtk%3D439a2b43cc594395a5e14766951f95b1%26url%3Dhttps%253A%252F%252Fnetenrich.com%252Fblog%252Fdiscovering-the-adhubllka-ransomware-family%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dtrue%26hideScrollToButton%3Dtrue&referrer=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&cfenv=prod&pdt=2024-06-14&csp=ro
content-type: text/html; charset=utf-8
date: Fri, 14 Jun 2024 13:10:51 GMT
etag: W/"8367b67895459da38bca0a103604ec83"
last-modified: Wed, 12 Jun 2024 20:15:05 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints: default="https://send.hsbrowserreports.com/csp/reports?cfRay=893a9017d8213656&resource=conversations-visitor-ui/static-1.19068/html/index.html"
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin, Accept-Encoding
via: 1.1 c84ecfd128e1f4c41a53a2b42410f3b8.cloudfront.net (CloudFront)
x-amz-cf-id: CkA-jJeViz04ICz59mqWNr8EJqiZoFbyehwtMZXL1IThivBVPwSgzg==
x-amz-cf-pop: IAD89-C3
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: sOSp0KVqL43pFulL.BQB2kP.OidxqNP2
x-cache: Hit from cloudfront
x-content-type-options: no-sniff
x-envoy-upstream-service-time: 10
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-68b7f7fbff-qbnbs
x-evy-trace-virtual-host: all
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.19068/html/index.html
x-hs-worker-debug-mode: false
x-hubspot-correlation-id: b5dcae14-a157-40e6-9913-f32ac5eb7c00
x-request-id: b5dcae14-a157-40e6-9913-f32ac5eb7c00

GET
H3 200 222020709404491 Show response
connect.facebook.net/signals/config/ 60 KB
12 KB 40ms
40ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/222020709404491?v=2.9.158&r=stable&domain=netenrich.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

4be4f6ed26b8f23b29021f8d73dfd1607e88e221a17721774f6d8506fc87bca5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 14 Jun 2024 13:10:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12395
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=23, mss=1232, tbw=4324, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 6nDPfsNHyUbqX/qxdN5/la30thFdx0ZDfOB4/lQ1dH3nKigt8EtLgP5p2CNYnnEwUTRS8c3X2hgDezZBo8Zbqw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
579 B 196ms
196ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 06c7d231-abd5-4a6c-85fe-34ecbfb0ebdb
x-envoy-upstream-service-time: 11
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 06c7d231-abd5-4a6c-85fe-34ecbfb0ebdb
last-modified: Fri, 14 Jun 2024 13:10:51 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-md7fl
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 893a90181842bf25-WAW

GET
H2

200

blank001.gif
static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/
Redirect Chain

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/track/view?webInteractiveId=326434714387&containerType=EMBEDDED&portalId=128884&audienceId=null&pageUrl=https%3A%2F%2Fnetenrich.com%2...
https://static.hubspot.com/img/trackers/blank001.gif
https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif

43 B
643 B

54ms
54ms

Image
image/gif

2606:4700::6811:af5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Server

2606:4700::6811:af5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

115c7f3cf61e4ec19070b9e59e20e78756d39d193eb9b544065059b9935d2491

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 14 Jun 2024 13:10:51 GMT
via: 1.1 3345a8f17bb96a1199a195b00a8d2c0e.cloudfront.net (CloudFront)
x-amz-version-id: MFfZlkR4U8_6aknbgflTSIqo4fNbniK3
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 749450
x-amz-cf-pop: CDG52-P2
cf-polished: origSize=49, status=webp_bigger
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
cf-bgj: imgq:85,h2pri
last-modified: Thu, 15 Apr 2021 16:47:19 GMT
server: cloudflare
etag: "51416c7ff0b9d7efc8c9b16d84052fab"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QG19icfc5Gbdr7L3%2FgOF%2BDSH1QL02NJOP19pF8xe0ohczsrW9x%2FzTAXA4k68ehP73n3GAQ0txtBVHuM2NhAQihOOicAY2uVz1t%2F%2BcquuIX0n9GWR2nPuoDTpTsi9nLPMDeUtOh50SbhHNYn6QTEefULVxHM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 893a9019fb3991f5-FRA
x-amz-cf-id: E9G1DroEnRDN8l7Ya_K1Kxq1EqqVI2zdYLrYNPOQ7-taIkJWueVmog==
expires: Sat, 14 Jun 2025 13:10:51 GMT

Redirect headers

date: Fri, 14 Jun 2024 13:10:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aNCJZo1teqvQ2TohEXUEyDjAuTherquhsBMwJ0jeYRBiGbKWl7ao4YomELVoCyHERinTVVVKlujRhvpsbNMyfULWuZkQDLyge9OL%2FCFrfSXgIeEql5wnS%2BOmNSEyVgMkv0TAjieqnzy8nPg1WbBdFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif
cache-control: max-age=3600
cf-ray: 893a90198f7c4d28-FRA
content-length: 167
expires: Fri, 14 Jun 2024 14:10:51 GMT

GET
H2

200

blank001.gif
static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/
Redirect Chain

https://cta-service-cms2.hubspot.com/web-interactives/public/v1/track/view?webInteractiveId=326434647444&containerType=EMBEDDED&portalId=128884&audienceId=null&campaignId=26dca121-75bf-48e4-8158-79...
https://static.hubspot.com/img/trackers/blank001.gif
https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif

43 B
0

56ms
56ms

Image
image/gif

2606:4700::6811:af5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: H2
Server: 2606:4700::6811:af5b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 115c7f3cf61e4ec19070b9e59e20e78756d39d193eb9b544065059b9935d2491

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 14 Jun 2024 13:10:51 GMT
via: 1.1 3345a8f17bb96a1199a195b00a8d2c0e.cloudfront.net (CloudFront)
x-amz-version-id: MFfZlkR4U8_6aknbgflTSIqo4fNbniK3
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 749450
x-amz-cf-pop: CDG52-P2
cf-polished: origSize=49, status=webp_bigger
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
cf-bgj: imgq:85,h2pri
last-modified: Thu, 15 Apr 2021 16:47:19 GMT
server: cloudflare
etag: "51416c7ff0b9d7efc8c9b16d84052fab"
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QG19icfc5Gbdr7L3%2FgOF%2BDSH1QL02NJOP19pF8xe0ohczsrW9x%2FzTAXA4k68ehP73n3GAQ0txtBVHuM2NhAQihOOicAY2uVz1t%2F%2BcquuIX0n9GWR2nPuoDTpTsi9nLPMDeUtOh50SbhHNYn6QTEefULVxHM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 893a9019fb3991f5-FRA
x-amz-cf-id: E9G1DroEnRDN8l7Ya_K1Kxq1EqqVI2zdYLrYNPOQ7-taIkJWueVmog==
expires: Sat, 14 Jun 2025 13:10:51 GMT

Redirect headers

date: Fri, 14 Jun 2024 13:10:51 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aNCJZo1teqvQ2TohEXUEyDjAuTherquhsBMwJ0jeYRBiGbKWl7ao4YomELVoCyHERinTVVVKlujRhvpsbNMyfULWuZkQDLyge9OL%2FCFrfSXgIeEql5wnS%2BOmNSEyVgMkv0TAjieqnzy8nPg1WbBdFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://static.hsappstatic.net/static-hubspot-com/static-1.270519761/img/trackers/blank001.gif
cache-control: max-age=3600
cf-ray: 893a90198f7c4d28-FRA
content-length: 167
expires: Fri, 14 Jun 2024 14:10:51 GMT

GET
H3 200 hs-web-interactive-128884-167583958873
128884.hs-sites.com/ Frame E1C5 0
0 609ms
542ms Document
text/html 104.19.175.252
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://128884.hs-sites.com/hs-web-interactive-128884-167583958873?enableResponsiveStyles=true

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/web-interactives-embed.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.175.252 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: false
alt-svc: h3=":443"; ma=86400
cache-control: s-maxage=10,max-age=5
cache-tag: CT-167583958873,P-128884,PGS-ALL,SW-3
cf-cache-status: EXPIRED
cf-ray: 893a90185c2abbc0-WAW
content-encoding: gzip
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=utf-8
date: Fri, 14 Jun 2024 13:10:51 GMT
edge-cache-tag: CT-167583958873,P-128884,PGS-ALL,SW-3
last-modified: Fri, 14 Jun 2024 13:08:28 GMT
server: cloudflare
vary: origin, Accept-Encoding
x-content-type-options: nosniff
x-envoy-upstream-service-time: 98
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/cms-hs-sites-td/envoy-proxy-7d555df78d-swdq2
x-evy-trace-virtual-host: all
x-hs-cache-config: BrowserCache-5s-EdgeCache-10s
x-hs-content-campaign-id: c5d8998d-fd83-46b5-948d-779e10e00cd6
x-hs-content-id: 167583958873
x-hs-hub-id: 128884
x-hubspot-correlation-id: 3a0b0e8a-e7e4-4c00-b5a0-3486b2c34e72
x-request-id: 3a0b0e8a-e7e4-4c00-b5a0-3486b2c34e72
x-robots-tag: none

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 126ms
40ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=222020709404491&ev=PageView&dl=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&rl=&if=false&ts=1718370650868&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718370650867.84471780955259272&ler=empty&cdl=API_unavailable&it=1718370650816&coo=false&rqm=GET

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1297, tbw=2785, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 14 Jun 2024 13:10:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
4 KB 235ms
208ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=222020709404491&ev=PageView&dl=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&rl=&if=false&ts=1718370650868&sw=1600&sh=1200&v=2.9.158&r=stable&ec=0&o=4126&fbp=fb.1.1718370650867.84471780955259272&ler=empty&cdl=API_unavailable&it=1718370650816&coo=false&rqm=FGET

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x89fa39a113f0e405","source_keys":["1","2"]},{"key_piece":"0xb5a57fcc93a79b40","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 14 Jun 2024 13:10:51 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7380345750037107432", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=10, mss=1297, tbw=3103, tp=-1, tpl=-1, uplat=168, ullat=0
pragma: no-cache
x-fb-debug: AcNp4FTdEvbmb0LAVGlhgmOn0De4hqogYdmSV8UlduLO2EEonan0l/n09Mpx3f+XvRG8o+fMeW/YufVFeYguag==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7380345750037107432"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame A8D1 0
0 40ms
40ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/674C) /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 7038274
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 12332
Content-Type: text/html; charset=utf-8
Date: Fri, 14 Jun 2024 13:10:50 GMT
Etag: "e29e65db7bf0a096587728e1faacfd9c+gzip"
Last-Modified: Mon, 11 Dec 2023 17:19:48 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/674C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 embeds
syndication.twitter.com/i/jot/ 43 B
292 B 233ms
151ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22Netenrich%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1718370650883%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=2779d87519daedac75f4bd56eaa2f625b0c1f0c9

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-response-time: 112
date: Fri, 14 Jun 2024 13:10:50 GMT
strict-transport-security: max-age=631138519
last-modified: Fri, 14 Jun 2024 13:10:51 GMT
server: tsa_o
vary: Origin
content-type: image/gif
x-transaction-id: 27a0b52496ace1ab
cache-control: must-revalidate, max-age=600
perf: 7402827104
x-connection-hash: 4317d45eccbfd28d00007278423bb663da3473c63fb4bb35123d4f6f78cb4b4a
content-length: 43

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
815 B 259ms
153ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=113428&time=1718370650902&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: *
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
content-encoding: gzip
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: DF1EF54F1DA74B4395881E30883D3EF1 Ref B: FRAEDGE2008 Ref C: 2024-06-14T13:10:51Z
access-control-allow-methods: GET, OPTIONS
x-li-fabric: prod-lva1
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
content-type: application/json
x-li-proto: http/2
x-restli-protocol-version: 1.0.0
access-control-allow-headers: *
x-li-uuid: AAYa2Vg/+AAdt1xRxNEYvg==
x-fs-uuid: 00061ad9583ff8001db75c51c4d118be

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=113428&time=1718370650902&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=113428&time=1718370650902&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D113428%26time%3D1718370650902%26url%3Dhttps%253A%252F%252Fnetenrich.com%252Fblog%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=113428&time=1718370650902&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=113428&time=1718370650902&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&cookiesTest=true&liSync=true&e_ipv...

0
266 B

348ms
245ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=113428&time=1718370650902&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&cookiesTest=true&liSync=true&e_ipv6=AQL21rx5HN8BswAAAZAW31BLPqXoPPgMBFyEDMPyY9jsHM5Lpjy-zS-HKv13VG-SyICHBjE
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 14 Jun 2024 13:10:52 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 3130B85B07164E399F7B03DA838D20B2 Ref B: DUS30EDGE0422 Ref C: 2024-06-14T13:10:52Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYa2VhWt7VHmF+RP/VqMg==

Redirect headers

date: Fri, 14 Jun 2024 13:10:52 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9F32E77D25304D9DBE8BD7AE22791BBA Ref B: FRAEDGE1122 Ref C: 2024-06-14T13:10:52Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=113428&time=1718370650902&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&cookiesTest=true&liSync=true&e_ipv6=AQL21rx5HN8BswAAAZAW31BLPqXoPPgMBFyEDMPyY9jsHM5Lpjy-zS-HKv13VG-SyICHBjE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYa2VhRizneIOKcRbpJHw==

GET
H2 200 /
tr-rc.lfeeder.com/ 43 B
294 B 331ms
146ms Image
image/gif 18.239.83.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr-rc.lfeeder.com/?sid=lYNOR8xpgOq8WQJZ&data=eyJnYVRyYWNraW5nSWRzIjpbXSwiZ2FNZWFzdXJlbWVudElkcyI6WyJHLTBaS05HNjNZVlQiXSwiZ2FDbGllbnRJZHMiOltdLCJjb250ZXh0Ijp7ImxpYnJhcnkiOnsibmFtZSI6ImxmdHJhY2tlciIsInZlcnNpb24iOiIyLjYzLjAifSwicGFnZVVybCI6Imh0dHBzOi8vbmV0ZW5yaWNoLmNvbS9ibG9nL2Rpc2NvdmVyaW5nLXRoZS1hZGh1Ymxsa2EtcmFuc29td2FyZS1mYW1pbHkiLCJwYWdlVGl0bGUiOiJJZGVudGlmeWluZyBBREhVQkxMS0EgUmFuc29td2FyZTogTE9MS0VLLCBCSVQsIE9CWiwgVTJLLCBUWlcgVmFyaWFudHMiLCJyZWZlcnJlciI6IiJ9LCJldmVudCI6InRyYWNraW5nLWV2ZW50IiwiY2xpZW50RXZlbnRJZCI6ImFjYjUwNWI0YzZmMmE0MGMiLCJzY3JpcHRJZCI6ImxZTk9SOHhwZ09xOFdRSloiLCJjb29raWVzRW5hYmxlZCI6dHJ1ZSwiY29uc2VudExldmVsIjoibm9uZSIsImFub255bWl6ZUlwIjpmYWxzZSwibGZDbGllbnRJZCI6IkxGMS4xLmZmYjIxYTk0MjQ1NWM4MWUuMTcxODM3MDY1MDkyNiIsImZvcmVpZ25Db29raWVzIjpbXSwicHJvcGVydGllcyI6e30sImF1dG9UcmFja2luZ0VuYWJsZWQiOnRydWUsImF1dG9UcmFja2luZ01vZGUiOiJzcGEifQ==
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.83.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-83-66.ams58.r.cloudfront.net
Software: CloudFront /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:51 GMT
via: 1.1 f75afc04e5fb2b66fe286e4f840886c6.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS58-P5
x-cache: LambdaGeneratedResponse from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: -ioUxvOvRJX0R2GLb2grI7UMnwsetz0jWYb9VGh1EZF52HgrWT7Z2A==

GET
H2 402 collect
scatec.io/ 21 B
21 B 143ms
143ms Image
text/plain 34.120.116.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://scatec.io/collect?event=pageview&timestamp=1718370650955&campaignId=e7e2c29a-fb48-47e3-97d3-fe4bdab50350&clientId=CAT1.2.19850123.1718370650953&title=Identifying%20ADHUBLLKA%20Ransomware%3A%20LOLKEK%2C%20BIT%2C%20OBZ%2C%20U2K%2C%20TZW%20Variants&location=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&sessionId=78ccd9e8-49b8-4ba3-8654-75891d4872ea

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.116.101 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

101.116.120.34.bc.googleusercontent.com

Software

Resource Hash

a137aa6f1c4d93d3b102967fec9732f985f310cbceefc12d4f4f4a3f928adfa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 21
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 destinations.min.js Show response
x.clearbitjs.com/v2/pk_b1a4bd8b467a95966f5c0565871ccd15/ 0
44 B 486ms
307ms Script
application/javascript 3.127.196.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_b1a4bd8b467a95966f5c0565871ccd15/destinations.min.js

Requested by

Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_b1a4bd8b467a95966f5c0565871ccd15/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.127.196.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-127-196-46.eu-central-1.compute.amazonaws.com

Software

Clearbit /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-response-flags: -
server: Clearbit
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600
content-length: 0

GET
H2 200 tracking.min.js Show response
x.clearbitjs.com/v2/pk_b1a4bd8b467a95966f5c0565871ccd15/ 168 KB
45 KB 401ms
269ms Script
application/javascript 3.127.196.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://x.clearbitjs.com/v2/pk_b1a4bd8b467a95966f5c0565871ccd15/tracking.min.js

Requested by

Host: tag.clearbitscripts.com
URL: https://tag.clearbitscripts.com/v1/pk_b1a4bd8b467a95966f5c0565871ccd15/tags.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.127.196.46 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-127-196-46.eu-central-1.compute.amazonaws.com

Software

Clearbit /

Resource Hash

54c646a9f2c8d222be1292c26771328e9064cb23de26e771a493644987600361

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: private, max-age=600

GET
H2 200 netenrich.com.json Show response
script.crazyegg.com/pages/data-scripts/0099/8170/site/ 19 KB
3 KB 192ms
106ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0099/8170/site/netenrich.com.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0099/8170.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94fdbdeae330fa0e45c9d3d99c58fcae048b5487260e599f3eba73136fffb901

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:51 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 58083
ce-version: 11.5.221
content-length: 3270
last-modified: Thu, 13 Jun 2024 21:02:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 893a901b5ae59bc4-FRA

GET
H2 200 803bc61c3181ac1ae3c1fb621bdd8261.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 106 KB
35 KB 65ms
65ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/803bc61c3181ac1ae3c1fb621bdd8261.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0099/8170.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9622886afb58bc121fa8eda9bec810e49beb28c669a43a2d17d02e5da6e8fa95

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:51 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 06 Jun 2024 18:22:54 GMT
server: cloudflare
age: 70065
cf-polished: origSize=108629
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 893a901c0b422c23-FRA

POST
H2 200 p Show response
app.clearbit.com/v1/ 16 B
1 KB 360ms
262ms XHR
application/json 18.158.205.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.clearbit.com/v1/p

Requested by

Host: x.clearbitjs.com
URL: https://x.clearbitjs.com/v2/pk_b1a4bd8b467a95966f5c0565871ccd15/tracking.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.158.205.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-205-16.eu-central-1.compute.amazonaws.com

Software

Clearbit /

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 14 Jun 2024 13:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-response-flags: -
server: Clearbit
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding, Origin
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://netenrich.com
access-control-expose-headers
content-security-policy-report-only: default-src 'self'; script-src 'unsafe-inline' 'report-sample' 'self' https://browser.sentry-cdn.com https://cdn.amplitude.com/libs/amplitude-5.2.2-min.gz.js https://cdn.clearbit.com https://cdn.segment.com/analytics.js/v1/auzWlbWIBrAsKnGQIiT0X3IjfZyepgW5/analytics.min.js https://checkout.stripe.com https://connect.facebook.net https://edge.fullstory.com/s/fs.js https://fast.appcues.com https://www.google-analytics.com/analytics.js https://x.clearbitjs.com https://cdn.clearbit.com https://*.commandbar.com; style-src 'unsafe-inline' 'report-sample' 'self' https://cdn.clearbit.com https://*.commandbar.com https://fast.appcues.com https://fonts.googleapis.com; object-src 'none'; base-uri 'self'; connect-src 'self' https://api.amplitude.com https://*.commandbar.com https://api.segment.io https://checkout.stripe.com https://rs.fullstory.com https://www.google-analytics.com wss://api.appcues.net https://stats.g.doubleclick.net https://sentry.io https://logo.clearbit.com; font-src 'self' https://fonts.gstatic.com; frame-src 'self' https://*.commandbar.com https://checkout.stripe.com; img-src 'self' https://*.commandbar.com https://*.stripe.com data: https://cdn.clearbit.com https://images.ctfassets.net https://logo.clearbit.com https://www.facebook.com https://connect.facebook.net https://www.google.com https://unpkg.com/react-flag-kit https://cloudfront.net/v1/avatars https://*.googleusercontent.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
access-control-allow-credentials: true
content-type: application/json

GET
H2 200 netenrich.com.json Show response
script.crazyegg.com/pages/data-scripts/0099/8170/sampling/ 160 B
240 B 86ms
85ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0099/8170/sampling/netenrich.com.json?t=477325
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/803bc61c3181ac1ae3c1fb621bdd8261.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 263e6affb17b38da67905afbd164824935e48fefa8d1e0d18e277768099f4477

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:51 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 9673
ce-version: 11.5.221
content-length: 148
last-modified: Fri, 14 Jun 2024 10:29:38 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 893a901c8c819bc4-FRA

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
461 B 437ms
40ms XHR
application/json 13.35.58.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/803bc61c3181ac1ae3c1fb621bdd8261.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-27.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 20 Sep 2023 01:43:28 GMT
via: 1.1 38f2daae6c849ed5f695333a9d4104ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P10
age: 23196445
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: VB0UPOCRG4YQ4I1tpA-Gb2UdklbYzcrhUV4xc0uqiFLytn0I391ZIA==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
460 B 143ms
39ms XHR
application/json 18.66.122.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/803bc61c3181ac1ae3c1fb621bdd8261.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-45.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 20 Dec 2023 01:23:29 GMT
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 15335243
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: 2VsF0Xe5l1t-46pfZnQFssWuMuvhqe7R0-assbnTwpieXD4rARN7Ig==

GET
BLOB 200
OK 38e652cb-997c-4d73-aedc-2968e3a0face
https://netenrich.com/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://netenrich.com/38e652cb-997c-4d73-aedc-2968e3a0face
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 140ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0ZKNG63YVT&gtm=45je46c0v869853017za200&_p=1718370649916&gcs=G100&gcd=13p3pPp2p5&npa=1&dma_cps=-&dma=1&tag_exp=0&gdid=dZTQ1Zm&cid=583891924.1718370652&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_s=1&sid=1718370650&sct=1&seg=0&dl=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&dt=Identifying%20ADHUBLLKA%20Ransomware%3A%20LOLKEK%2C%20BIT%2C%20OBZ%2C%20U2K%2C%20TZW%20Variants&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2688&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0ZKNG63YVT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 14 Jun 2024 13:10:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://netenrich.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 43ms
42ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1109741710&t=pageview&_s=1&dl=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&ul=de-de&de=UTF-8&dt=Identifying%20ADHUBLLKA%20Ransomware%3A%20LOLKEK%2C%20BIT%2C%20OBZ%2C%20U2K%2C%20TZW%20Variants&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aBgAAAABEAAAAAAAIk~&cid=583891924.1718370652&tid=UA-169611029-1&_gid=732133242.1718370652&gtm=45He46c0n81MKFBWW5v830664036za200&gcs=G100&gcd=13p3p3p2p5&dma_cps=-&dma=1&tag_exp=0&npa=1&z=506637156

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 13 Jun 2024 15:14:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78982
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 169ms
81ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5&tag_exp=0&rnd=394339813.1718370652&url=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&dma_cps=-&dma=1&npa=1&gtm=45He46c0n81MKFBWW5v830664036za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKFBWW5

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 14 Jun 2024 13:10:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 85ms
85ms Script
application/javascript 2620:1ec:29:1::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/42oln8temh?ref=gtm2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:29:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:51 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240614T131051Z-15f57b858d4dlpg6f4skruvx7000000001dg000000001k05
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 3b2d0378-601e-0050-1f7f-bdec8b000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
277 B 724ms
303ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://netenrich.com
Date: Fri, 14 Jun 2024 13:10:52 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

GET
H2 200 clock Show response
tracking.crazyegg.com/ 38 B
145 B 206ms
74ms XHR
text/plain 34.248.94.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1718370652122&tk=1d0f90711c001cd9bf03498991113cee&s=367242&p=%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&u=998170&v=89140086829eb3332f62e162e24f84d9d681860c&f=netenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&ul=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/803bc61c3181ac1ae3c1fb621bdd8261.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.94.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-94-5.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 389c136f8921c6c1c1787676ba4e31b4d3dd4eed0e57adf51a0f8c4b27fb972d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 14 Jun 2024 13:10:52 GMT
cache-control: no-store
server: awselb/2.0
content-length: 38
content-type: text/plain

GET
H2 200 dda53996456118190a640875fa0663b1.js Show response
script.crazyegg.com/pages/versioned/trackingpagestate-scripts/ 20 KB
8 KB 58ms
57ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/trackingpagestate-scripts/dda53996456118190a640875fa0663b1.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0099/8170.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ac3da9cfd5c1a08a07b9b3a69d4baf42d25ff62dcc6b65789b94a770091fe30

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:52 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 06 Jun 2024 18:23:06 GMT
server: cloudflare
age: 70066
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 893a90214a912c23-FRA

GET
BLOB 200
OK a93297f3-58ab-444a-902f-6288665ec8a4
https://netenrich.com/ 241 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://netenrich.com/a93297f3-58ab-444a-902f-6288665ec8a4
Requested by: Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a377ae48aa2433faeb6e0a94551bdcb4fb44da7e202acb3a69cafc0cbc805874

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 241
Content-Type: text/javascript

GET
H2 200 556f7559f794c4b7f3fa7753ad882b97.js Show response
script.crazyegg.com/pages/versioned/tracking-scripts/ 95 KB
30 KB 57ms
56ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/tracking-scripts/556f7559f794c4b7f3fa7753ad882b97.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0099/8170.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec688b269aa77744428bb41565d2b49b9fa83e868dc62a713359605a9ba65b51

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:52 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 06 Jun 2024 18:23:04 GMT
server: cloudflare
age: 70065
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
cf-ray: 893a9021ab142c23-FRA

GET
H3 200 counters.gif
perf-na1.hsforms.com/embed/v3/ 35 B
580 B 217ms
217ms Image
image/gif 104.18.80.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf-na1.hsforms.com/embed/v3/counters.gif?key=interactive-shown&value=1

Requested by

Host: netenrich.com
URL: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.80.204 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 1bbd3795-fe28-4407-a255-9aa52b65da38
x-envoy-upstream-service-time: 17
alt-svc: h3=":443"; ma=86400
content-length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 1bbd3795-fe28-4407-a255-9aa52b65da38
last-modified: Fri, 14 Jun 2024 13:10:52 GMT
server: cloudflare
vary: origin, Accept-Encoding
content-type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-9fd6b4b-fj6v4
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 893a90231c56bf25-WAW

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
192 B 229ms
229ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Accept: *
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:52 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 1B77AE70E5E547BF84920B6424B2FC96 Ref B: FRAEDGE1122 Ref C: 2024-06-14T13:10:52Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://netenrich.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYa2Vhab3d0sseHZRfSNg==

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
871 B 242ms
242ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3598200494&v=1.1&a=128884&pi=131497384969&ct=blog-post&ccu=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&cpi=131497384969&cgi=333284061&lpi=131497384969&lvi=131497384969&lvc=en&pu=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&t=Identifying+ADHUBLLKA+Ransomware%3A+LOLKEK%2C+BIT%2C+OBZ%2C+U2K%2C+TZW+Variants&cts=1718370652870&vi=46ac73846210f8b7ce9c375d66591f53&nc=true&u=64409904.46ac73846210f8b7ce9c375d66591f53.1718370652863.1718370652863.1718370652863.1&b=64409904.1.1718370652863&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: d0fd84ef-8a09-4787-b124-06fadf9b7547
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 15
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: d0fd84ef-8a09-4787-b124-06fadf9b7547
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=miiZdQRHzpaZ%2BLXqdlHUufRLILvzm3PYKVZH92Ijaff8vlsQNeoGadc5%2F6yjWjFOeJlqstUMyaxDT0Bgo1OFAeI80wLwPFoLAJN0blRgH6qpCexzTgUXdAXnlW9ugSeC6VSYQ%2FccX2kLv6G6kwQF"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-xnssc
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 893a902499df4d28-FRA
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
912 B 198ms
198ms Image
image/gif 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=2cdeda77-b5d1-4d8e-9b86-d734e175d511&fci=fc9c1865-2229-406f-8fdb-58e4aa030c27&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-de&bfp=3598200494&v=1.1&a=128884&pi=131497384969&ct=blog-post&ccu=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&cpi=131497384969&cgi=333284061&lpi=131497384969&lvi=131497384969&lvc=en&pu=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&t=Identifying+ADHUBLLKA+Ransomware%3A+LOLKEK%2C+BIT%2C+OBZ%2C+U2K%2C+TZW+Variants&cts=1718370652874&vi=46ac73846210f8b7ce9c375d66591f53&nc=true&u=64409904.46ac73846210f8b7ce9c375d66591f53.1718370652863.1718370652863.1718370652863.1&b=64409904.1.1718370652863&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 9c9c1a5f-6c54-4215-bf58-a77d8cf9aa60
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 6
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 9c9c1a5f-6c54-4215-bf58-a77d8cf9aa60
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8lkVhaTH6dDl69UUpCd629rrH7H3H19cr%2Fkh%2BSjXpP6tK%2B5MFb%2Fr%2F5z9l2I3jrLFx2RRC1Z6GzqPUR4Rxgje4KxbissjugMUUYzBCQLHmOAYfg8tHwFwry49QqGnj6JfTKaqFDdnd%2BUVGs42rWt8"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-76d96f8b5d-qz296
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 893a9024a9eb4d28-FRA
x-robots-tag: none

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FF36ADD20D874F7DB4D34C8DA168A22A&RedC=c.clarity.ms&MXFR=054338FC177D66AE3F4B2C62137D6884
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FF36ADD20D874F7DB4D34C8DA168A22A&MUID=102A0587D9E06E370CBD1119D86B6F21

42 B
464 B

58ms
57ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FF36ADD20D874F7DB4D34C8DA168A22A&MUID=102A0587D9E06E370CBD1119D86B6F21
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jun 2024 13:10:53 GMT
last-modified: Fri, 01 Mar 2024 22:54:48 GMT
server: Microsoft-IIS/10.0
etag: "3e26b762b6cda1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 14 Jun 2024 13:10:52 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 706F65AC9D8D47B6BB279C8566EB7F4E Ref B: FRA31EDGE0210 Ref C: 2024-06-14T13:10:53Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FF36ADD20D874F7DB4D34C8DA168A22A&MUID=102A0587D9E06E370CBD1119D86B6F21
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
DATA 200
OK truncated
/ 371 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 126f3dcbd089125cb9ced50c741a5f3c179321e3d0e31bc276c2df2b097da34c

Request headers

Referer
Origin: https://netenrich.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
71 KB 76ms
73ms Script
application/javascript 216.58.212.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-169611029-1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MKFBWW5

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f136.1e100.net

Software

Google Tag Manager /

Resource Hash

24c01da4a71fde8dd2e1687c503ac99aa07b01e8f5d441d2a732c139fb2776c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 13:10:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72415
x-xss-protection: 0
last-modified: Fri, 14 Jun 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Jun 2024 13:10:52 GMT

GET
H3 200 Icon-Color.svg
netenrich.com/hubfs/logos/brand-logo/tiny-svg/ 185 B
2 KB 98ms
98ms Other
image/svg+xml 104.18.29.212
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://netenrich.com/hubfs/logos/brand-logo/tiny-svg/Icon-Color.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.29.212 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af350d0630a25e840a60ff1910bd902023ca47b861dc0ccf18ef28e9d96a8be8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
x-amz-meta-cache-tag: F-169374381947,FD-107369597565,P-128884,FLS-ALL
age: 15989
x-amz-request-id: TAFDBXMVB815VEKW
x-amz-server-side-encryption: AES256
edge-cache-tag: F-169374381947,FD-107369597565,P-128884,FLS-ALL
x-amz-replication-status: PENDING
x-hs-cf-lambda: us-east-1.EnforceAclForReads 3
x-amz-meta-access-tag: public-indexable
etag: W/"84e891cb84a069e14067b3141d880989"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
x-amz-meta-created-unix-time-millis: 1717486841998
cache-control: s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag: all
x-hs-cf-lambda-enforce: us-east-1.EnforceAclForReads 3
date: Fri, 14 Jun 2024 13:10:52 GMT
strict-transport-security: max-age=31536000
via: 1.1 b08e1d433d62b5ab056680968a8cc7ea.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id: l1ISg8.oWB9a8Oj4QE2NB0AYa4Qfc91T
x-amz-cf-pop: FRA60-P7
x-hs-alternate-content-type: text/plain
x-cache: RefreshHit from cloudfront
cache-tag: F-169374381947,FD-107369597565,P-128884,FLS-ALL
x-amz-meta-index-tag: all
x-amz-storage-class: INTELLIGENT_TIERING
alt-svc: h3=":443"; ma=86400
x-amz-id-2: hi41EpDlZoX2cgPQl2WBTqTh9gX1y2ZuSedHrXiESp84ZgjtkTMTKVuIcUwHDlbM9nGDMOJvbiU=
last-modified: Tue, 04 Jun 2024 07:40:43 GMT
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ztz8J904F6J5F7P1ClT4%2BHjR7uQw8ho5SJ11bqZ%2BdbUp%2BPUpjvYThhe6%2FIn7nbbTfombSR%2Fruca1p6awVtrBTrjqc33Qrq4gMSYB64M40z2IIE7ueLZirCR%2BZqCO%2Bg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 893a9024be2cbf51-WAW
timing-allow-origin: d8fk70yj6xfhx.cloudfront.net
x-amz-cf-id: nntV8xiXmQHIKF-EULuET252SylwCzH2TzjdKn4UE-KUhKzfYegE1w==

POST
H/1.1 204
No Content collect Show response
x.clarity.ms/ 0
277 B 129ms
128ms XHR
text/plain 20.114.190.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://x.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://netenrich.com
Date: Fri, 14 Jun 2024 13:10:53 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78

POST
H3 402 collect
scatec.io/ 21 B
40 B 151ms
151ms Ping
text/plain 34.120.116.101
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://scatec.io/collect

Requested by

Host: scatec.io
URL: https://scatec.io/t/app.js?id=e7e2c29a-fb48-47e3-97d3-fe4bdab50350&mode=gtm-template

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.116.101 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

101.116.120.34.bc.googleusercontent.com

Software

Resource Hash

a137aa6f1c4d93d3b102967fec9732f985f310cbceefc12d4f4f4a3f928adfa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 14 Jun 2024 13:10:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
content-length: 21
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
0 1ms
1ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-169611029-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 14 Jun 2024 12:29:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2502
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 14 Jun 2024 14:29:08 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
40ms Image
image/gif 216.58.206.46
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1109741710&t=pageview&_s=1&dl=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&ul=de-de&de=UTF-8&dt=Identifying%20ADHUBLLKA%20Ransomware%3A%20LOLKEK%2C%20BIT%2C%20OBZ%2C%20U2K%2C%20TZW%20Variants&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aBgAAQABEAAAAAAAIk~&cid=583891924.1718370652&tid=UA-169611029-1&_gid=1489062886.1718370654&gtm=457e46c0za200&gcs=G100&gcd=13p3p3p2p5&dma_cps=-&dma=1&tag_exp=0&did=dZTQ1Zm&gdid=dZTQ1Zm&jsscut=1&npa=1&z=1832625564

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.46 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 14 Jun 2024 11:40:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5423
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 no-auth
app.hubspot.com/api/usage-logging/v1/log/hublytics-multi/ 2 B
1 KB 196ms
193ms Ping
application/json 2606:4700::6810:7674
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.hubspot.com/api/usage-logging/v1/log/hublytics-multi/no-auth?clientSendTimestamp=1718370654823&dil=true

Requested by

Host: js.hubspot.com
URL: https://js.hubspot.com/ut-js/cdn.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7674 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 14 Jun 2024 13:10:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 7259da78-6906-4f9d-9a97-2f6e71d02baf
x-envoy-upstream-service-time: 24
server-timing: hcid;desc=7259da78-6906-4f9d-9a97-2f6e71d02baf
content-length: 2
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 7259da78-6906-4f9d-9a97-2f6e71d02baf
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://netenrich.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5d47c8d44f-qnkzx
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound
access-control-max-age: 604800
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AHFXOV%2BUQlaw9Pptl3ea9yFJYZX45amcamfYQWTtQhTIEggnwW2ptZcRNsGmblW%2FJ%2FHDA9%2BA37aeKy9buAKP%2FqqjVBnSCg4%2Fggun%2BLPTTpFoOZ06PZX62vuo4%2BSR1sopsBpaLZn%2FZMUGxNJKcA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 893a9030cd5a4d28-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, X-HubSpot-Static-App-Info, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId
timing-allow-origin: *

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 49ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-0ZKNG63YVT&gtm=45je46c0v869853017z8830664036za200&_p=1718370649916&gcs=G100&gcd=13p3pPp2p5&npa=1&dma_cps=-&dma=1&tag_exp=0&gdid=dZTQ1Zm&cid=583891924.1718370652&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.55%7CGoogle%2520Chrome%3B126.0.6478.55&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=AAAC&_s=2&sid=1718370650&sct=1&seg=1&dl=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&dt=Identifying%20ADHUBLLKA%20Ransomware%3A%20LOLKEK%2C%20BIT%2C%20OBZ%2C%20U2K%2C%20TZW%20Variants&en=page_view&ep.false=true&_et=5&tfd=7715&_z=sendBeacon
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0ZKNG63YVT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://netenrich.com/blog/discovering-the-adhubllka-ransomware-family
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 14 Jun 2024 13:10:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://netenrich.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hsforms.com/	1970-01-20 21:19:32	Name: __cf_bm Value: M0mqv8W0QQyzP4SivQKGAC8uzXNIk3JPNVkSnaTwYtI-1718370650-1.0.1.1-48Mx4ljbZqZGE48hvw4BPgM4Fx2vvKzWIDQEJYc4p8m24aDlNL62eRuJnZf6tCDjvX7H5519khnuLCMhdOLpcw
.hsforms.com/	1969-12-31 23:59:59	Name: _cfuvid Value: lgcH1JZRXT1sHcWzcrdJTckSPukgkme1LTBLcPmOBm4-1718370650783-0.0.1.1-604800000
.netenrich.com/	1970-01-20 23:29:06	Name: _fbp Value: fb.1.1718370650867.84471780955259272
.netenrich.com/	1970-01-21 06:05:06	Name: _lfa Value: LF1.1.ffb21a942455c81e.1718370650926
.netenrich.com/	1970-01-21 06:05:06	Name: _cat Value: CAT1.2.19850123.1718370650953
.ws.zoominfo.com/	1970-01-21 06:05:06	Name: visitorId Value: 04890811ae19eeacf76a090510b12ea1a4f94dafb740f318a345525b769399e6
.zoominfo.com/	1970-01-20 21:19:32	Name: __cf_bm Value: U.hJ4QTvYj_deVtGkjig5pebKOXpXJ8s9JLHSqn17no-1718370651-1.0.1.1-cj5s2H90RvuyjrvX2ILQ5BtQ6vT3CkDgg1.FOBvM0qZvNlx_CJiOdrI4YIv0MvefCOrDn86RSPQA61R_WG0N_g
.zoominfo.com/	1969-12-31 23:59:59	Name: _cfuvid Value: ofGkQikY7aJ6TU__OjiehUdTLNC2yA3ix6mRLNTWmrw-1718370651092-0.0.1.1-604800000
.netenrich.com/	1970-01-21 01:38:42	Name: messagesUtk Value: 439a2b43cc594395a5e14766951f95b1
.netenrich.com/	1970-01-21 06:05:06	Name: cb_user_id Value: null
.netenrich.com/	1970-01-21 06:05:06	Name: cb_group_id Value: null
.netenrich.com/	1970-01-21 06:05:06	Name: cb_anonymous_id Value: %228a628b7f-76f3-4c67-a40c-b9cada72167a%22
.linkedin.com/	1970-01-20 23:29:06	Name: li_sugr Value: 07533ea4-c73c-4c37-a553-4fe3f3c3e9f4
.linkedin.com/	1970-01-21 06:05:06	Name: bcookie Value: "v=2&eb33e8ba-18b7-4106-8aad-0874ba4be1d2"
.linkedin.com/	1970-01-20 21:20:57	Name: lidc Value: "b=OGST08:s=O:r=O:a=O:p=O:g=2897:u=1:x=1:i=1718370651:t=1718457051:v=2:sig=AQHMjILMX4dFOyy7TdDUG3pplm0aGadt"
.netenrich.com/	1969-12-31 23:59:59	Name: _ce.irv Value: new
.netenrich.com/	1969-12-31 23:59:59	Name: cebs Value: 1
www.clarity.ms/	1970-01-21 06:05:06	Name: CLID Value: dbf256c900064a899cb777e21317256d.20240614.20250614
.netenrich.com/	1970-01-21 06:05:06	Name: _clck Value: 1ehrn8b%7C2%7Cfmm%7C0%7C1626
.linkedin.com/	1970-01-20 22:02:42	Name: UserMatchHistory Value: AQIivrswc2qCkQAAAZAW305qSDlbUK5t2RoD1KLwLtB4ycLSAjxzO2WwAmHbBCfwpJFTNMdzWl_Kjw
.linkedin.com/	1970-01-20 22:02:42	Name: AnalyticsSyncHistory Value: AQL9LCahFwgF3gAAAZAW305qYTGIgOLL1psQX4RqHal2Q3WUsuek8Iv53_4026GVOuWgRTHmUi_J9286rGnuNA
.www.linkedin.com/	1970-01-21 06:05:06	Name: bscookie Value: "v=1&2024061413105141c2aac3-1c69-4c9f-805d-8011836229b2AQFmAhzyF-V44HXDR-6xW1sNglLUhSbp"
.linkedin.com/	1970-01-21 01:38:42	Name: li_gc Value: MTswOzE3MTgzNzA2NTE7MjswMjECJbmrI8z6BLNHg3MWPri8SlGKe2SyRv6u0gVlULt4Sw==
.netenrich.com/	1970-01-20 21:20:57	Name: _ce.clock_event Value: 1
.netenrich.com/	1970-01-20 21:20:57	Name: _ce.clock_data Value: 32%2C80.255.7.107%2C1%2Cf1f6b29a6cc1f79a0fea05b885aa33d0%2CChrome%2CDE
.netenrich.com/	1969-12-31 23:59:59	Name: cebsp_ Value: 1
.netenrich.com/	1970-01-21 06:05:06	Name: _ce.s Value: v~89140086829eb3332f62e162e24f84d9d681860c~lcw~1718370652338~lva~1718370651678~vpv~0~v11.cs~367242~v11.s~86c14210-2a4f-11ef-8d61-d78ce660afe3~lcw~1718370652338
.hs-sites.com/	1969-12-31 23:59:59	Name: __cfruid Value: afbb5b0bacf470da2c3bcf747cd464277ce6c5dc-1718370652
.netenrich.com/	1970-01-20 21:20:57	Name: _clsk Value: smk75q%7C1718370652707%7C1%7C1%7Cx.clarity.ms%2Fcollect
netenrich.com/	1970-01-21 01:38:42	Name: __hstc Value: 64409904.46ac73846210f8b7ce9c375d66591f53.1718370652863.1718370652863.1718370652863.1
netenrich.com/	1970-01-21 01:38:42	Name: hubspotutk Value: 46ac73846210f8b7ce9c375d66591f53
netenrich.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
netenrich.com/	1970-01-20 21:19:32	Name: __hssc Value: 64409904.1.1718370652863
.netenrich.com/	1970-01-20 21:19:32	Name: __cf_bm Value: tWpd7Q_MDfvgaDz9aIQjIEfZF_hGU8qro1UJbe0SmrE-1718370652-1.0.1.1-OLswzMU.jAln5WnXR4XPiyvm4CntudCIJRHfmEOO0czlp1y7r2jz6ClJz2dhkO1U_O7zAFThQORC6pEcIy9yMg
.netenrich.com/	1969-12-31 23:59:59	Name: __cfruid Value: 5e84d514650737ab1f3db29aab5cf4587c1d2fb0-1718370652
.bing.com/	1970-01-21 06:41:06	Name: MUID Value: 102A0587D9E06E370CBD1119D86B6F21
.c.bing.com/	1970-01-20 21:29:35	Name: MR Value: 0
.c.bing.com/	1970-01-21 06:41:06	Name: SRM_B Value: 102A0587D9E06E370CBD1119D86B6F21
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 06:41:06	Name: MUID Value: 102A0587D9E06E370CBD1119D86B6F21
.c.clarity.ms/	1970-01-20 21:29:35	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 21:19:31	Name: ANONCHK Value: 0
.hubspot.com/	1970-01-20 21:19:32	Name: __cf_bm Value: CZgKijYx0nKakx7eKZ_VbCt52iJqsJxzBAawqrRUr6o-1718370655-1.0.1.1-pUVkmCeQZKkz08642rsbQxuzh51X3JMCCTHYZ_5EVieKo4ihPpTkD8ToQyVDulGcD98NxxzVLhpelavo_1UQaA
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: AiBAJWUk6sZX2SK178.ceWF.qSfyNcHkz57zqrctJHY-1718370655911-0.0.1.1-604800000

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://scatec.io/collect?event=pageview&timestamp=1718370650955&campaignId=e7e2c29a-fb48-47e3-97d3-fe4bdab50350&clientId=CAT1.2.19850123.1718370650953&title=Identifying%20ADHUBLLKA%20Ransomware%3A%20LOLKEK%2C%20BIT%2C%20OBZ%2C%20U2K%2C%20TZW%20Variants&location=https%3A%2F%2Fnetenrich.com%2Fblog%2Fdiscovering-the-adhubllka-ransomware-family&sessionId=78ccd9e8-49b8-4ba3-8654-75891d4872ea Message: Failed to load resource: the server responded with a status of 402 ()
network	error	URL: https://scatec.io/collect Message: Failed to load resource: the server responded with a status of 402 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

128884.fs1.hubspotusercontent-na1.net
128884.hs-sites.com
39666904.fs1.hubspotusercontent-na1.net
api-na1.hubapi.com
app.clearbit.com
app.hubspot.com
assets-tracking.crazyegg.com
c.bing.com
c.clarity.ms
cdn2.hubspot.net
connect.facebook.net
cta-service-cms2.hubspot.com
fonts.googleapis.com
fonts.gstatic.com
forms-na1.hsforms.com
forms.hscollectedforms.net
forms.hsforms.com
js.hs-analytics.net
js.hs-banner.com
js.hscollectedforms.net
js.hubspot.com
js.usemessages.com
netenrich.com
pagead2.googlesyndication.com
pagestates-tracking.crazyegg.com
perf-na1.hsforms.com
platform.linkedin.com
platform.twitter.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
sc.lfeeder.com
scatec.io
script.crazyegg.com
snap.licdn.com
static.hsappstatic.net
static.hubspot.com
syndication.twitter.com
tag.clearbitscripts.com
tr-rc.lfeeder.com
track.hubspot.com
tracking.crazyegg.com
unpkg.com
ws.zoominfo.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.linkedin.com
x.clarity.ms
x.clearbitjs.com
104.16.118.43
104.18.29.212
104.18.80.204
104.18.88.62
104.19.175.252
104.244.42.8
13.107.42.14
13.35.58.27
157.240.0.6
18.158.205.16
18.239.83.66
18.66.122.45
20.114.190.119
2001:4860:4802:34::36
216.58.206.46
216.58.212.136
216.58.212.162
2600:9000:2250:ac00:4:d7e1:700:93a1
2600:9000:2670:8800:7:d7d6:3c40:93a1
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:2800:234:59:254c:406:2366:268c
2606:4700:4400::6812:22e5
2606:4700:4400::6812:297c
2606:4700:4400::ac40:9284
2606:4700::6810:4e8e
2606:4700::6810:6efe
2606:4700::6810:7574
2606:4700::6810:7674
2606:4700::6811:af5b
2606:4700::6811:afc9
2606:4700::6811:f8cb
2606:4700::6812:1dd4
2606:4700::6812:f36c
2606:4700::6813:9408
2620:1ec:21::14
2620:1ec:29:1::45
2620:1ec:c11::237
2a00:1450:4001:80b::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:831::200a
2a02:26f0:3100::1735:2823
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.127.196.46
34.120.116.101
34.248.94.5
68.219.88.97
0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8
043cfebfa4ec302e0368eadbae54853a5b6caff633b3d1e02a32f2cd2f71e1fd
04bcf4dcb045d57f040ae091c4359ad66819cca73b3a6307b0e13ff63f91afd9
089a2a4f2d6b7ba7a035e27acb41b1789cb3b1f5fd165d8bd54ddee7dcab4f12
0db2b8a5378da25cdcada19dc2492b0b5e215f5eb9c7f1131db607be9aaf8bb1
10bcc81da88bb60d7f0b8df32d4bc7953268fb4d44e9a9d8aca98c020c579c10
115c7f3cf61e4ec19070b9e59e20e78756d39d193eb9b544065059b9935d2491
11704397b6749e8c42e63f30a4821859a11a4dc9e36083f9e842fb6fdaa5b139
126f3dcbd089125cb9ced50c741a5f3c179321e3d0e31bc276c2df2b097da34c
12ba54a7acc0e192734c0985cfd00c04f3447c19ddffc9619b67cac107456f57
151a1622b0d73e0fe3a2f7ccf20f20a4b2b6b5b6878ebec7de8b06b77d89aa12
151fbdbb420761759cb84fb37f0765faaa24dd3a10cdb7ff54f9029a8f92c1d0
159f484481abdd54f0202ef89ba14fb80c4497ee19a2cd7d3547502aa108ed44
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
24c01da4a71fde8dd2e1687c503ac99aa07b01e8f5d441d2a732c139fb2776c9
263e6affb17b38da67905afbd164824935e48fefa8d1e0d18e277768099f4477
26b089bae9a21fc8b11a5e96c9be00be08dbb83b8ee88721845c18f682f9c7d1
2a89c8b374ed1c8906af70baa4a0f75993a4a43aa7545786598cf820e4d02517
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
3305eba930cdb81a9e972a226ad23973429e7726f2e9f5e7669b6c910372b853
389c136f8921c6c1c1787676ba4e31b4d3dd4eed0e57adf51a0f8c4b27fb972d
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45e407b3b8e70ff049f5b227099572a1560572859d6add8d56f10ca2e718dc0d
482246d76f3af4849f6dc64b57bf5822df1d4ce0920823caa7b45f8a1a48bf99
4adb7831865a2a887ca2cac64fcbb9715c01e7f3bae951cf9f6df7df7e312559
4be4f6ed26b8f23b29021f8d73dfd1607e88e221a17721774f6d8506fc87bca5
4e11c5e343207d11c5d88db4a5e6ed9d1bec922ff9a3b40b8631fdef84b6a969
4f2b1d32241758db7748beef6f79403c974a780b30aef31fc2c5599bc5c9bae1
53a3dc763a0bd679523a77f5610e4ab27231fe6763d7089c1c92966daa1663f7
54c646a9f2c8d222be1292c26771328e9064cb23de26e771a493644987600361
557b46264c328526d35d55e8c2c02840b73a5deab11d88f6b34710919dea3725
58e0026622999c60893e5e51b4d02705bca759c705542aa4046620d834b1fd09
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5c71736af0ebc45a33daae647e8b3dd787e2ad795e1387f8aa779ca20790886a
6442d8f23160f841c939c658df9c64877a67ff6c596a13df125b439bcf73a61f
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
760070c7fa3439c655194fa2ac743c755286e3e538bf8c1fa453ec505e6e8710
7ac3da9cfd5c1a08a07b9b3a69d4baf42d25ff62dcc6b65789b94a770091fe30
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
850b7422ac8b0ba4f667db9d1cddc5d760641431268fa9e611220f86f2ef9beb
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
88a328c6eec221c93b11902a17da311aef52be7252081b668d9f3ae716da7394
899d1ec3c095342571d3be2091ec6f984d4cc82390d1f61945c391fa035b00d9
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8e0b01bc51c5b7d77b118d1fc2252d792616ec08f8b3acc0574b21c2bfaf4d63
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94fdbdeae330fa0e45c9d3d99c58fcae048b5487260e599f3eba73136fffb901
9622886afb58bc121fa8eda9bec810e49beb28c669a43a2d17d02e5da6e8fa95
98dfeb1d061e8788b320a130a84723813efed0b2518921f30b40cc8a09bf8ecf
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b65250e68e50a58ea8fd4268909004f60a9e5cf1d0fce02c8346854bef84a5b
9bdadbde2f846fcb4aa12c285bbc113f7f1470f0b5d72dd52671cce3e10ef0a2
9de3a925cbe4406570dcaf58d0ba631f70928f58c0e957766133b461dcdab1a6
a137aa6f1c4d93d3b102967fec9732f985f310cbceefc12d4f4f4a3f928adfa8
a377ae48aa2433faeb6e0a94551bdcb4fb44da7e202acb3a69cafc0cbc805874
a37b5ac02e83d20db0e01006abf5ded9a7cb6a96abb5040bd6539a67facad4e2
a3a045a55ce5bdb56ea57e37b6e25decab1313db2cc462e9c13c29797f2f2dfd
a60abe460a50d7523471f42c084f8b40c42d03d6042dff6d164430fe2b0cb625
a6aa2b4b8e9bffc2525a3df9a517ae89876e34fefde827e5587edd591f16c268
a7132b1dec37b9e44bff9262a86d81a709899270fd6575382926beb840fe0e70
a73bb1792086262e15aeb5c6f75fe36b71875521786fdb578f55248ad9827053
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab4aff40ac5c3a9f740a6434e739d9a55d0f2e6d5f53bb7ec7335db15f63ed46
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae59996935bc4d38092cdfcb128911966ba6dc228867f83eeb77a6bfaf3976f3
af350d0630a25e840a60ff1910bd902023ca47b861dc0ccf18ef28e9d96a8be8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5d40cb1f086e878228e348a6959a27cb804448a8305498e2fb0133e0c40d52d
b92b108d69b5d9696c396c6151c31c058d000bab32a2960daca748adb3650eb2
c1d210077a7d5d787c977cdc515b8020f18ecf90a645f9ca2feb54641235ba78
c5e0a37084a3294633982723e79ddd3af0afa27825d7e3e0b28dd7714594d621
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9c41adbd166375898afd9ddd079181fa831ae8ce6113884d85857d8ff1748f9
cc6feb89fccf3b00229b9c72188394a08b6a773cfebc4b5f17abbd51f858c799
cf3e0ecae28a70c5e010c24c160321243efe54f497d49a6a8f31ca12ee7eb972
d0f37c0ed06bdcb1bad0b97f95ec804a1a0d41ec51ff36e887423e953f68e956
d6e34e980fcc571b82024e51757363f2fd830751342f4ad52c9673013be82f44
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1fa121ced1f32890fe758e7f432921bf704f2412f62326f051f511f4bcc2544
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ef3fcaeea4697a10f7b5a33b4ce73faf3fbb4b614be8d5ded45d85c8097d56
e79ab82e5909071c56baad1b43348ca00a1a53970967f812638c10a449e73bcd
eac58b72aed3883faa3cd723257a86a8c1314c7bcea9d58dbf5b09f9a1bb18dc
eb24743a033792831ff70d2da0f339190c21eb879d8194d7569a358354a091de
eb3df8892e2145862279f895ab3a7c84eac1b1cb72b5358f3c23325ab65ff95a
ec27aafeef48bbed9741946792bdea6ddf5d9f1cbc377fbe1cab6b573adfdf40
ec55540302b7f50421320084c85a660db43bae6f453f7d147c1d46ad4fe9b653
ec688b269aa77744428bb41565d2b49b9fa83e868dc62a713359605a9ba65b51
ed1466b5922a88a97d4192470e36b2c6fcf1cf94e23e3754d44a71877be2f8ae
ed29c38a135cd8575eaa762bc9eaf674c2a546d06bcddcc98df69fd55d533803
ed92c951c39983af4f5fac78a5bab4c390b3faf7c46e2a35256ee38f5443ffa2
ee3184f88b136b6ad521ec8d57fcf138b0c78172ee82e5d8773998bebac6486d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f16a9696b3176614d3fe439def6fd9754fd489877999517b99b3b2f265cb7990
f20fb6328a121a22aab9616a52310c6bab4fd7d683a35e5cacd8afbc236492a4
f826bcac220a5475477ee65fae659b0d8292d038d180a122df67fadb6742ed52
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
fba31c2cd9699431dba47604216525f9bcc0cb1d5980fbae9b19c8b86454d2fc
fc3eb3b3977d5a539871b653bd3e5d50f6a364a17cc3d5beed43fc5928fe1afb

netenrich.com Open in urlscan Pro 2606:4700::6812:1dd4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

134 Requests

95 %HTTPS

58 %IPv6

32 Domains

51 Subdomains

48 IPs

4 Countries

2125 kBTransfer

5393 kBSize

44 Cookies

14 Outgoing links

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

netenrich.com Open in urlscan Pro
2606:4700::6812:1dd4 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

95 %
HTTPS

58 %
IPv6

32
Domains

51
Subdomains

48
IPs

4
Countries

2125 kB
Transfer

5393 kB
Size

44
Cookies

134 HTTP transactions
1 data transactions