urlscan.io logo urlscan.io
SecurityTrails logo

posts.ransomware.live Open in urlscan Pro
2606:50c0:8000::153  Public Scan

Go To Rescan Add Verdict Report
URL: https://posts.ransomware.live/
Submission: On September 01 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 14 HTTP transactions. The main IP is 2606:50c0:8000::153, located in United States and belongs to FASTLY, US. The main domain is posts.ransomware.live.
TLS certificate: Issued by R3 on August 23rd 2023. Valid for: 3 months.
This is the only time posts.ransomware.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:50c0:800... 54113 (FASTLY)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 5 2606:4700::68... 13335 (CLOUDFLAR...)
2 2001:41d0:404... 16276 (OVH)
14 4
Apex Domain
Subdomains		 Transfer
5 unpkg.com
unpkg.com — Cisco Umbrella Rank: 875
76 KB
5 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 320
181 KB
3 ransomware.live
posts.ransomware.live
603 KB
2 mousqueton.io
stats.mousqueton.io
21 KB
14 4
Domain Requested by
5 unpkg.com 1 redirects posts.ransomware.live
5 cdn.jsdelivr.net posts.ransomware.live
cdn.jsdelivr.net
3 posts.ransomware.live posts.ransomware.live
2 stats.mousqueton.io posts.ransomware.live
stats.mousqueton.io
14 4

This site contains links to these domains. Also see Links.

Domain
github.com
twitter.com
ransomware.live
www.google.com
www.ransomware.live
Subject Issuer Validity Valid
posts.ransomware.live
R3		 2023-08-23 -
2023-11-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
stats.mousqueton.io
R3		 2023-08-28 -
2023-11-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://posts.ransomware.live/
Frame ID: 32A26632FFA146B0C831B4C4F2DCD1F2
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

🏴‍☠️ Ransomware Posts

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]+href="[^>]*bootstrap-table(?:\.min)?\.css
  • bootstrap-table(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

14
Requests

93 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

882 kB
Transfer

4033 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://unpkg.com/tableexport.jquery.plugin/tableExport.min.js HTTP 302
  • https://unpkg.com/tableexport.jquery.plugin@1.28.0/tableExport.min.js

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
posts.ransomware.live/ 		3 MB
593 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://posts.ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
2fcf4b41a27781bd8beb80a975b90f56999a3bdb56dfe743b4eb13c56c4bc0b8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
0
cache-control
max-age=600
content-encoding
gzip
content-length
606750
content-type
text/html; charset=utf-8
date
Fri, 01 Sep 2023 13:20:26 GMT
etag
W/"64f1dce4-32c8b3"
expires
Fri, 01 Sep 2023 13:30:25 GMT
last-modified
Fri, 01 Sep 2023 12:45:24 GMT
server
GitHub.com
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-fastly-request-id
4e15e2f6d4ec29aef471cb24ccb265fee6df2429
x-github-request-id
A274:8455:F56A28:FA659C:64F1E519
x-proxy-cache
MISS
x-served-by
cache-fra-eddf8230089-FRA
x-timer
S1693574426.876623,VS0,VE376
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/ 		160 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/css/bootstrap.min.css
Requested by
Host: posts.ransomware.live
URL: https://posts.ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62f74b1cf824a89f03554c638e719594c309b4d8a627a758928c0516fa7890ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://posts.ransomware.live/
Origin
https://posts.ransomware.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:20:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10603482
x-jsd-version
5.1.3
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230022-FRA, cache-yyz4535-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"28021-7Ba9Gb9K6bwuIzasQJpQO7varK0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSuyArhQ8QognooRyu2K9M36%2BW2tZCTgdVYE2AqHqXtsjisrL8sNtUYOBxfrMVEyUipVR8cy6F0FJe0VRKO%2BdMqI4dwqkPIlOgOOtxSl4sImVFWUljPA6DOoOUUzxEPJ97vWBwgggvBQELfSToo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7ffdcf845f3c9000-FRA
bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/ 		72 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/bootstrap-icons.css
Requested by
Host: posts.ransomware.live
URL: https://posts.ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb18ec4bd71814b4e39a5afc8f98be0eabce2c206e811cc4796c5431665e6174
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.ransomware.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:20:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
16519609
x-jsd-version
1.7.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230114-FRA, cache-yyz4544-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"11e37-gaZqnrLenLCs4BvyXVKzdrhY6WA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tiBCGmpqLLpKb2Hjt6JNDdMn8patBiiH%2Fchp1Ub2hBtiFnoqwuvj83hI8l3ynvmufK2IgZQotvNeUcejqBCSO7KjRNs5B%2FcB%2F7mreI%2FqbaOOp%2BfhymKhgEsqYpTshUU7O4xTWm65gFdbe85qBlU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7ffdcf84580e9214-FRA
bootstrap-table.min.css
unpkg.com/bootstrap-table@1.20.2/dist/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/bootstrap-table@1.20.2/dist/bootstrap-table.min.css
Requested by
Host: posts.ransomware.live
URL: https://posts.ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2de534b73197b14a23c4c4204dd8d107be3eabc45086a510a286d8e3eefa718f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.ransomware.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:20:26 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
8579462
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01G3WWTRK351DSXR9EKT20WPW5-fra
server
cloudflare
etag
W/"2433-41z1R6gEqcZEGGeir5y+ZDuzbak"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ffdcf845cf7048f-FRA
github.png
posts.ransomware.live/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://posts.ransomware.live/github.png
Requested by
Host: posts.ransomware.live
URL: https://posts.ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
953679d05fd97644df588f7d984da6112a586aafb4bfdca1445cb4f968a39f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.ransomware.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-fastly-request-id
e50847bad4aa45f27a71c0c630d44fa16d368aa1
date
Fri, 01 Sep 2023 13:20:26 GMT
via
1.1 varnish
x-cache-hits
0
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
1376
x-served-by
cache-fra-eddf8230089-FRA
last-modified
Fri, 01 Sep 2023 12:45:24 GMT
server
GitHub.com
x-github-request-id
64EA:95D4:FA82CF:FF805C:64F1E518
x-timer
S1693574426.267300,VS0,VE100
etag
"64f1dce4-560"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-origin-cache
HIT
expires
Fri, 01 Sep 2023 13:30:26 GMT
twitter.png
posts.ransomware.live/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://posts.ransomware.live/twitter.png
Requested by
Host: posts.ransomware.live
URL: https://posts.ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:50c0:8000::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
63208ed3e5ad4918d79c6b675f9cd96c91132285d53cecdf38375cb9659bc929

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.ransomware.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-fastly-request-id
06846e5d3e64f6f1c0ad3a8c3999cb8b356e81b1
date
Fri, 01 Sep 2023 13:20:26 GMT
via
1.1 varnish
expires
Fri, 01 Sep 2023 13:30:26 GMT
age
0
x-cache
MISS
x-proxy-cache
MISS
content-length
8618
x-served-by
cache-fra-eddf8230089-FRA
last-modified
Fri, 01 Sep 2023 12:45:24 GMT
server
GitHub.com
x-github-request-id
32A8:DD39:F9EE3C:FEE73F:64F1E519
x-timer
S1693574426.267313,VS0,VE104
etag
"64f1dce4-21aa"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
x-cache-hits
0
jquery.min.js
cdn.jsdelivr.net/npm/jquery/dist/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery/dist/jquery.min.js
Requested by
Host: posts.ransomware.live
URL: https://posts.ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.ransomware.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:20:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
11126
x-jsd-version
3.7.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230112-FRA, cache-yyz4548-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"155ed-7khZLR//lS/PBs4LZm7UeFSTr9w"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOcj41cd7aYulzCM%2FCW9OeQZsw0ASM2%2BP0clsRRxw6iR8ihOYTDI7bnLiBcpZdIT7bEy6hGYlIeepuMmbSM3bOc11UyytvoGujD3kK%2FP1zqiBFSQj7OB9lvkzaxUVZrzrUgLHBXhge4YtAmlTnE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7ffdcf8bff429214-FRA
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/ 		76 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.1.3/dist/js/bootstrap.bundle.min.js
Requested by
Host: posts.ransomware.live
URL: https://posts.ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://posts.ransomware.live/
Origin
https://posts.ransomware.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:20:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
14825250
x-jsd-version
5.1.3
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230075-FRA, cache-jnb7027-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"13131-qF5oFiTJGhBqUUwx6s+A3oF7LMM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZFltAZmP0WezssyYHF3MMKCW7vx0p%2Bi5%2Bbv3Et4Cr%2BC%2BD4m9mGfK49jYMEvoDFyaDnwenhyvgJ5Y7Ec5MO79JCk3%2Bgy%2BA5eQ7uhdSSUwGSZBrhMGqmu9StkUSlfDGaxFH0x41N%2FTKqZXAOBpnxw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7ffdcf8c18ef9000-FRA
bootstrap-table.min.js
unpkg.com/bootstrap-table@1.20.2/dist/ 		131 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/bootstrap-table@1.20.2/dist/bootstrap-table.min.js
Requested by
Host: posts.ransomware.live
URL: https://posts.ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9504914361145d42a0db190a4d5f83d04deb0021008b5688fbcd3d2c8e5dadd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.ransomware.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:20:27 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
14261100
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GVZDZBSVPFA0AFJTMHGFPETZ-fra
server
cloudflare
etag
W/"20aeb-3nPIAfWYHhMASuq+zecQ6aWHxKk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ffdcf8c1eee048f-FRA
tableExport.min.js
unpkg.com/tableexport.jquery.plugin@1.28.0/
Redirect Chain
  • https://unpkg.com/tableexport.jquery.plugin/tableExport.min.js
  • https://unpkg.com/tableexport.jquery.plugin@1.28.0/tableExport.min.js
52 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/tableexport.jquery.plugin@1.28.0/tableExport.min.js
Requested by
Host: posts.ransomware.live
URL: https://posts.ransomware.live/
Protocol
H2
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799bbe386453c75771e55f169c2678a9df42174948be86c7bfd9a456812ef638
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.ransomware.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:20:27 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
5158430
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01H4EPZ1XAEC1635NSQQJADTYE-fra
server
cloudflare
etag
W/"d0c0-7SMem4YivUR+/pDUzUw6RcaC+M4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ffdcf8cf860048f-FRA

Redirect headers

date
Fri, 01 Sep 2023 13:20:27 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01H98DYEDCC7YGHWDARKBAGQ8H-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
506
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/tableexport.jquery.plugin@1.28.0/tableExport.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
7ffdcf8c1eef048f-FRA
bootstrap-table-export.min.js
unpkg.com/bootstrap-table@1.20.2/dist/extensions/export/ 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/bootstrap-table@1.20.2/dist/extensions/export/bootstrap-table-export.min.js
Requested by
Host: posts.ransomware.live
URL: https://posts.ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ac42439a78ada77cb9d210dc59ed6c54969c280fb167f3514b51ea87a6a3480
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.ransomware.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:20:27 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
3385414
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01H63HV4QSYTQZ7P686DW12YFJ-fra
server
cloudflare
etag
W/"85c1-/UYQmIvN60qiLSxCaAAxVvtzFx0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7ffdcf8c1ef0048f-FRA
matomo.js
stats.mousqueton.io/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.mousqueton.io/matomo.js
Requested by
Host: posts.ransomware.live
URL: https://posts.ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:404:200::54e6 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://posts.ransomware.live/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
public
date
Fri, 01 Sep 2023 13:20:27 GMT
content-encoding
gzip
last-modified
Tue, 01 Aug 2023 20:08:45 GMT
server
nginx
etag
W/"64c9664d-10132"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
expires
Fri, 01 Sep 2023 14:20:27 GMT
bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/fonts/ 		90 KB
91 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/fonts/bootstrap-icons.woff2?30af91bf14e37666a085fb8a161ff36d
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/bootstrap-icons.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9829fbbcc18407deb28b49dac24d8146981b22b4a4813f1699c7773e80c01b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.2/font/bootstrap-icons.css
Origin
https://posts.ransomware.live
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 13:20:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10916732
x-jsd-version
1.7.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
92064
x-served-by
cache-fra-eddf8230020-FRA, cache-yyz4555-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"167a0-ABUDSebr2vJiivnqTlbWsC29o5M"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOi86X5UCojBChi%2FCRp4Ym1W%2BQHFoXH8HbsLGyDX66lE2TehAhHaXgEkq6E5qsekGhsu1%2FDzUbsC5%2FyPTEYWZAk5ng7TqstWtSksWBk2QQGhGqXwp%2FiCafb5CE0vGzbyWkkzNU2XP41GvqQ7a6A%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7ffdcf9eaab51c0f-FRA
matomo.php
stats.mousqueton.io/ 		0
179 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.mousqueton.io/matomo.php?action_name=%F0%9F%8F%B4%E2%80%8D%E2%98%A0%EF%B8%8F%20Ransomware%20Posts&idsite=14&rec=1&r=808543&h=15&m=20&s=32&url=https%3A%2F%2Fposts.ransomware.live%2F&_id=647533edf63fe068&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=YJbySK&pf_net=280&pf_srv=383&pf_tfr=44&pf_dm1=1454&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: stats.mousqueton.io
URL: https://stats.mousqueton.io/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:404:200::54e6 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://posts.ransomware.live/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://posts.ransomware.live
date
Fri, 01 Sep 2023 13:20:33 GMT
access-control-allow-credentials
true
referrer-policy
origin
server
nginx
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery number| uidEvent object| bootstrap function| BootstrapTable object| $jscomp object| _paq object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

2 Cookies

Domain/Path Name / Value
posts.ransomware.live/ Name: _pk_id.14.a3d7
Value: 647533edf63fe068.1693574432.
posts.ransomware.live/ Name: _pk_ses.14.a3d7
Value: 1