urlscan.io logo urlscan.io
SecurityTrails logo

ransomware.live Open in urlscan Pro
2001:41d0:304:200::3276  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ransomware.live/
Effective URL: https://ransomware.live/
Submission: On July 25 via manual from GB — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 9 domains to perform 47 HTTP transactions. The main IP is 2001:41d0:304:200::3276, located in France and belongs to OVH, FR. The main domain is ransomware.live.
TLS certificate: Issued by R11 on June 15th 2024. Valid for: 3 months.
This is the only time ransomware.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

19    2001:41d0:304:200::3276 (France)

ASN16276 (OVH, FR)
ransomware.live
12    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
9    2606:4700::6811:f5cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2606:4700:10::6814:686 (United States)

ASN13335 (CLOUDFLARENET, US)
mirrors.creativecommons.org
3    2001:41d0:404:200::54e6 (France)

ASN16276 (OVH, FR)
stats.mousqueton.io
Apex Domain
Subdomains		 Transfer
19 ransomware.live
ransomware.live
1 MB
12 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
77 KB
9 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1314
10 KB
3 mousqueton.io
stats.mousqueton.io
22 KB
3 creativecommons.org
mirrors.creativecommons.org — Cisco Umbrella Rank: 200595
4 KB
2 gstatic.com
fonts.gstatic.com
57 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
2 KB
0 buymeacoffee.com Failed
cdn.buymeacoffee.com Failed
47 9
Domain Requested by
19 ransomware.live ransomware.live
cdn.jsdelivr.net
12 cdn.jsdelivr.net ransomware.live
cdn.jsdelivr.net
9 unpkg.com 5 redirects ransomware.live
3 stats.mousqueton.io cdn.jsdelivr.net
stats.mousqueton.io
3 mirrors.creativecommons.org ransomware.live
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com cdn.jsdelivr.net
1 cdnjs.cloudflare.com ransomware.live
0 cdn.buymeacoffee.com Failed ransomware.live
47 9

This site contains links to these domains. Also see Links.

Domain
www.buymeacoffee.com
github.com
creativecommons.org
Subject Issuer Validity Valid
ransomware.live
R11		 2024-06-15 -
2024-09-13		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
creativecommons.org
WE1		 2024-07-25 -
2024-10-23		 3 months crt.sh
stats.mousqueton.io
R11		 2024-06-24 -
2024-09-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ransomware.live/
Frame ID: 83F97B9BEEDF33AC993BE3D341DC8569
Requests: 48 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ransomware.live

Page URL History Show full URLs

  1. http://ransomware.live/ HTTP 307
    https://ransomware.live/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

47
Requests

89 %
HTTPS

88 %
IPv6

9
Domains

9
Subdomains

9
IPs

4
Countries

1284 kB
Transfer

1515 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ransomware.live/ HTTP 307
    https://ransomware.live/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://unpkg.com/docsify-footer-enh/dist/docsify-footer-enh.min.js HTTP 302
  • https://unpkg.com/docsify-footer-enh@0.0.9/dist/docsify-footer-enh.min.js
Request Chain 8
  • https://unpkg.com/docsify-scroll-to-top/dist/docsify-scroll-to-top.min.js HTTP 302
  • https://unpkg.com/docsify-scroll-to-top@1.0.2/dist/docsify-scroll-to-top.min.js
Request Chain 13
  • https://unpkg.com/docsify-plugin-flexible-alerts HTTP 302
  • https://unpkg.com/docsify-plugin-flexible-alerts@1.1.1 HTTP 302
  • https://unpkg.com/docsify-plugin-flexible-alerts@1.1.1/dist/docsify-plugin-flexible-alerts.min.js
Request Chain 17
  • https://unpkg.com/docsify-pdf-embed-plugin/src/docsify-pdf-embed.js HTTP 302
  • https://unpkg.com/docsify-pdf-embed-plugin@1.0.8/src/docsify-pdf-embed.js

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ransomware.live/
Redirect Chain
  • http://ransomware.live/
  • https://ransomware.live/
9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:304:200::3276 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
14e0daf90102c0276378ee1dbd5e1754f5636bc5a855d2c38dd7bf9b8e165a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
gzip
content-type
text/html
date
Thu, 25 Jul 2024 07:44:36 GMT
last-modified
Thursday, 25-Jul-2024 07:44:36 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding

Redirect headers

Location
https://ransomware.live/
Non-Authoritative-Reason
HttpsUpgrades
vue.css
cdn.jsdelivr.net/npm/docsify@4/lib/themes/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/docsify@4/lib/themes/vue.css
Requested by
Host: ransomware.live
URL: https://ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1f8ddcde10fe1d9f3ab60de8469ed26f9b09716fb882b225d666d4f62838de2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 25 Jul 2024 07:44:37 GMT
x-content-type-options
nosniff
content-encoding
br
age
21643
x-jsd-version
4.13.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3815
x-served-by
cache-fra-etou8220106-FRA, cache-ams2100117-AMS
x-jsd-version-type
version
etag
W/"3305-HsrB8EFntPbZyD/6mMZgrDn56x4"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
style.min.css
cdn.jsdelivr.net/npm/docsify-darklight-theme@latest/dist/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/docsify-darklight-theme@latest/dist/style.min.css
Requested by
Host: ransomware.live
URL: https://ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
882b8ec6d61636be303cac53eeb5b3c87b3c6fc25c63b84afbed43b50e52f2e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 25 Jul 2024 07:44:37 GMT
x-content-type-options
nosniff
content-encoding
br
age
28776
x-jsd-version
3.2.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3877
x-served-by
cache-fra-eddf8230047-FRA, cache-ams2100117-AMS
x-jsd-version-type
version
etag
W/"3458-e/dELn/jqUO8kAiPA7J5Y4rXsQk"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
loading.gif
ransomware.live/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ransomware.live/images/loading.gif
Requested by
Host: ransomware.live
URL: https://ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:304:200::3276 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
ceefaf137dff178a7730ca66ec81233999908eabcfe954aed7f1e93238e8efe4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thursday, 25-Jul-2024 07:44:36 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
12210
config.js
ransomware.live/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ransomware.live/js/config.js
Requested by
Host: ransomware.live
URL: https://ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:304:200::3276 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
d7bf708b93030a87f0f15803c82ddc3d7ce1d0db5f06298c52df6295be52fc42
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thursday, 25-Jul-2024 07:44:36 GMT
server
nginx
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
docsify@4
cdn.jsdelivr.net/npm/ 		157 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/docsify@4
Requested by
Host: ransomware.live
URL: https://ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9123f808d3f6ad736b4a8f99944a611f87c5d4f9328030080a5c029ed5f450a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 25 Jul 2024 07:44:37 GMT
x-content-type-options
nosniff
content-encoding
br
age
18975
x-jsd-version
4.13.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
49766
x-served-by
cache-fra-eddf8230075-FRA, cache-ams2100117-AMS
x-jsd-version-type
version
etag
W/"27498-RXak10KWp03PABdnZAsfvsxfwjg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
docsify-footer-enh.min.js
unpkg.com/docsify-footer-enh@0.0.9/dist/
Redirect Chain
  • https://unpkg.com/docsify-footer-enh/dist/docsify-footer-enh.min.js
  • https://unpkg.com/docsify-footer-enh@0.0.9/dist/docsify-footer-enh.min.js
755 B
546 B 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/docsify-footer-enh@0.0.9/dist/docsify-footer-enh.min.js
Requested by
Host: ransomware.live
URL: https://ransomware.live/
Protocol
H2
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87320228a2dc5bc09bbe4bcc35af4c71ff847bcb2c50223e96f65d70cc4dc09a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1853642
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J1X5T1W44YF79WKN3Q8RJ9NW-lhr
server
cloudflare
etag
"2f3-DLXkLyLupSvBM9p8941z0jOeMoE"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8a8a86986d98945d-LHR

Redirect headers

date
Thu, 25 Jul 2024 07:44:37 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01J3MDCFJ6012HBRHBSZHKSSFN-lhr
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
204
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/docsify-footer-enh@0.0.9/dist/docsify-footer-enh.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
8a8a86983d5e945d-LHR
search.min.js
cdn.jsdelivr.net/npm/docsify/lib/plugins/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/docsify/lib/plugins/search.min.js
Requested by
Host: ransomware.live
URL: https://ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ab20792dc69dfd9cdb19479f716f69a619e577dec452739196770134dd71f297
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 25 Jul 2024 07:44:37 GMT
x-content-type-options
nosniff
content-encoding
br
age
29751
x-jsd-version
4.13.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3404
x-served-by
cache-fra-eddf8230139-FRA, cache-ams2100117-AMS
x-jsd-version-type
version
etag
W/"1fe7-H7rShg7o9AolFkVFh/5vn2YlLL0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
matomo.min.js
cdn.jsdelivr.net/npm/docsify@4/lib/plugins/ 		714 B
639 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/docsify@4/lib/plugins/matomo.min.js
Requested by
Host: ransomware.live
URL: https://ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
239e1326ef6e4bb7fa0bdd0c60fa7a78d257dbce7861d902348aa5eb5920eb5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 25 Jul 2024 07:44:37 GMT
x-content-type-options
nosniff
content-encoding
br
age
22942
x-jsd-version
4.13.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
367
x-served-by
cache-fra-etou8220125-FRA, cache-ams2100117-AMS
x-jsd-version-type
version
etag
W/"2ca-l7R/npKcnVDBHwe4y908z+0Dhsc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
docsify-scroll-to-top.min.js
unpkg.com/docsify-scroll-to-top@1.0.2/dist/
Redirect Chain
  • https://unpkg.com/docsify-scroll-to-top/dist/docsify-scroll-to-top.min.js
  • https://unpkg.com/docsify-scroll-to-top@1.0.2/dist/docsify-scroll-to-top.min.js
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/docsify-scroll-to-top@1.0.2/dist/docsify-scroll-to-top.min.js
Requested by
Host: ransomware.live
URL: https://ransomware.live/
Protocol
H2
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
529072c12abaa15f1494025d07e3cf3507662e8dd479206cb3d1a447c76728b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
content-encoding
gzip
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
11103401
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HS9GHSDZ0A83QB9HMTKR7YMG-lhr
server
cloudflare
etag
"72c-VHpr7pa2AfNb9XG1D4HYTxw21HE"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8a8a86986d9e945d-LHR

Redirect headers

date
Thu, 25 Jul 2024 07:44:37 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01J3MDECQEATA051AFQEGHH5SA-lhr
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
141
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/docsify-scroll-to-top@1.0.2/dist/docsify-scroll-to-top.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
8a8a86983d59945d-LHR
index.min.js
cdn.jsdelivr.net/npm/docsify-darklight-theme@latest/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/docsify-darklight-theme@latest/dist/index.min.js
Requested by
Host: ransomware.live
URL: https://ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bb4f8a712b3c869e1676ec7dbd28bbd6f5124756ebc6f9f12fed88e557e27bed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 25 Jul 2024 07:44:37 GMT
x-content-type-options
nosniff
content-encoding
br
age
39722
x-jsd-version
3.2.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
979
x-served-by
cache-fra-eddf8230128-FRA, cache-ams2100117-AMS
x-jsd-version-type
version
etag
W/"a79-613jc2GXb2gvFz2rJWvKG0PGM4o"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
docsify-charty@latest
cdn.jsdelivr.net/npm/@markbattistella/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@markbattistella/docsify-charty@latest
Requested by
Host: ransomware.live
URL: https://ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
10f441009f84e2b2af432897f79daef6ea7f3b2b786331f65779378a96fda04c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 25 Jul 2024 07:44:37 GMT
x-content-type-options
nosniff
content-encoding
br
age
8393
x-jsd-version
3.0.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
5138
x-served-by
cache-fra-etou8220087-FRA, cache-ams2100117-AMS
x-jsd-version-type
version
etag
W/"483e-s7wArM61eG+S3B9LWWqNDg4veuc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
docsify-charty.min.css
cdn.jsdelivr.net/npm/@markbattistella/docsify-charty@latest/dist/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@markbattistella/docsify-charty@latest/dist/docsify-charty.min.css
Requested by
Host: ransomware.live
URL: https://ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0084f2449ad38f135552fc3e6fcdac61169577d1747e8876b90d758cd88fa09a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 25 Jul 2024 07:44:37 GMT
x-content-type-options
nosniff
content-encoding
br
age
19574
x-jsd-version
3.0.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1511
x-served-by
cache-fra-eddf8230148-FRA, cache-ams2100117-AMS
x-jsd-version-type
version
etag
W/"18e0-s7DntvbUu7NY6faAbAvMat7Z4+k"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
zoom-image.min.js
cdn.jsdelivr.net/npm/docsify/lib/plugins/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/docsify/lib/plugins/zoom-image.min.js
Requested by
Host: ransomware.live
URL: https://ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
73e70a64af96532474cb43878ef43ad6e450316e37ebcee96b31e6fe4dc8cd43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 25 Jul 2024 07:44:37 GMT
x-content-type-options
nosniff
content-encoding
br
age
34470
x-jsd-version
4.13.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3160
x-served-by
cache-fra-eddf8230095-FRA, cache-ams2100117-AMS
x-jsd-version-type
version
etag
W/"2562-VAd55srW/GaZj8/pcZ7Yc5Goaew"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
docsify-plugin-flexible-alerts.min.js
unpkg.com/docsify-plugin-flexible-alerts@1.1.1/dist/
Redirect Chain
  • https://unpkg.com/docsify-plugin-flexible-alerts
  • https://unpkg.com/docsify-plugin-flexible-alerts@1.1.1
  • https://unpkg.com/docsify-plugin-flexible-alerts@1.1.1/dist/docsify-plugin-flexible-alerts.min.js
9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/docsify-plugin-flexible-alerts@1.1.1/dist/docsify-plugin-flexible-alerts.min.js
Requested by
Host: ransomware.live
URL: https://ransomware.live/
Protocol
H2
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
683a0c4d4851b4c95d9bb6ffe64c455fb186cb6d6a6a669568b30d90e935ec05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
10808370
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HSJ9XDKR4V68Y3RB7DC3AB6X-lhr
server
cloudflare
etag
"2231-xELRKigaoICUmOt+fDPiViiwIIg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8a8a8698ade2945d-LHR

Redirect headers

date
Thu, 25 Jul 2024 07:44:37 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01J0AFBEK74NPA56CT8G9X4MYH-lhr
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
3554911
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/docsify-plugin-flexible-alerts@1.1.1/dist/docsify-plugin-flexible-alerts.min.js
cache-control
public, max-age=31536000
cf-ray
8a8a86986da1945d-LHR
docsify-tabs@1
cdn.jsdelivr.net/npm/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/docsify-tabs@1
Requested by
Host: ransomware.live
URL: https://ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf18d617c2b53f2b407aab6c7c5d5df0e268b74c028b7db039472175ad7a5c92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 25 Jul 2024 07:44:37 GMT
x-content-type-options
nosniff
content-encoding
br
age
28893
x-jsd-version
1.6.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3297
x-served-by
cache-fra-etou8220103-FRA, cache-ams2100117-AMS
x-jsd-version-type
version
etag
W/"2728-i6PBkhJvKr8V94t0K9GbH1UKrc8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
progress.min.js
cdn.jsdelivr.net/npm/docsify-progress@latest/dist/ 		2 KB
919 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/docsify-progress@latest/dist/progress.min.js
Requested by
Host: ransomware.live
URL: https://ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6fc8d5044e0ae4ab8f5a58b6bcf466acbd9fbe15cf97b33580cb96fb75a2ac8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 25 Jul 2024 07:44:37 GMT
x-content-type-options
nosniff
content-encoding
br
age
24010
x-jsd-version
1.0.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
771
x-served-by
cache-fra-etou8220130-FRA, cache-ams2100117-AMS
x-jsd-version-type
version
etag
W/"717-67xOZR5s++GDYVOcuJO/UCW71tQ"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
pdfobject.min.js
cdnjs.cloudflare.com/ajax/libs/pdfobject/2.1.1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/pdfobject/2.1.1/pdfobject.min.js
Requested by
Host: ransomware.live
URL: https://ransomware.live/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad83d7ddd5eaf0d879df612f092d9fa1ec93826cdb702f2efa70a4feb12d2970
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
47551
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1676
last-modified
Mon, 04 May 2020 16:15:04 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f88-15a5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nr6pJKlvoHlg4vJnjDfLchDjs8xqj5pV31BlsGFv4WZTUZUAHEK%2BYivtiVnwonnepcbNGwwxdu0g1U2TmBZl6pXSJE3wXY1Q2eY0hSaNDD4r7pEotEywG3sSED%2BeJmKzjO3c%2FH1j"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8a8a8697fb486517-LHR
expires
Tue, 15 Jul 2025 07:44:37 GMT
docsify-pdf-embed.js
unpkg.com/docsify-pdf-embed-plugin@1.0.8/src/
Redirect Chain
  • https://unpkg.com/docsify-pdf-embed-plugin/src/docsify-pdf-embed.js
  • https://unpkg.com/docsify-pdf-embed-plugin@1.0.8/src/docsify-pdf-embed.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/docsify-pdf-embed-plugin@1.0.8/src/docsify-pdf-embed.js
Requested by
Host: ransomware.live
URL: https://ransomware.live/
Protocol
H2
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
313f6722b365728529bb405932505ca24fdde7e5399630878e11e994d4d0eeae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
10808371
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HSJ9XD1XZCBPSD50G6VQQNS4-lhr
server
cloudflare
etag
"1a5c-ii8PCMIFwkK/HYBJUrOFmaIdBlY"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8a8a86986d99945d-LHR

Redirect headers

date
Thu, 25 Jul 2024 07:44:37 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
HIT
fly-request-id
01J3MD8P6AZGNZNSEJ22Q7FRHT-lhr
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
329
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/docsify-pdf-embed-plugin@1.0.8/src/docsify-pdf-embed.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
8a8a86983d5d945d-LHR
css
fonts.googleapis.com/ 		9 KB
954 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Mono|Source+Sans+Pro:300,400,600
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/docsify@4/lib/themes/vue.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4bd8306f993a097b699150446ad58bb237f71fb432d4a6712931c340adcdd1ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn.jsdelivr.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 Jul 2024 07:44:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 Jul 2024 07:44:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Jul 2024 07:44:37 GMT
css
fonts.googleapis.com/ 		1 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans&Source+Sans+Pro&Roboto+Mono&display=swap
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/docsify-darklight-theme@latest/dist/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1b096f186d91b7557ed9e427cc811517095122a29f714bcc902d22580159d2a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn.jsdelivr.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 25 Jul 2024 07:44:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 25 Jul 2024 07:40:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Jul 2024 07:44:37 GMT
README.md
ransomware.live/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ransomware.live/README.md
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/docsify@4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:304:200::3276 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5fd013e69a7529ab2425829d3078213c88e0473d9d94a91c30f74f0c9d563bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thursday, 25-Jul-2024 07:44:37 GMT
server
nginx
content-type
application/octet-stream
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
2656
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans&Source+Sans+Pro&Roboto+Mono&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ransomware.live
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 14:52:23 GMT
x-content-type-options
nosniff
age
147134
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 14:52:23 GMT
ransomwarelive.png
ransomware.live/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ransomware.live/ransomwarelive.png
Requested by
Host: ransomware.live
URL: https://ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:304:200::3276 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
3a249ea94200d066172209f9973c42bec56c7c9f5d36c7b9aee290ec023f2e64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thursday, 25-Jul-2024 07:44:37 GMT
server
nginx
content-type
image/png
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
36922
_sidebar.md
ransomware.live/ 		743 B
980 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ransomware.live/_sidebar.md
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/docsify@4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:304:200::3276 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
6941d9113598355d097f2aedb6105eb7997830654ffa8b32f8ddc62ca0b7afb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thursday, 25-Jul-2024 07:44:37 GMT
server
nginx
content-type
application/octet-stream
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
743
default-yellow.png
cdn.buymeacoffee.com/buttons/v2/ 		0
0
cc.svg
mirrors.creativecommons.org/presskit/icons/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mirrors.creativecommons.org/presskit/icons/cc.svg?ref=chooser-v1
Requested by
Host: ransomware.live
URL: https://ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97111c7c4815658fb79dae4382e2acede7d1de3ffe9a6bdb9872478bee98f840
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 19 Feb 2009 20:07:34 GMT
server
cloudflare
age
1066
etag
W/"499dbc06-a0d"
x-frame-options
deny
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
cf-ray
8a8a86999bd7b984-AMS
x-xss-protection
1; mode=block
by.svg
mirrors.creativecommons.org/presskit/icons/ 		2 KB
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mirrors.creativecommons.org/presskit/icons/by.svg?ref=chooser-v1
Requested by
Host: ransomware.live
URL: https://ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fabf6080e1e50597f2b81498f84a34261fce42428b65b65c2c69e9de51770b89
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 19 Feb 2009 20:07:33 GMT
server
cloudflare
age
7189
etag
W/"499dbc05-61b"
x-frame-options
deny
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
cf-ray
8a8a86999bdcb984-AMS
x-xss-protection
1; mode=block
nc.svg
mirrors.creativecommons.org/presskit/icons/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mirrors.creativecommons.org/presskit/icons/nc.svg?ref=chooser-v1
Requested by
Host: ransomware.live
URL: https://ransomware.live/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:686 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
116e6fd11e7f8ece1572f7baf6c9707db042067b21907b8146faa0d65eca474a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Thu, 19 Feb 2009 20:07:34 GMT
server
cloudflare
age
2212
etag
W/"499dbc06-7c1"
x-frame-options
deny
vary
Accept-Encoding
content-type
image/svg+xml
content-encoding
br
cf-ray
8a8a86999bdab984-AMS
x-xss-protection
1; mode=block
matomo.js
stats.mousqueton.io/ 		66 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.mousqueton.io/matomo.js
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/docsify@4/lib/plugins/matomo.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:404:200::54e6 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Jul 2024 07:44:37 GMT
content-encoding
gzip
last-modified
Tue, 11 Jun 2024 08:20:31 GMT
server
nginx
etag
W/"666808cf-10784"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
expires
Thu, 25 Jul 2024 08:44:37 GMT
truncated
/ 		411 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6190438113536c5efbdc2d72c450f8531698ac61a6eb4a1432f96189fe91ad62

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_ROW4.woff2
fonts.gstatic.com/s/robotomono/v23/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotomono/v23/L0xuDF4xlVMF-BfR8bXMIhJHg45mwgGEFl0_3vq_ROW4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Mono|Source+Sans+Pro:300,400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
32c8a74ac0816253d69a7cc68a60986d91c77c80fb17101058527bffa45a13ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ransomware.live
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 23:35:56 GMT
x-content-type-options
nosniff
age
115721
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12764
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 01:16:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Jul 2025 23:35:56 GMT
recentdiscoveredvictims.md
ransomware.live/ 		54 KB
54 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ransomware.live/recentdiscoveredvictims.md
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/docsify@4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:304:200::3276 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
873a66cab6aad5e5fe477d12bb809e219c9b65570d84e7450e156917045f024f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thursday, 25-Jul-2024 07:44:37 GMT
server
nginx
content-type
application/octet-stream
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
55269
country.md
ransomware.live/ 		16 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ransomware.live/country.md
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/docsify@4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:304:200::3276 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
140a5287f73f15ac08c972826fe65afe8390cd239dbc1f5b3d036394b51f32a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thursday, 25-Jul-2024 07:44:37 GMT
server
nginx
content-type
application/octet-stream
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
15903
map.md
ransomware.live/ 		131 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ransomware.live/map.md
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/docsify@4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:304:200::3276 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
4a9202bf98a34b71b4b3506bde628575f39081ccda78609be66543abb865558e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thursday, 25-Jul-2024 07:44:37 GMT
server
nginx
content-type
application/octet-stream
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
131
recentcyberattacks.md
ransomware.live/ 		40 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ransomware.live/recentcyberattacks.md
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/docsify@4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:304:200::3276 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
ccb0d0a3b6b7dbab03d8d24bf649e5032558d899810b384e199181e0810f4587
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thursday, 25-Jul-2024 07:44:37 GMT
server
nginx
content-type
application/octet-stream
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
40913
status.md
ransomware.live/ 		121 KB
121 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ransomware.live/status.md
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/docsify@4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:304:200::3276 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e93d9d16fca4bd70ea1581a160a005e337bad25138c098b5942cfb5e350f8ef7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thursday, 25-Jul-2024 07:44:37 GMT
server
nginx
content-type
application/octet-stream
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
123834
profiles.md
ransomware.live/ 		783 KB
784 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ransomware.live/profiles.md
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/docsify@4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:304:200::3276 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
33a3b98059d6ac471511199a82c9a3783f7fd0d034b2e6c095c1e48c2a15b594
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thursday, 25-Jul-2024 07:44:37 GMT
server
nginx
content-type
application/octet-stream
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
801884
ransomnotes.md
ransomware.live/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ransomware.live/ransomnotes.md
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/docsify@4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:304:200::3276 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
4277bac634db2d3711c4c65f05534e3ed1dc702dc7f978b8435491f3342d747a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thursday, 25-Jul-2024 07:44:37 GMT
server
nginx
content-type
application/octet-stream
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
4092
negotiations.md
ransomware.live/ 		21 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ransomware.live/negotiations.md
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/docsify@4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:304:200::3276 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
44f7477edafa02d859b82cc8d3f9460694079202e2822a3e9b22e97bebde99eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thursday, 25-Jul-2024 07:44:37 GMT
server
nginx
content-type
application/octet-stream
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
21343
cartography.md
ransomware.live/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ransomware.live/cartography.md
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/docsify@4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:304:200::3276 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
aeebedf4ac134f09e90cf0a88f505322fb1a53a35457608ea552b3277a18824c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thursday, 25-Jul-2024 07:44:37 GMT
server
nginx
content-type
application/octet-stream
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
1346
stats.md
ransomware.live/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ransomware.live/stats.md
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/docsify@4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:304:200::3276 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
976f5ef3e12b73b5954dc801bae1287cbedae4ebe9ebd5244d6666254644f76a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thursday, 25-Jul-2024 07:44:37 GMT
server
nginx
content-type
application/octet-stream
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
1112
about.md
ransomware.live/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ransomware.live/about.md
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/docsify@4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:304:200::3276 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
adcb66f114e1d4eb141c143b9eac64bb2d0e8d01c597fa95657a98ff6b18fff6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thursday, 25-Jul-2024 07:44:37 GMT
server
nginx
content-type
application/octet-stream
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
5918
disclaimer.md
ransomware.live/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ransomware.live/disclaimer.md
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/docsify@4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:304:200::3276 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
799e0356cfd6c6b99b46f063d34808d136b8437078e7b0e7b69323ad8702bed7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thursday, 25-Jul-2024 07:44:37 GMT
server
nginx
content-type
application/octet-stream
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
1111
moon.svg
cdn.jsdelivr.net/npm/docsify-darklight-theme@latest/icons/ 		279 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/npm/docsify-darklight-theme@latest/icons/moon.svg
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/docsify-darklight-theme@latest/dist/style.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b4e128e64b14f5bf1981d475eb6314e97871b666f28d622fb111b7452c7d2be5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/docsify-darklight-theme@latest/dist/style.min.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 25 Jul 2024 07:44:37 GMT
x-content-type-options
nosniff
content-encoding
br
age
32730
x-jsd-version
3.2.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
192
x-served-by
cache-fra-etou8220078-FRA, cache-ams2100117-AMS
x-jsd-version-type
version
etag
W/"117-pqEgrfK7AAKebOYNfv2JJxSsDOY"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
matomo.php
stats.mousqueton.io/ 		0
176 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.mousqueton.io/matomo.php?action_name=Ransomware.live&idsite=10&rec=1&r=860998&h=9&m=44&s=37&url=https%3A%2F%2Fransomware.live%2F%23%2F&_id=6f0d3e10e8039a1a&_idn=1&send_image=0&_refts=0&pv_id=xrAsHt&pf_net=81&pf_srv=20&pf_tfr=2&pf_dm1=266&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: stats.mousqueton.io
URL: https://stats.mousqueton.io/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:404:200::54e6 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://ransomware.live
date
Thu, 25 Jul 2024 07:44:37 GMT
access-control-allow-credentials
true
referrer-policy
origin
server
nginx
x-content-type-options
nosniff
x-xss-protection
1; mode=block
favicon-32x32.png
ransomware.live/icon/ 		3 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ransomware.live/icon/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:304:200::3276 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
893d74922a6c48cd8e24466615c174825399db3a001eddd346b80837a7e6b67d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 25 Jul 2024 07:44:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thursday, 25-Jul-2024 07:44:37 GMT
server
nginx
content-type
image/png
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
accept-ranges
bytes
content-length
2946
matomo.php
stats.mousqueton.io/ 		0
176 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.mousqueton.io/matomo.php?action_name=Ransomware.live%20%F0%9F%91%80%20-%20Ransomware%20Groups%27%20Victims%20Tracking%20%26%20Monitoring&idsite=10&rec=1&r=334954&h=9&m=44&s=37&url=https%3A%2F%2Fransomware.live%2F&_id=6f0d3e10e8039a1a&_idn=0&send_image=0&_refts=0&pv_id=q0avku&pf_net=81&pf_srv=20&pf_tfr=2&pf_dm1=266&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: stats.mousqueton.io
URL: https://stats.mousqueton.io/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:41d0:404:200::54e6 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ransomware.live/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://ransomware.live
date
Thu, 25 Jul 2024 07:44:41 GMT
access-control-allow-credentials
true
referrer-policy
origin
server
nginx
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.buymeacoffee.com
URL
https://cdn.buymeacoffee.com/buttons/v2/default-yellow.png

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| $docsify object| Prism object| Docsify function| DocsifyCompiler function| marked object| CONFIG function| install function| _slicedToArray function| _nonIterableRest function| _iterableToArrayLimit function| _arrayWithHoles function| ownKeys function| _objectSpread function| _defineProperty function| _toConsumableArray function| _nonIterableSpread function| _unsupportedIterableToArray function| _iterableToArray function| _arrayWithoutHoles function| _arrayLikeToArray function| getChartyOptions object| chartyOptions string| charty function| plugin object| PDFObject object| __current_docsify_compiler__ object| _paq object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

2 Cookies

Domain/Path Name / Value
ransomware.live/ Name: _pk_id.10.2fe4
Value: 6f0d3e10e8039a1a.1721893478.
ransomware.live/ Name: _pk_ses.10.2fe4
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://cdn.buymeacoffee.com/buttons/v2/default-yellow.png
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.buymeacoffee.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
mirrors.creativecommons.org
ransomware.live
stats.mousqueton.io
unpkg.com
cdn.buymeacoffee.com
104.17.25.14
2001:41d0:304:200::3276
2001:41d0:404:200::54e6
2606:4700:10::6814:686
2606:4700::6811:f5cb
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2003
2a04:4e42:400::485
0084f2449ad38f135552fc3e6fcdac61169577d1747e8876b90d758cd88fa09a
10f441009f84e2b2af432897f79daef6ea7f3b2b786331f65779378a96fda04c
116e6fd11e7f8ece1572f7baf6c9707db042067b21907b8146faa0d65eca474a
140a5287f73f15ac08c972826fe65afe8390cd239dbc1f5b3d036394b51f32a2
14e0daf90102c0276378ee1dbd5e1754f5636bc5a855d2c38dd7bf9b8e165a38
1b096f186d91b7557ed9e427cc811517095122a29f714bcc902d22580159d2a1
1f8ddcde10fe1d9f3ab60de8469ed26f9b09716fb882b225d666d4f62838de2e
239e1326ef6e4bb7fa0bdd0c60fa7a78d257dbce7861d902348aa5eb5920eb5c
313f6722b365728529bb405932505ca24fdde7e5399630878e11e994d4d0eeae
32c8a74ac0816253d69a7cc68a60986d91c77c80fb17101058527bffa45a13ba
33a3b98059d6ac471511199a82c9a3783f7fd0d034b2e6c095c1e48c2a15b594
3a249ea94200d066172209f9973c42bec56c7c9f5d36c7b9aee290ec023f2e64
4277bac634db2d3711c4c65f05534e3ed1dc702dc7f978b8435491f3342d747a
44f7477edafa02d859b82cc8d3f9460694079202e2822a3e9b22e97bebde99eb
4a9202bf98a34b71b4b3506bde628575f39081ccda78609be66543abb865558e
4bd8306f993a097b699150446ad58bb237f71fb432d4a6712931c340adcdd1ff
529072c12abaa15f1494025d07e3cf3507662e8dd479206cb3d1a447c76728b6
6190438113536c5efbdc2d72c450f8531698ac61a6eb4a1432f96189fe91ad62
683a0c4d4851b4c95d9bb6ffe64c455fb186cb6d6a6a669568b30d90e935ec05
6941d9113598355d097f2aedb6105eb7997830654ffa8b32f8ddc62ca0b7afb6
6fc8d5044e0ae4ab8f5a58b6bcf466acbd9fbe15cf97b33580cb96fb75a2ac8f
73e70a64af96532474cb43878ef43ad6e450316e37ebcee96b31e6fe4dc8cd43
799e0356cfd6c6b99b46f063d34808d136b8437078e7b0e7b69323ad8702bed7
87320228a2dc5bc09bbe4bcc35af4c71ff847bcb2c50223e96f65d70cc4dc09a
873a66cab6aad5e5fe477d12bb809e219c9b65570d84e7450e156917045f024f
882b8ec6d61636be303cac53eeb5b3c87b3c6fc25c63b84afbed43b50e52f2e3
893d74922a6c48cd8e24466615c174825399db3a001eddd346b80837a7e6b67d
9123f808d3f6ad736b4a8f99944a611f87c5d4f9328030080a5c029ed5f450a5
97111c7c4815658fb79dae4382e2acede7d1de3ffe9a6bdb9872478bee98f840
976f5ef3e12b73b5954dc801bae1287cbedae4ebe9ebd5244d6666254644f76a
ab20792dc69dfd9cdb19479f716f69a619e577dec452739196770134dd71f297
ad83d7ddd5eaf0d879df612f092d9fa1ec93826cdb702f2efa70a4feb12d2970
adcb66f114e1d4eb141c143b9eac64bb2d0e8d01c597fa95657a98ff6b18fff6
aeebedf4ac134f09e90cf0a88f505322fb1a53a35457608ea552b3277a18824c
b4e128e64b14f5bf1981d475eb6314e97871b666f28d622fb111b7452c7d2be5
bb4f8a712b3c869e1676ec7dbd28bbd6f5124756ebc6f9f12fed88e557e27bed
ccb0d0a3b6b7dbab03d8d24bf649e5032558d899810b384e199181e0810f4587
ceefaf137dff178a7730ca66ec81233999908eabcfe954aed7f1e93238e8efe4
cf18d617c2b53f2b407aab6c7c5d5df0e268b74c028b7db039472175ad7a5c92
d7bf708b93030a87f0f15803c82ddc3d7ce1d0db5f06298c52df6295be52fc42
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93d9d16fca4bd70ea1581a160a005e337bad25138c098b5942cfb5e350f8ef7
f2e8975ed834c578c50d3923ceb26de04d4fa44f74380f45f147585d909a874d
f5fd013e69a7529ab2425829d3078213c88e0473d9d94a91c30f74f0c9d563bd
fabf6080e1e50597f2b81498f84a34261fce42428b65b65c2c69e9de51770b89