ransomwhe.re Open in urlscan Pro
185.199.108.153  Public Scan

7 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ransomwhe.re/	14 KB 4 KB	298ms 135ms	Document text/html	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ransomwhe.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash 3a201d16f31814fe5a46afad718ab02fa6cf02f448796af6a92817ade0d1ef19 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 0 cache-control max-age=600 content-encoding gzip content-length 4072 content-type text/html; charset=utf-8 date Tue, 30 Aug 2022 03:38:24 GMT etag W/"62bf10e6-36c1" expires Tue, 30 Aug 2022 03:48:24 GMT last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com vary Accept-Encoding via 1.1 varnish x-cache MISS x-cache-hits 0 x-fastly-request-id 2bce8cd01228fad251385500c2f6de0ee73729f1 x-github-request-id 4E7A:5F10:E749A:116956:630D8630 x-proxy-cache MISS x-served-by cache-hhn4082-HHN x-timer S1661830704.335498,VS0,VE98
GET H2	200	main.css ransomwhe.re/assets/css/	54 KB 8 KB	136ms 133ms	Stylesheet text/css	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ransomwhe.re/assets/css/main.css Requested by Host: ransomwhe.re URL: https://ransomwhe.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash 6e9f372e7e04d20a4743cd7ebc152701f72ca7dd586324be84cc9c17157c2907 Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id b6c5025db079ef902415d787688615ea216b7bc8 date Tue, 30 Aug 2022 03:38:24 GMT content-encoding gzip age 0 x-cache MISS content-length 8225 x-served-by cache-hhn4082-HHN access-control-allow-origin * last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id 8232:5C29:13B6080:14B62AA:630D8630 x-timer S1661830704.487758,VS0,VE96 etag W/"62bf10e6-d733" vary Accept-Encoding content-type text/css; charset=utf-8 via 1.1 varnish expires Tue, 30 Aug 2022 03:48:24 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0
GET H2	200	jquery-ui.min.css ransomwhe.re/assets/css/	31 KB 8 KB	139ms 137ms	Stylesheet text/css	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ransomwhe.re/assets/css/jquery-ui.min.css Requested by Host: ransomwhe.re URL: https://ransomwhe.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29 Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id 61132106cc1dc94b500e18b105b63f6a160e38d6 date Tue, 30 Aug 2022 03:38:24 GMT content-encoding gzip age 0 x-cache MISS content-length 7920 x-served-by cache-hhn4082-HHN access-control-allow-origin * last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id F6D6:6873:DD7C02:E960AC:630D8630 x-timer S1661830704.488015,VS0,VE99 etag W/"62bf10e6-7d4c" vary Accept-Encoding content-type text/css; charset=utf-8 via 1.1 varnish expires Tue, 30 Aug 2022 03:48:24 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0
GET H2	200	jquery.dataTables.min.css ransomwhe.re/assets/css/	14 KB 2 KB	142ms 141ms	Stylesheet text/css	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ransomwhe.re/assets/css/jquery.dataTables.min.css Requested by Host: ransomwhe.re URL: https://ransomwhe.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash b4ab4e65ec55a34c76aaa73c333d009ebfbafbb0be230dc170496a3cf3383007 Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id 59e1d5233f3294c72c32cd5fca4cad01d42a96cd date Tue, 30 Aug 2022 03:38:24 GMT content-encoding gzip age 0 x-cache MISS content-length 2164 x-served-by cache-hhn4082-HHN access-control-allow-origin * last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id 4F0E:A5C5:83E987:8ED127:630D8630 x-timer S1661830704.488122,VS0,VE103 etag W/"62bf10e6-377a" vary Accept-Encoding content-type text/css; charset=utf-8 via 1.1 varnish expires Tue, 30 Aug 2022 03:48:24 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0
GET H2	200	lock.png ransomwhe.re/assets/images/	2 KB 2 KB	218ms 216ms	Image image/png	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://ransomwhe.re/assets/images/lock.png Requested by Host: ransomwhe.re URL: https://ransomwhe.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash 939da648265abd0108d8f70346ea8795ba027e1b2079ba114bea71054a16adc1 Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id 80ec70c797d0f72a269c5f2a2b8aeae91a8fc08c date Tue, 30 Aug 2022 03:38:24 GMT via 1.1 varnish age 0 x-cache MISS content-length 1578 x-served-by cache-hhn4082-HHN last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id 1D3C:ADA4:18E92:1D12C:630D8630 x-timer S1661830705.564350,VS0,VE99 etag "62bf10e6-62a" vary Accept-Encoding content-type image/png access-control-allow-origin * expires Tue, 30 Aug 2022 03:48:24 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0
GET H2	200	pic08.jpg ransomwhe.re/assets/images/	6 KB 6 KB	218ms 216ms	Image image/jpeg	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://ransomwhe.re/assets/images/pic08.jpg Requested by Host: ransomwhe.re URL: https://ransomwhe.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash 1d2c1bf62dc7c3c2b265783cb5e9268dc087a1ff611374d9e6035c53f05f80db Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id 200a98cafb30009f19a25b274d3c952eba350a6d date Tue, 30 Aug 2022 03:38:24 GMT via 1.1 varnish age 0 x-cache MISS content-length 5889 x-served-by cache-hhn4082-HHN last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id 471C:12EAA:775ADE:80CF44:630D8630 x-timer S1661830705.564339,VS0,VE100 etag "62bf10e6-1701" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * expires Tue, 30 Aug 2022 03:48:24 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0
GET H2	200	pic01.jpg ransomwhe.re/assets/images/	6 KB 6 KB	217ms 215ms	Image image/jpeg	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://ransomwhe.re/assets/images/pic01.jpg Requested by Host: ransomwhe.re URL: https://ransomwhe.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash ea40cf39ecf672754e0dbfbec0cb69306b7d46574352713f9a2132f34c80bfb8 Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id b730926a780e7e51eb592490eb56c8543e1d6552 date Tue, 30 Aug 2022 03:38:24 GMT via 1.1 varnish age 0 x-cache MISS content-length 6311 x-served-by cache-hhn4082-HHN last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id 521A:54D6:BF95D3:CED9B1:630D8630 x-timer S1661830705.564333,VS0,VE95 etag "62bf10e6-18a7" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * expires Tue, 30 Aug 2022 03:48:24 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0
GET H2	200	pic04.jpg ransomwhe.re/assets/images/	6 KB 6 KB	217ms 216ms	Image image/jpeg	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://ransomwhe.re/assets/images/pic04.jpg Requested by Host: ransomwhe.re URL: https://ransomwhe.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash cdce5ac5a6cb96f9ed35fa6372f4f54e07d2ffc6f77b2f4e67a8043f0db86050 Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id f48ba74858db64c73ec533be3693a303a51efbbd date Tue, 30 Aug 2022 03:38:24 GMT via 1.1 varnish age 0 x-cache MISS content-length 6499 x-served-by cache-hhn4082-HHN last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id FC94:444C:18672EC:199F459:630D8630 x-timer S1661830705.564308,VS0,VE99 etag "62bf10e6-1963" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * expires Tue, 30 Aug 2022 03:48:24 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0
GET H2	200	pic15.jpg ransomwhe.re/assets/images/	3 KB 3 KB	217ms 215ms	Image image/jpeg	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://ransomwhe.re/assets/images/pic15.jpg Requested by Host: ransomwhe.re URL: https://ransomwhe.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash 4a88ccf7a635e9a04c918ba4a855076e47df820aedf59805aa0a6e8c6428320a Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id e289cdad2bcc9dbacc2fb2ad642299cdd5179dc7 date Tue, 30 Aug 2022 03:38:24 GMT via 1.1 varnish age 0 x-cache MISS content-length 2560 x-served-by cache-hhn4082-HHN last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id 7DBE:9CF5:188DED7:19D1A40:630D8630 x-timer S1661830705.564294,VS0,VE98 etag "62bf10e6-a00" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * expires Tue, 30 Aug 2022 03:48:24 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0
GET H2	200	ca_logo_full_dark.png ransomwhe.re/assets/images/	42 KB 43 KB	218ms 216ms	Image image/png	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://ransomwhe.re/assets/images/ca_logo_full_dark.png Requested by Host: ransomwhe.re URL: https://ransomwhe.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash 749d3be5eb3d7df5b4287423cad2bc05016e7630fa1f41b4c1a5fb12b20f3d99 Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id 234e55135cf1d13d19ea36993b779733ca98074c date Tue, 30 Aug 2022 03:38:24 GMT via 1.1 varnish age 0 x-cache MISS content-length 43409 x-served-by cache-hhn4082-HHN last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id CB60:A2B8:1D083E:1EB289:630D8630 x-timer S1661830705.564279,VS0,VE101 etag "62bf10e6-a991" vary Accept-Encoding content-type image/png access-control-allow-origin * expires Tue, 30 Aug 2022 03:48:24 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0
GET H2	200	countup.umd.js Show response ransomwhe.re/assets/js/	9 KB 3 KB	140ms 137ms	Script application/javascript	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ransomwhe.re/assets/js/countup.umd.js Requested by Host: ransomwhe.re URL: https://ransomwhe.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash e8571e43be27932e83b755c32bbbbb761693f9cb33ff02a5a10d00f29637068c Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id 4e9a619edd287622827ae3dd5c09846026f0a133 date Tue, 30 Aug 2022 03:38:24 GMT content-encoding gzip age 0 x-cache MISS content-length 2451 x-served-by cache-hhn4082-HHN access-control-allow-origin * last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id FC90:12EAB:E54672:F174FE:630D8630 x-timer S1661830705.527621,VS0,VE100 etag W/"62bf10e6-24a6" vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 varnish expires Tue, 30 Aug 2022 03:48:24 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0
GET H2	200	jquery.min.js Show response ransomwhe.re/assets/js/	86 KB 30 KB	146ms 143ms	Script application/javascript	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ransomwhe.re/assets/js/jquery.min.js Requested by Host: ransomwhe.re URL: https://ransomwhe.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id 5e1bbd5e437cc126ada59db73042cfab9513a88a date Tue, 30 Aug 2022 03:38:24 GMT content-encoding gzip age 0 x-cache MISS content-length 30908 x-served-by cache-hhn4082-HHN access-control-allow-origin * last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id A058:54D7:16BB75D:17F4127:630D8630 x-timer S1661830705.528602,VS0,VE101 etag W/"62bf10e6-15851" vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 varnish expires Tue, 30 Aug 2022 03:48:24 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0
GET H2	200	jquery-ui.min.js Show response ransomwhe.re/assets/js/	248 KB 68 KB	331ms 328ms	Script application/javascript	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ransomwhe.re/assets/js/jquery-ui.min.js Requested by Host: ransomwhe.re URL: https://ransomwhe.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash 28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3 Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id a6c4be33edb5f6ca974ebf8f3e23c3c88f378470 date Tue, 30 Aug 2022 03:38:24 GMT content-encoding gzip age 0 x-cache MISS content-length 68943 x-served-by cache-hhn4082-HHN access-control-allow-origin * last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id 6102:5C28:931790:9EEF55:630D8630 x-timer S1661830705.529060,VS0,VE290 etag W/"62bf10e6-3dee5" vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 varnish expires Tue, 30 Aug 2022 03:48:24 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0
GET H2	200	chart.min.js Show response ransomwhe.re/assets/js/	180 KB 63 KB	191ms 188ms	Script application/javascript	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ransomwhe.re/assets/js/chart.min.js Requested by Host: ransomwhe.re URL: https://ransomwhe.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash aa8374f27597b051fe4bd0ad22af7d7b9cb36078a8447b4d07db76ab2d4c4a67 Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id 1d6619980378e3c02ba723b8bf0a240496f74fb4 date Tue, 30 Aug 2022 03:38:24 GMT content-encoding gzip age 0 x-cache MISS content-length 64295 x-served-by cache-hhn4082-HHN access-control-allow-origin * last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id DF46:6872:663B73:6EFAA9:630D8630 x-timer S1661830705.529198,VS0,VE105 etag W/"62bf10e6-2cefb" vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 varnish expires Tue, 30 Aug 2022 03:48:24 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0
GET H2	200	browser.min.js Show response ransomwhe.re/assets/js/	2 KB 988 B	141ms 138ms	Script application/javascript	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ransomwhe.re/assets/js/browser.min.js Requested by Host: ransomwhe.re URL: https://ransomwhe.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash 63572a849a602527e0deeca58b30c53e3d43f07be21b4ba24b30832062da875c Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id a77c814a6127d3a7c6e84d881d46248d7f21c08d date Tue, 30 Aug 2022 03:38:24 GMT content-encoding gzip age 0 x-cache MISS content-length 831 x-served-by cache-hhn4082-HHN access-control-allow-origin * last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id FDB4:11393:62BB78:6B38C5:630D8630 x-timer S1661830705.529184,VS0,VE99 etag W/"62bf10e6-73a" vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 varnish expires Tue, 30 Aug 2022 03:48:24 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0
GET H2	200	jquery.dataTables.min.js Show response ransomwhe.re/assets/js/	85 KB 30 KB	182ms 179ms	Script application/javascript	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ransomwhe.re/assets/js/jquery.dataTables.min.js Requested by Host: ransomwhe.re URL: https://ransomwhe.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash 56cd4fafefd322acdf1047e13620fb13586b8713ca2da55c4a7055e06fb54b41 Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id dd8bab76a082c1bac626c8e06f64567d644a481f date Tue, 30 Aug 2022 03:38:24 GMT content-encoding gzip age 0 x-cache MISS content-length 30040 x-served-by cache-hhn4082-HHN access-control-allow-origin * last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id 47A4:11394:C42ED8:CF5285:630D8630 x-timer S1661830705.529473,VS0,VE102 etag W/"62bf10e6-15215" vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 varnish expires Tue, 30 Aug 2022 03:48:24 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0
GET H2	200	breakpoints.min.js Show response ransomwhe.re/assets/js/	2 KB 967 B	186ms 184ms	Script application/javascript	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ransomwhe.re/assets/js/breakpoints.min.js Requested by Host: ransomwhe.re URL: https://ransomwhe.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash 6986954512ea7fc9ea45934177dfc8aca9ed69dd08976114b0eb39a3e58d201d Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id c007584373f20939d724db1d070c821cc1718c12 date Tue, 30 Aug 2022 03:38:24 GMT content-encoding gzip age 0 x-cache MISS content-length 826 x-served-by cache-hhn4082-HHN access-control-allow-origin * last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id B608:6873:DD7C07:E960AD:630D8630 x-timer S1661830705.529445,VS0,VE103 etag W/"62bf10e6-986" vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 varnish expires Tue, 30 Aug 2022 03:48:24 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0
GET H2	200	util.js Show response ransomwhe.re/assets/js/	12 KB 3 KB	187ms 185ms	Script application/javascript	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ransomwhe.re/assets/js/util.js Requested by Host: ransomwhe.re URL: https://ransomwhe.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash 9ce94499accd12cb59d80e7a72ea08d5cb12802c021364645de5e3651254a8d9 Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id 455ec3b3b67c6aad9fc4b6305157b36167706b44 date Tue, 30 Aug 2022 03:38:24 GMT content-encoding gzip age 0 x-cache MISS content-length 3279 x-served-by cache-hhn4082-HHN access-control-allow-origin * last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id C458:54D6:BF95D3:CED9B0:630D8630 x-timer S1661830705.529432,VS0,VE103 etag W/"62bf10e6-3085" vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 varnish expires Tue, 30 Aug 2022 03:48:24 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0
GET H2	200	common.js Show response ransomwhe.re/assets/js/	5 KB 2 KB	142ms 140ms	Script application/javascript	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ransomwhe.re/assets/js/common.js Requested by Host: ransomwhe.re URL: https://ransomwhe.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash b8fd1585fb472698b1e3e26d693577a412b80ffba0b5d777310441e40ecce4bf Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id 2ca00ef1ecf8c113299df2bb41442685c67c7eb8 date Tue, 30 Aug 2022 03:38:24 GMT content-encoding gzip age 0 x-cache MISS content-length 1936 x-served-by cache-hhn4082-HHN access-control-allow-origin * last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id 2344:11513:18062D7:19426FC:630D8630 x-timer S1661830705.529412,VS0,VE99 etag W/"62bf10e6-15d1" vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 varnish expires Tue, 30 Aug 2022 03:48:24 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0
GET H2	200	main.js Show response ransomwhe.re/assets/js/	21 KB 8 KB	176ms 174ms	Script application/javascript	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ransomwhe.re/assets/js/main.js Requested by Host: ransomwhe.re URL: https://ransomwhe.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash 4205b93cb46ca3284a30e8d2e7b30142b7f35f797c8a4e0ce06ceb0c36875a9d Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id 5b25aa90594debeb77c407838a29c3013a5fe928 date Tue, 30 Aug 2022 03:38:24 GMT content-encoding gzip age 0 x-cache MISS content-length 7883 x-served-by cache-hhn4082-HHN access-control-allow-origin * last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id B3CA:6871:253B32:2C5DD1:630D8630 x-timer S1661830705.529576,VS0,VE100 etag W/"62bf10e6-5205" vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 varnish expires Tue, 30 Aug 2022 03:48:24 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0
GET H2	200	js Show response www.googletagmanager.com/gtag/	173 KB 64 KB	145ms 57ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-Z6Q48EM6ZN Requested by Host: ransomwhe.re URL: https://ransomwhe.re/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash aea0950959ec336b3ac96c99216a84b2a23e01776d1a480d7b6fbec0494ecfd9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Tue, 30 Aug 2022 03:38:24 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 65084 x-xss-protection 0 expires Tue, 30 Aug 2022 03:38:24 GMT
GET H2	200	fontawesome-all.min.css ransomwhe.re/assets/css/	55 KB 12 KB	136ms 131ms	Stylesheet text/css	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ransomwhe.re/assets/css/fontawesome-all.min.css Requested by Host: ransomwhe.re URL: https://ransomwhe.re/assets/css/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542 Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/assets/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id fa4390aac10e0b75b2b7ee006bf5cbaff2faea7e date Tue, 30 Aug 2022 03:38:24 GMT content-encoding gzip age 0 x-cache MISS content-length 12229 x-served-by cache-hhn4082-HHN access-control-allow-origin * last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id BF16:6873:DD7C09:E960B1:630D8630 x-timer S1661830705.631486,VS0,VE94 etag W/"62bf10e6-da9f" vary Accept-Encoding content-type text/css; charset=utf-8 via 1.1 varnish expires Tue, 30 Aug 2022 03:48:24 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0
GET H2	200	css fonts.googleapis.com/	6 KB 1 KB	143ms 50ms	Stylesheet text/css	2a00:1450:400e:80c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,700,900 Requested by Host: ransomwhe.re URL: https://ransomwhe.re/assets/css/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bc941d20654812160c66492f2a7cac85f3487babcd8eaad4567e2ef0e3a6630a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 30 Aug 2022 03:38:24 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 30 Aug 2022 03:38:24 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 30 Aug 2022 03:38:24 GMT
GET DATA	200 OK	truncated /	299 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 497196d98c40c790229b47772f3580654f59838f964213e4fc64a971c53bf974 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	299 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ba6f8d44c83135afec89fe41dbdaa5d3602ddcaad920bcf6d9785c627c36a306 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	440 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b63c9d66f87139f9328a027dc867f9c9129be286d7401500d2d59897c4c66f8c Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v21/	12 KB 13 KB	134ms 37ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,700,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 080e18a8c761c3d30b7ec08aa65f87109a0228367eafd0a12fcefda58d10e8ad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ransomwhe.re accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sun, 28 Aug 2022 12:08:09 GMT x-content-type-options nosniff age 142215 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12408 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:54:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Mon, 28 Aug 2023 12:08:09 GMT
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v21/	13 KB 13 KB	142ms 45ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,700,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ransomwhe.re accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Wed, 24 Aug 2022 19:25:00 GMT x-content-type-options nosniff age 461604 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12924 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:02:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 24 Aug 2023 19:25:00 GMT
GET H2	200	6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2 fonts.gstatic.com/s/sourcesanspro/v21/	13 KB 13 KB	169ms 73ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,700,900 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ransomwhe.re accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Wed, 24 Aug 2022 19:24:52 GMT x-content-type-options nosniff age 461612 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12956 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:54:52 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 24 Aug 2023 19:24:52 GMT
GET H2	200	fa-brands-400.woff2 ransomwhe.re/assets/webfonts/	73 KB 73 KB	138ms 137ms	Font font/woff2	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ransomwhe.re/assets/webfonts/fa-brands-400.woff2 Requested by Host: ransomwhe.re URL: https://ransomwhe.re/assets/css/fontawesome-all.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash 1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473 Request headers Referer https://ransomwhe.re/assets/css/fontawesome-all.min.css Origin https://ransomwhe.re accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id 6c1ef0461c37859fbc9a0f795d5a6aa8be5e3342 date Tue, 30 Aug 2022 03:38:24 GMT via 1.1 varnish age 0 x-cache MISS content-length 74508 x-served-by cache-hhn4082-HHN last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id 12EC:3865:1A1F050:1B72F9D:630D8630 x-timer S1661830705.780823,VS0,VE100 etag "62bf10e6-1230c" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * expires Tue, 30 Aug 2022 03:48:24 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0
GET H2	200	fa-solid-900.woff2 ransomwhe.re/assets/webfonts/	74 KB 74 KB	143ms 143ms	Font font/woff2	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Full URL https://ransomwhe.re/assets/webfonts/fa-solid-900.woff2 Requested by Host: ransomwhe.re URL: https://ransomwhe.re/assets/css/fontawesome-all.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0 Request headers Referer https://ransomwhe.re/assets/css/fontawesome-all.min.css Origin https://ransomwhe.re accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id 23a5de8f2b491a50e7cdc88adb543d311e9063e4 date Tue, 30 Aug 2022 03:38:24 GMT via 1.1 varnish age 0 x-cache MISS content-length 75440 x-served-by cache-hhn4082-HHN last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id 732E:8B0F:36B03:3E4A0:630D8630 x-timer S1661830705.780911,VS0,VE104 etag "62bf10e6-126b0" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * expires Tue, 30 Aug 2022 03:48:24 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0
OPTIONS H2	200	list api.ransomwhe.re/	0 0	563ms 350ms	Preflight application/json	2600:9000:2113:1800:e:40bf:fe40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.ransomwhe.re/list?range=alltime Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2113:1800:e:40bf:fe40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers cache-control,content-type Access-Control-Request-Method GET Origin https://ransomwhe.re Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent,Cache-Control access-control-allow-methods OPTIONS,GET access-control-allow-origin * access-control-max-age 600 cache-control public, max-age=600 content-length 0 content-type application/json date Tue, 30 Aug 2022 03:38:25 GMT via 1.1 255fdeccb3b4cfc8b4786df303af4858.cloudfront.net (CloudFront), 1.1 c910b8c55aaa61323d46558eaf519fe4.cloudfront.net (CloudFront) x-amz-apigw-id XqHnwGc1oAMFfDA= x-amz-cf-id CPTQoESIMaUmSC13Whk3Lmc4vJeXQdt4NmRZGMQVYdIWvx3mFRbmmQ== x-amz-cf-pop LHR61-P1 CDG3-C1 x-amzn-requestid 9b5acf52-eae8-4308-92c2-191221e5f1f5 x-cache Miss from cloudfront
OPTIONS H2	200	reports api.ransomwhe.re/	0 0	521ms 310ms	Preflight application/json	2600:9000:2113:1800:e:40bf:fe40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.ransomwhe.re/reports Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2113:1800:e:40bf:fe40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://ransomwhe.re Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers access-control-allow-headers Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent access-control-allow-methods OPTIONS,POST access-control-allow-origin https://ransomwhe.re content-length 1 content-type application/json date Tue, 30 Aug 2022 03:38:25 GMT via 1.1 d4ae29ce8264e419547c36ebbfbca8ea.cloudfront.net (CloudFront), 1.1 c910b8c55aaa61323d46558eaf519fe4.cloudfront.net (CloudFront) x-amz-apigw-id XqHnvFhaoAMFcYQ= x-amz-cf-id G93AdxfsQYRtDSP5IZ9TZ8u4bdUh8QD5qpnJM8maYBM9aOhTR3JcTg== x-amz-cf-pop LHR61-P1 CDG3-C1 x-amzn-requestid 4d459645-7502-4eeb-b271-9b4457a3f9e1 x-cache Miss from cloudfront
GET H2	200	list Show response api.ransomwhe.re/	404 B 889 B	2162ms 2161ms	XHR application/json	2600:9000:2113:1800:e:40bf:fe40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.ransomwhe.re/list?range=alltime Requested by Host: ransomwhe.re URL: https://ransomwhe.re/assets/js/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2113:1800:e:40bf:fe40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 4fa4143307eb8c533a23a354003ed6135c3566457020af85eee214b21fbf82a0 Request headers Accept application/json, text/javascript, */*; q=0.01 Cache-Control public, max-age=600 Referer https://ransomwhe.re/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/json Response headers date Tue, 30 Aug 2022 03:38:27 GMT via 1.1 d4ae29ce8264e419547c36ebbfbca8ea.cloudfront.net (CloudFront), 1.1 c910b8c55aaa61323d46558eaf519fe4.cloudfront.net (CloudFront) x-amz-cf-pop LHR61-P1, CDG3-C1 x-amzn-requestid 19f9b4db-6b8b-4260-8554-6ec03e8bace8 x-cache Miss from cloudfront content-type application/json access-control-allow-origin * x-amzn-trace-id Root=1-630d8631-75ba7e655ee5a11768c4fdf0;Sampled=0 access-control-allow-headers * access-control-allow-credentials true x-amz-apigw-id XqHnzFMtoAMF8Sg= content-length 404 x-amz-cf-id 9uOSnmmiYsdgZmXakWoSS_SUBuEzXxbbyjhK-nvf14iryjrjH6Owng==
POST H2	200	reports Show response api.ransomwhe.re/	325 KB 326 KB	798ms 798ms	XHR application/json	2600:9000:2113:1800:e:40bf:fe40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.ransomwhe.re/reports Requested by Host: ransomwhe.re URL: https://ransomwhe.re/assets/js/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2113:1800:e:40bf:fe40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash c01e2876cbc9deac5bf3395d58fc929a1b92efe3631a4c2be8eb5fdeb679e5fd Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://ransomwhe.re/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Content-Type application/json Response headers date Tue, 30 Aug 2022 03:38:26 GMT via 1.1 55429e7ef2adea879b483fc335a60902.cloudfront.net (CloudFront), 1.1 c910b8c55aaa61323d46558eaf519fe4.cloudfront.net (CloudFront) x-amz-cf-pop CDG3-C2, CDG3-C1 x-amzn-requestid 3601dde5-75e4-4e33-b726-c74be0280150 x-cache Miss from cloudfront content-type application/json access-control-allow-origin * x-amzn-trace-id Root=1-630d8631-6e1ecfb114440e537e95a8ec;Sampled=0 access-control-allow-credentials true x-amz-apigw-id XqHnzG2AoAMFsow= content-length 332973 x-amz-cf-id OyTzaDY4xARe3ZOA2frBbt_lCTGQKIQjsWb9Prtu-eEHUrETtP-G9w==
GET DATA	200 OK	truncated /	259 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f01f95d87288d59880526020b71e327688e959dd744f5bf45cb088176d981a21 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
GET DATA	200 OK	truncated /	259 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9f32614dc4a6bd89cfc03e184a93ac012f166527acd40feccc00f459158bae99 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf8
POST H2	204	collect region1.google-analytics.com/g/	0 336 B	129ms 45ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-Z6Q48EM6ZN&gtm=2oe8t0&_p=570973973&cid=1498173167.1661830705&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661830704&sct=1&seg=0&dl=https%3A%2F%2Fransomwhe.re%2F&dt=Ransomwhere&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-Z6Q48EM6ZN Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers pragma no-cache date Tue, 30 Aug 2022 03:38:25 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ransomwhe.re cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	sort_both.png ransomwhe.re/assets/images/	201 B 393 B	132ms 131ms	Image image/png	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://ransomwhe.re/assets/images/sort_both.png Requested by Host: ransomwhe.re URL: https://ransomwhe.re/assets/css/jquery.dataTables.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash 3e016c23ae51417382b640ae2d19eb48047532c37ad53894bd185586559ccffb Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/assets/css/jquery.dataTables.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id 23acde8b91e62542185b909d1f71d510fe42ac39 date Tue, 30 Aug 2022 03:38:27 GMT via 1.1 varnish age 0 x-cache MISS content-length 201 x-served-by cache-hhn4082-HHN last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id 2B04:94F6:E46B3E:F077CE:630D8633 x-timer S1661830708.554006,VS0,VE95 etag "62bf10e6-c9" vary Accept-Encoding content-type image/png access-control-allow-origin * expires Tue, 30 Aug 2022 03:48:27 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0
GET H2	200	sort_desc.png ransomwhe.re/assets/images/	158 B 430 B	135ms 135ms	Image image/png	185.199.108.153 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://ransomwhe.re/assets/images/sort_desc.png Requested by Host: ransomwhe.re URL: https://ransomwhe.re/assets/css/jquery.dataTables.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.199.108.153 , United States, ASN54113 (FASTLY, US), Reverse DNS cdn-185-199-108-153.github.com Software GitHub.com / Resource Hash d08ed0e21f187dd309030d465224da8085119a15a17d616ba0e477bb50c6f10d Request headers accept-language de-DE,de;q=0.9 Referer https://ransomwhe.re/assets/css/jquery.dataTables.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-fastly-request-id 1b0934863b8926f5025b4e16333d51cc45cc013d date Tue, 30 Aug 2022 03:38:27 GMT via 1.1 varnish age 0 x-cache MISS content-length 158 x-served-by cache-hhn4082-HHN last-modified Fri, 01 Jul 2022 15:21:10 GMT server GitHub.com x-github-request-id C604:8060:2FB885:38A26F:630D8633 x-timer S1661830708.565000,VS0,VE98 etag "62bf10e6-9e" vary Accept-Encoding content-type image/png access-control-allow-origin * expires Tue, 30 Aug 2022 03:48:27 GMT cache-control max-age=600 accept-ranges bytes x-origin-cache HIT x-proxy-cache MISS x-cache-hits 0

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| countUp function| $ function| jQuery function| Chart object| browser object| $jscomp function| $jscomp$lookupPolyfilledValue function| breakpoints string| API_URL function| apiRequest function| getReports number| ransomTotal boolean| dollarDisplay object| numAnim function| toggleDollar function| submitReport function| sendReportRequest function| getBalances function| updateTransactions function| plotTransactions function| plotBalances function| downloadFile function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| gaGlobal object| columns

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ransomwhe.re/	1970-01-20 15:13:10	Name: _ga_Z6Q48EM6ZN Value: GS1.1.1661830704.1.0.1661830704.0.0.0
			.ransomwhe.re/	1970-01-20 15:13:10	Name: _ga Value: GA1.1.1498173167.1661830705

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ransomwhe.re
fonts.googleapis.com
fonts.gstatic.com
ransomwhe.re
region1.google-analytics.com
www.googletagmanager.com
185.199.108.153
2001:4860:4802:34::36
2600:9000:2113:1800:e:40bf:fe40:93a1
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2008
2a00:1450:400e:80c::200a
080e18a8c761c3d30b7ec08aa65f87109a0228367eafd0a12fcefda58d10e8ad
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
122854df4f39cf922db317714c2ff0eccab27a1028c14a5aa2211f48b7e0eade
1d2c1bf62dc7c3c2b265783cb5e9268dc087a1ff611374d9e6035c53f05f80db
1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
3a201d16f31814fe5a46afad718ab02fa6cf02f448796af6a92817ade0d1ef19
3e016c23ae51417382b640ae2d19eb48047532c37ad53894bd185586559ccffb
4205b93cb46ca3284a30e8d2e7b30142b7f35f797c8a4e0ce06ceb0c36875a9d
497196d98c40c790229b47772f3580654f59838f964213e4fc64a971c53bf974
4a88ccf7a635e9a04c918ba4a855076e47df820aedf59805aa0a6e8c6428320a
4fa4143307eb8c533a23a354003ed6135c3566457020af85eee214b21fbf82a0
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
56cd4fafefd322acdf1047e13620fb13586b8713ca2da55c4a7055e06fb54b41
63572a849a602527e0deeca58b30c53e3d43f07be21b4ba24b30832062da875c
6986954512ea7fc9ea45934177dfc8aca9ed69dd08976114b0eb39a3e58d201d
6e9f372e7e04d20a4743cd7ebc152701f72ca7dd586324be84cc9c17157c2907
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
749d3be5eb3d7df5b4287423cad2bc05016e7630fa1f41b4c1a5fb12b20f3d99
939da648265abd0108d8f70346ea8795ba027e1b2079ba114bea71054a16adc1
9ce94499accd12cb59d80e7a72ea08d5cb12802c021364645de5e3651254a8d9
9f32614dc4a6bd89cfc03e184a93ac012f166527acd40feccc00f459158bae99
aa8374f27597b051fe4bd0ad22af7d7b9cb36078a8447b4d07db76ab2d4c4a67
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29
aea0950959ec336b3ac96c99216a84b2a23e01776d1a480d7b6fbec0494ecfd9
b4ab4e65ec55a34c76aaa73c333d009ebfbafbb0be230dc170496a3cf3383007
b63c9d66f87139f9328a027dc867f9c9129be286d7401500d2d59897c4c66f8c
b8fd1585fb472698b1e3e26d693577a412b80ffba0b5d777310441e40ecce4bf
ba6f8d44c83135afec89fe41dbdaa5d3602ddcaad920bcf6d9785c627c36a306
bc941d20654812160c66492f2a7cac85f3487babcd8eaad4567e2ef0e3a6630a
c01e2876cbc9deac5bf3395d58fc929a1b92efe3631a4c2be8eb5fdeb679e5fd
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
cdce5ac5a6cb96f9ed35fa6372f4f54e07d2ffc6f77b2f4e67a8043f0db86050
d08ed0e21f187dd309030d465224da8085119a15a17d616ba0e477bb50c6f10d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8571e43be27932e83b755c32bbbbb761693f9cb33ff02a5a10d00f29637068c
ea40cf39ecf672754e0dbfbec0cb69306b7d46574352713f9a2132f34c80bfb8
f01f95d87288d59880526020b71e327688e959dd744f5bf45cb088176d981a21