ransomware.pl Open in urlscan Pro
167.235.242.21 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ransomware.pl/
Effective URL:
https://ransomware.pl/
Submission: On June 27 via manual (June 27th 2023, 4:21:00 pm UTC) from PL — Scanned from PL

Summary HTTP 184 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 184 HTTP transactions. The main IP is 167.235.242.21, located in Germany and belongs to HETZNER-AS, DE. The main domain is ransomware.pl.
TLS certificate: Issued by R3 on May 21st 2023. Valid for: 3 months.

This is the only time ransomware.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 159	167.235.242.21 167.235.242.21	24940 (HETZNER-AS) (HETZNER-AS)
2	142.250.186.74 142.250.186.74	15169 (GOOGLE) (GOOGLE)
10	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
2	142.250.181.238 142.250.181.238	15169 (GOOGLE) (GOOGLE)
5	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
3	20.79.102.66 20.79.102.66	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
1	142.250.74.200 142.250.74.200	15169 (GOOGLE) (GOOGLE)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
184	9

159 167.235.242.21 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: payload.pl

ransomware.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.79.102.66 (Frankfurt am Main, Germany)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

payload.containers.piwik.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
payload.piwik.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.200 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
159	ransomware.pl 1 redirects ransomware.pl	2 MB
10	gstatic.com fonts.gstatic.com	191 KB
3	piwik.pro payload.containers.piwik.pro payload.piwik.pro	82 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	90 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63 region1.google-analytics.com — Cisco Umbrella Rank: 1623	21 KB
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 660	135 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	18 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	3 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	77 KB
184	9

	Domain	Requested by
159	ransomware.pl	1 redirects ransomware.pl
10	fonts.gstatic.com	fonts.googleapis.com
3	connect.facebook.net	ransomware.pl connect.facebook.net
2	static.xx.fbcdn.net	www.facebook.com
2	www.facebook.com	ransomware.pl connect.facebook.net
2	payload.containers.piwik.pro	ransomware.pl
2	www.google-analytics.com	ransomware.pl www.google-analytics.com
2	fonts.googleapis.com	ransomware.pl
1	region1.google-analytics.com	www.googletagmanager.com
1	payload.piwik.pro	payload.containers.piwik.pro
1	www.googletagmanager.com	www.google-analytics.com
184	11

This site contains links to these domains. Also see Links.

Domain
www.facebook.com

Subject Issuer	Validity	Valid
ransomware.pl R3	`2023-05-21` - `2023-08-19`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-07` - `2023-07-06`	3 months	crt.sh
*.containers.piwik.pro GlobeSSL DV CA	`2022-08-25` - `2023-09-08`	a year	crt.sh
*.piwik.pro GlobeSSL DV CA	`2023-01-04` - `2024-01-29`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://ransomware.pl/
Frame ID: BF0E695CC72CFE8EEE36013F0DC61EE1
Requests: 181 HTTP requests in this frame

Frame: https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2683fb5a433ac8%26domain%3Dransomware.pl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fransomware.pl%252Ffd10d7fd255578%26relation%3Dparent.parent&container_width=237&href=https%3A%2F%2Fransomware.pl%2F&layout=button_count&locale=pl_PL&sdk=joey&share=true&show_faces=false&size=small
Frame ID: 4CC6AA32E88340209804036DBC3D8044
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ransomware.pl - Polish Data Recovery Center

Page URL History Show full URLs

http://ransomware.pl/ HTTP 301
https://ransomware.pl/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

prettyPhoto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery\.prettyPhoto\.js

Page Statistics

184
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

9
IPs

2
Countries

3146 kB
Transfer

5923 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Ransomware-420988032065379

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ransomware.pl/ HTTP 301
https://ransomware.pl/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

184 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
ransomware.pl/
Redirect Chain

http://ransomware.pl/
https://ransomware.pl/

109 KB
11 KB

233ms
112ms

Document
text/html

167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5d9948871b14b1b87abdb4b7f1fb40815f3dd6b0da8fe1049473cb4b413e3010

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 10595
Content-Type: text/html; charset=UTF-8
Date: Tue, 27 Jun 2023 16:20:54 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Tue, 27 Jun 2023 16:20:53 GMT
Location: https://ransomware.pl/
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK style.css
ransomware.pl/css/ 123 KB
17 KB 69ms
69ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/css/style.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9f2346b992a9bf57ac45a54bacf914941d89b68daeccb9deace09bd02411d0cd

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Jul 2019 13:13:24 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "1ebce-58d1717ae5a15-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16822

GET
H/1.1 200
OK responsive.css
ransomware.pl/css/ 25 KB
3 KB 134ms
64ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/css/responsive.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 990cb2cd5d06444fe18e91d06b54c8578f29ab2187e77fb76496cf76a64010f8

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 22 Jan 2017 03:57:46 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "63c6-546a6e2bb6280-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3223

GET
H/1.1 200
OK logo-pl.png
ransomware.pl/images/custom/ 34 KB
34 KB 125ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/custom/logo-pl.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: eb0eac11d4469d53fd027bd46e1542956964072d29b0014009a89a78c4fbb312

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Last-Modified: Sat, 29 Jun 2019 18:56:24 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "880b-58c7af394b209"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34827

GET
H/1.1 200
OK slide-1.png
ransomware.pl/images/custom/ 65 KB
65 KB 65ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/custom/slide-1.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d81f13cc878d1c9d97f8c69dc5aadd1e54fb77897a32e1dba8f3154b1f4e6047

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Last-Modified: Sat, 29 Jun 2019 21:01:00 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "10311-58c7cb13b05d9"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66321

GET
H/1.1 200
OK slide-2.png
ransomware.pl/images/custom/ 36 KB
36 KB 65ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/custom/slide-2.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 042f7b4e2b5d289f0c2c4dd00c773e846c021ca7806883cca35a3f73070797b0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Last-Modified: Sat, 29 Jun 2019 21:01:00 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "8fc6-58c7cb13c2ebd"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36806

GET
H/1.1 200
OK eurofins.jpg
ransomware.pl/images/paid/ 11 KB
11 KB 58ms
57ms Image
image/jpeg 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/paid/eurofins.jpg
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 099b5a32356628a6fe89ec6839b8ce2e2fdbd828c3b8e017448880c44fba25af

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Wed, 10 Jul 2019 11:59:12 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "2a18-58d5267d4c223"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10776

GET
H/1.1 200
OK lakecity.jpg
ransomware.pl/images/paid/ 19 KB
19 KB 57ms
57ms Image
image/jpeg 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/paid/lakecity.jpg
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0622a340d9ce5483d12655dc8b9e0a04e708339704173db3f5adbe679ea302ba

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Wed, 10 Jul 2019 11:59:01 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "4c1d-58d5267318ab8"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19485

GET
H/1.1 200
OK riviera.jpg
ransomware.pl/images/paid/ 20 KB
20 KB 58ms
58ms Image
image/jpeg 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/paid/riviera.jpg
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 297f10b415968f32ba96155e689b02d5a969ea0a2c11fc3323906eea32f559da

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Wed, 10 Jul 2019 11:58:36 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "4e2f-58d5265b7ca75"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20015

GET
H/1.1 200
OK baltimore.jpg
ransomware.pl/images/paid/ 12 KB
12 KB 60ms
59ms Image
image/jpeg 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/paid/baltimore.jpg
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 76ebd45640122ea81ec039c615a7a214a6e140ee26534231125518c87ddcf81e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Wed, 10 Jul 2019 12:09:01 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "309d-58d528af86393"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12445

GET
H/1.1 200
OK seneca.jpg
ransomware.pl/images/paid/ 13 KB
13 KB 60ms
60ms Image
image/jpeg 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/paid/seneca.jpg
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d5354ecc4e4e73ad1e939d16f92e5db7b110f9dac18314d78ca5b47fb461d825

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Wed, 10 Jul 2019 12:09:47 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "3353-58d528daa9c0b"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13139

GET
H/1.1 200
OK atlanta.jpg
ransomware.pl/images/paid/ 12 KB
12 KB 59ms
59ms Image
image/jpeg 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/paid/atlanta.jpg
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9b34f57820a9c50ab5139983581c60d7382a6754d2e407a951acb090556c992d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Wed, 10 Jul 2019 12:09:17 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "2f9c-58d528bdf070f"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12188

GET
H/1.1 200
OK mini-badrabbit.png
ransomware.pl/images/screens/ 14 KB
15 KB 59ms
59ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-badrabbit.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9d50ff9eb95bff0004a8a26fe25e9681671b3356b5a9a0bf1b6f0d6eae0d1d12

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Sun, 30 Jun 2019 11:05:29 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "39bc-58c887d520c50"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14780

GET
H/1.1 200
OK mini-borontok.png
ransomware.pl/images/screens/ 12 KB
12 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-borontok.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: eed02cba44c41a3cc05f567d4ac609dbaa9877c92b5ad0ca76eb4c17bf9ebb4a

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 08 Jul 2019 18:09:21 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "304c-58d2f57e2efdd"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12364

GET
H/1.1 200
OK mini-brotherhood.png
ransomware.pl/images/screens/ 17 KB
18 KB 61ms
61ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-brotherhood.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 744835aa963019d01ae30880ab933c594fcdfc586c1e568bbec95be8afeda0b9

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Sun, 07 Jul 2019 22:08:13 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "457c-58d1e904e020a"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17788

GET
H/1.1 200
OK mini-ctb-locker.png
ransomware.pl/images/screens/ 17 KB
18 KB 61ms
61ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-ctb-locker.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d7d4334b43cb324c2c19f523bdb74a1ff2e7b828b669a76b71e97d81a606f78e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 11:22:40 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "45ab-58c9cd8a2e0fc"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17835

GET
H/1.1 200
OK mini-cerber.png
ransomware.pl/images/screens/ 32 KB
33 KB 59ms
59ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-cerber.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4d9639da0330ff7b0b52f87df53cba3b1f593c54365667f187668bb7b2bc305e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 13:39:05 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "8152-58c9ec0768e02"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33106

GET
H/1.1 200
OK mini-cerber-decryptor.png
ransomware.pl/images/screens/ 20 KB
20 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-cerber-decryptor.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 22e59e77c6ffb9606d52ad5d9c1c204b482c7fa6ee9f86c7b0d24ec16585e7d6

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Sun, 07 Jul 2019 22:32:31 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "4e11-58d1ee738faa9"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19985

GET
H/1.1 200
OK mini-china-yunlong.png
ransomware.pl/images/screens/ 11 KB
11 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-china-yunlong.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 606b1eb6cc280faaae1422856955112606541562380ab9a40f5121e2611be891

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Sun, 07 Jul 2019 22:38:35 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "2bac-58d1efcf2b066"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11180

GET
H/1.1 200
OK mini-coinvault.png
ransomware.pl/images/screens/ 14 KB
15 KB 60ms
59ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-coinvault.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8950f2c49603c83bdac275a679e06e9f8938bc564198bb39c195014033bf4e94

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 13:33:40 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "3952-58c9ead1532c1"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14674

GET
H/1.1 200
OK mini-crazycrypt.png
ransomware.pl/images/screens/ 17 KB
17 KB 60ms
59ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-crazycrypt.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e399d8b739951201899777df0fcca4624f3cd19406e488e172b691908f675d31

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 08 Jul 2019 18:11:03 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "42e9-58d2f5e0576e2"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17129

GET
H/1.1 200
OK mini-crypt.locker.png
ransomware.pl/images/screens/ 28 KB
28 KB 59ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-crypt.locker.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 46a281a1408249d6cfd6f5e2bd7db6ba8c45e74b51c15d8a2a68d02a4df7f82c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 18:45:53 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "70cb-58ca309af1fde"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28875

GET
H/1.1 200
OK mini-cryptxxx.png
ransomware.pl/images/screens/ 19 KB
19 KB 60ms
60ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-cryptxxx.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a14b46fef9dccd7dd3b6c8e6a7e19e32438d474713e8ef8927629e30b4142ace

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 19:21:39 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "4a57-58ca3899e4789"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19031

GET
H/1.1 200
OK mini-cryptxxx-ultradecrypter.png
ransomware.pl/images/screens/ 7 KB
7 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-cryptxxx-ultradecrypter.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9e53fa51c6b430f0da9bc997d73f64584b56e7e0a3ac0b4eac1202ce3ec6bfc5

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 19:18:43 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "1a15-58ca37f176f6c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6677

GET
H/1.1 200
OK mini-cryptodefense.png
ransomware.pl/images/screens/ 22 KB
22 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-cryptodefense.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: df136d6462968b36a84f1e44b06e037a2a165f3f5655fcee92afb2a7f6ae98e3

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 11:01:25 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5771-58c9c8ca3c1ad"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22385

GET
H/1.1 200
OK mini-cryptofortress.png
ransomware.pl/images/screens/ 10 KB
11 KB 59ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-cryptofortress.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e4c4639f7bbe20142c85f7103efa90c90155fc0bc98dea12a115d903c38ecff7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Sun, 07 Jul 2019 22:47:26 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "291d-58d1f1c99ad78"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10525

GET
H/1.1 200
OK mini-cryptogod.png
ransomware.pl/images/screens/ 12 KB
12 KB 63ms
63ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-cryptogod.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c52f94386e6fb8ce56d01340f475727ebaa99bbda6b1c5225957c77b2fd86bed

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Sun, 07 Jul 2019 22:05:24 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "2f5f-58d1e863e7b09"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12127

GET
H/1.1 200
OK mini-cryptopokemon.png
ransomware.pl/images/screens/ 9 KB
9 KB 64ms
63ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-cryptopokemon.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7e09ecd62324b18146ce23420fca5a5ac27cd88d0f843ae975243e93d58637e5

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 08 Jul 2019 18:34:57 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "241b-58d2fb37ccdb9"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9243

GET
H/1.1 200
OK mini-cryptohost.png
ransomware.pl/images/screens/ 22 KB
22 KB 60ms
59ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-cryptohost.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b464b1036ed3304bbc037ab8c5990d59061ff934967e58f5fecb98998238f50a

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 10:54:27 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "57e4-58c9c73b2df95"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22500

GET
H/1.1 200
OK mini-cryptolocker.png
ransomware.pl/images/screens/ 12 KB
12 KB 58ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-cryptolocker.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f5e40bf5eb84cf9793e143cca1296d343a2f08463074c7ba621e48cc435910e3

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Tue, 02 Jul 2019 20:38:53 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "2f82-58cb8bb9e6f12"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12162

GET
H/1.1 200
OK mini-cryptolocker-2013.png
ransomware.pl/images/screens/ 9 KB
9 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-cryptolocker-2013.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: bbeff172da178352b52b17bf4d275db6a08f1cd0b07040a9bbecf9d0d9a828d7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Tue, 02 Jul 2019 19:30:31 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "23c3-58cb7c728126e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9155

GET
H/1.1 200
OK mini-cryptolocker-2014.png
ransomware.pl/images/screens/ 16 KB
16 KB 61ms
61ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-cryptolocker-2014.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 067f90c698566d0d3c7d828a8d90f7236a109ae011f6efafe76b92ab02050d89

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Tue, 02 Jul 2019 20:30:53 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "40d9-58cb89f0335bd"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16601

GET
H/1.1 200
OK mini-cryptolocker-2015.png
ransomware.pl/images/screens/ 11 KB
12 KB 59ms
59ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-cryptolocker-2015.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b577d7465c784e6fbd140306a8fe1aab4b1fcd64db72792f2917b288f7201e2c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Tue, 02 Jul 2019 19:32:15 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "2dbf-58cb7cd4faa9f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11711

GET
H/1.1 200
OK mini-cryptolocker-2016.png
ransomware.pl/images/screens/ 16 KB
17 KB 58ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-cryptolocker-2016.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c770b5c9a93803b76179f741d98ded894b826d3cec688b57e312e62f45f8bf15

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Tue, 02 Jul 2019 19:27:57 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "4165-58cb7bdef0ad3"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16741

GET
H/1.1 200
OK mini-crysis-india.png
ransomware.pl/images/screens/ 22 KB
22 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-crysis-india.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a6f9990dbc0f0cb595fddf47ef359eb3299fe1c5256fd85a9ddcfb9054de8e7b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 16:00:59 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5804-58ca0bbf378d7"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22532

GET
H/1.1 200
OK mini-d2-d.png
ransomware.pl/images/screens/ 12 KB
12 KB 63ms
63ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-d2-d.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 272bfa13f9302434e4791cd822429f7a93278a2897817732aeaf2a2a3f64ba72

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 18:36:55 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "2fc2-58ca2e99a644e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12226

GET
H/1.1 200
OK mini-dma-locker-4.png
ransomware.pl/images/screens/ 11 KB
11 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-dma-locker-4.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 85df19230dee5023ee0992b6ccfd192513cb4d9ccffa90ccfd6fe23c19085d18

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 14:40:25 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "2b08-58c9f9bcbf3f1"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11016

GET
H/1.1 200
OK mini-dma-locker-pl.png
ransomware.pl/images/screens/ 13 KB
13 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-dma-locker-pl.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c6f97e84f8cd9ac8c18ebd43f90decc8ce54c6bba747463f38256f8ab5ef6418

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 11:46:35 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "34b1-58c9d2e25361c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13489

GET
H/1.1 200
OK mini-dharma.png
ransomware.pl/images/screens/ 13 KB
14 KB 58ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-dharma.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 01ab066ac9e46d2cf6350f1cee4aab2fce81235c59595ce17d0bf6bf6d052bb2

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Sun, 30 Jun 2019 10:54:33 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "35d2-58c88563c06b5"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13778

GET
H/1.1 200
OK mini-dupa.png
ransomware.pl/images/screens/ 22 KB
22 KB 58ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-dupa.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2aeb19c0153eb1ece80060d8a72a2334c3525b37e1c49cd1b5fcdba07f5ea755

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Sun, 07 Jul 2019 22:02:26 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "57bd-58d1e7ba96672"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22461

GET
H/1.1 200
OK mini-fantom.png
ransomware.pl/images/screens/ 14 KB
14 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-fantom.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7a481217cb673a6b9c197e340bc6304728c430d5ee711271a6464b541e0e4483

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 10:59:12 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "38d2-58c9c84af0f1f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14546

GET
H/1.1 200
OK mini-fileslocker.png
ransomware.pl/images/screens/ 16 KB
16 KB 61ms
61ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-fileslocker.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: fa5cfd7e6844e92acad311257288780bf680e6ad61167ad7f90eb17a9f47dd27

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 19:33:19 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "3f0c-58ca3b34c3087"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16140

GET
H/1.1 200
OK mini-gandcrab5.png
ransomware.pl/images/screens/ 18 KB
19 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-gandcrab5.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ca89234b9b45dfaa22b430e0783f2a42b0e749c03053c7f69828cae157e1d08e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Sun, 07 Jul 2019 21:56:28 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "4964-58d1e66489721"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18788

GET
H/1.1 200
OK mini-globe.png
ransomware.pl/images/screens/ 13 KB
13 KB 59ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-globe.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f756ddc0418dc49ca245927cd8c577c3c304af79182efc65d5ecbf8e77a690ca

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 13:35:57 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "34ec-58c9eb53f21e8"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13548

GET
H/1.1 200
OK mini-globeimposter-clinton.png
ransomware.pl/images/screens/ 13 KB
13 KB 58ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-globeimposter-clinton.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c6bf82f42be4aebc51833686acae849881c4246e32b6ac0da024d97c02cdef4f

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Sun, 07 Jul 2019 21:58:47 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "33fb-58d1e6e98d62c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13307

GET
H/1.1 200
OK mini-globeimposter-igami.png
ransomware.pl/images/screens/ 20 KB
20 KB 58ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-globeimposter-igami.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9612a964003c294bc9e9909ee31eebc0344ddbfbc09420e376a1235f06702696

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 08 Jul 2019 07:34:07 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "4ee2-58d26781f4360"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20194

GET
H/1.1 200
OK mini-globeimposter-parnassus.png
ransomware.pl/images/screens/ 9 KB
9 KB 58ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-globeimposter-parnassus.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 57ee79a075988022dbba194641b8ac15c9fdd7ca903fbdec2393426b782dd03a

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 08 Jul 2019 18:43:29 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "22b6-58d2fd1fb7292"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8886

GET
H/1.1 200
OK mini-globeimposter2.png
ransomware.pl/images/screens/ 15 KB
15 KB 61ms
61ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-globeimposter2.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f6ad13c5998b9c35694384d3b8a11b680a6f645e59fab0d9d704a1ec95795736

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Sun, 07 Jul 2019 22:17:54 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "3c2f-58d1eb2fc89cb"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15407

GET
H/1.1 200
OK mini-gollum.png
ransomware.pl/images/screens/ 13 KB
13 KB 58ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-gollum.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5039f3a6e9dc5769a5a549d8cb447deaf41b1996845d801d4061b98dbe2182b7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Sun, 07 Jul 2019 22:19:44 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "33b1-58d1eb9869565"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13233

GET
H/1.1 200
OK mini-hydracrypt.png
ransomware.pl/images/screens/ 14 KB
14 KB 58ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-hydracrypt.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 60db219ea6b7b1dc8c88ecd200903275cc80ceaaf90a779cbe3c48ee15132226

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Sun, 30 Jun 2019 10:41:34 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "3739-58c8827ccbab9"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14137

GET
H/1.1 200
OK mini-jigsaw.png
ransomware.pl/images/screens/ 11 KB
11 KB 58ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-jigsaw.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3824730ade9891ae29ba5ffa9885217fdbc27c047d470f41078e0029bde9bd70

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 15:31:18 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "2ce3-58ca051d26b0b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11491

GET
H/1.1 200
OK mini-killerlocker.png
ransomware.pl/images/screens/ 16 KB
16 KB 58ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-killerlocker.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2261bd9432f6e525f51adda3d46fdcd806984c17bc5b6125a2966789add14e15

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 13:29:20 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "3f91-58c9e9d96d7e9"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16273

GET
H/1.1 200
OK mini-koolova.png
ransomware.pl/images/screens/ 30 KB
30 KB 58ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-koolova.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2647bcc9e11f9491bf329d5eecf09eaec7757f04eadf1e0d6398e8b5887f070a

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 18:55:04 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "78f8-58ca32a84ac7b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30968

GET
H/1.1 200
OK mini-kovtor.png
ransomware.pl/images/screens/ 17 KB
17 KB 58ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-kovtor.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 55cf1dbaf9ae34863df6756fdba5d4bb4c95e5a161e3ce2b443bf78e9cf8209a

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 18:59:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "443a-58ca33909b55f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17466

GET
H/1.1 200
OK mini-kymera.png
ransomware.pl/images/screens/ 26 KB
26 KB 58ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-kymera.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 70225c8f003d2557ac84a953b4c5e33062a3f7953fc1c2aec55fa47ae3b1b123

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Sun, 07 Jul 2019 22:40:43 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "676a-58d1f048f8474"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26474

GET
H/1.1 200
OK mini-lltp-locker.png
ransomware.pl/images/screens/ 20 KB
20 KB 58ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-lltp-locker.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a24274c6376cf0e0b147381c07edd272d680601bae61743a32160d612875be81

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Sun, 07 Jul 2019 22:31:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "4e22-58d1ee3223b95"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20002

GET
H/1.1 200
OK mini-locker.png
ransomware.pl/images/screens/ 9 KB
9 KB 58ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-locker.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c748e7b82a140653ae2d854ff76d7cfa40fa1242f656ee08e93bf8d05ac82602

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 11:10:55 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "23fe-58c9cae92ef02"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9214

GET
H/1.1 200
OK mini-lockergoga.png
ransomware.pl/images/screens/ 16 KB
16 KB 59ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-lockergoga.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 744228ff00e5a7d6a0934a291e0386618899afbfae14fa0252dab9de7349eb89

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Sun, 07 Jul 2019 22:21:48 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "4060-58d1ec0ec3a78"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16480

GET
H/1.1 200
OK mini-lockify.png
ransomware.pl/images/screens/ 15 KB
15 KB 59ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-lockify.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e65c28535add6ccc255596d00bc3584a94f4dd18918fa1b4b44c497aa7f8593b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 19:38:59 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "3abb-58ca3c7920a9d"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15035

GET
H/1.1 200
OK mini-locky.png
ransomware.pl/images/screens/ 15 KB
15 KB 58ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-locky.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f995db2d9eec30f4e0b2d72572165f382459ab825d4819a091c1cce5640f2ec4

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 19:05:17 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "3a8a-58ca34f10d88b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14986

GET
H/1.1 200
OK mini-locky-diablo6.png
ransomware.pl/images/screens/ 8 KB
9 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-locky-diablo6.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a4bed3982e81ba49c2f01e5d7a210011d652090f2e563b19ab66455974ed4736

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 14:50:58 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "2190-58c9fc18f6b29"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8592

GET
H/1.1 200
OK mini-locky-white.png
ransomware.pl/images/screens/ 11 KB
11 KB 58ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-locky-white.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 84db9f0855d24f9a7dfba9315d4744be666fd9514752c18d85945bf6cd7202a2

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Sun, 30 Jun 2019 10:45:52 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "2cbf-58c883727016d"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11455

GET
H/1.1 200
OK mini-loocipher.png
ransomware.pl/images/screens/ 15 KB
16 KB 58ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-loocipher.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4e3ce54f49342ba7be93e5c39eab191f882c71168125025563966512c041f402

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 08 Jul 2019 18:14:55 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "3d13-58d2f6bd8ce03"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15635

GET
H/1.1 200
OK mini-mmm-reborn.png
ransomware.pl/images/screens/ 13 KB
13 KB 58ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-mmm-reborn.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 163af638ea76633ba4b594c907cfd6baa6226770eaa99a2a91f0dce644350aa9

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 19:43:18 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "34c4-58ca3d6fe98b8"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13508

GET
H/1.1 200
OK mini-maktub.png
ransomware.pl/images/screens/ 11 KB
11 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-maktub.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3add9ff7a05c03ea0fd691d30b143b532a9cd2baf3f47950484f6bdeafb21137

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 18:52:28 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "2c78-58ca321395a6e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11384

GET
H/1.1 200
OK mini-manifesto.png
ransomware.pl/images/screens/ 28 KB
28 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-manifesto.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c6f961290c57a11443a705f0c49b2a5374a148272a3f4f79e2961315f6339ee2

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 10:56:47 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "70b5-58c9c7c1386ef"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28853

GET
H/1.1 200
OK mini-merrychristmas.png
ransomware.pl/images/screens/ 14 KB
14 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-merrychristmas.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9e1a043dcceb521ef2773506220afb68bf366e2bcf048dd8efca38e98827b7c4

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 11:13:47 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "3615-58c9cb8d124c6"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13845

GET
H/1.1 200
OK mini-nsb.png
ransomware.pl/images/screens/ 13 KB
13 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-nsb.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: eab1977fa71640e335e89de2fff701d073e9617692136ea0abc4363e02e5b478

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 15:38:48 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "344b-58ca06c9cce46"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13387

GET
H/1.1 200
OK mini-napoleon.png
ransomware.pl/images/screens/ 17 KB
17 KB 58ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-napoleon.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1be10587f37bc75439dfbf5f48214cf6bd4aba0b2dcff39159ea12642474a0d0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 13:42:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "424e-58c9ecb621a58"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16974

GET
H/1.1 200
OK mini-nozelesn.png
ransomware.pl/images/screens/ 10 KB
10 KB 58ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-nozelesn.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8f3c48bdb2a714f3ab6737935009e39f8c07aaacaafe928efbafe812a5fb41ac

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Sun, 07 Jul 2019 22:49:12 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "2701-58d1f22e56868"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9985

GET
H/1.1 200
OK mini-pclock1.png
ransomware.pl/images/screens/ 15 KB
16 KB 58ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-pclock1.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2b2dcc10b9dc84f5c7621cfecdefa5843fa223f6b303e770cd717f1202384df7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Tue, 02 Jul 2019 19:57:41 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "3d85-58cb828486413"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15749

GET
H/1.1 200
OK mini-pclock2.png
ransomware.pl/images/screens/ 15 KB
15 KB 59ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-pclock2.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 518709d5211082b7eaad885b0af029879b541047ca168fe8939c58faa479c78e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 11:45:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "3c4e-58c9d28d6ed57"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15438

GET
H/1.1 200
OK mini-paradise.png
ransomware.pl/images/screens/ 13 KB
13 KB 58ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-paradise.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 37f54cc01ebb6ebf3588137d58ac15bbb0fa334da989c6bee4e9ecea99fd76a4

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 19:32:02 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "330b-58ca3aeb30baf"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13067

GET
H/1.1 200
OK mini-pendor.png
ransomware.pl/images/screens/ 14 KB
14 KB 58ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-pendor.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b0e3aa49a4b8c073551a63f973fbd5000a23d17a5af3cf07e2ea30edec7bd9d5

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 15:35:35 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "362f-58ca061245dfa"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13871

GET
H/1.1 200
OK mini-petrwrap.png
ransomware.pl/images/screens/ 9 KB
9 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-petrwrap.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 75ae022c6e095b9e19e39b29568278086df84bccb97dd9015ea2eee4d521cb45

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 17:36:01 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "23a1-58ca20fc97d9f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9121

GET
H/1.1 200
OK mini-petya.png
ransomware.pl/images/screens/ 20 KB
20 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-petya.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4724bbe13a836017dbe5dec9e60114b2c202b04ef4a27a277ca21edc9273ecd3

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 12:52:39 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "50bb-58c9e1a70659e"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20667

GET
H/1.1 200
OK mini-petya-2017.png
ransomware.pl/images/screens/ 36 KB
36 KB 58ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-petya-2017.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2275f5912b625f866b09e38923e81105b9c25595dafd1142718cc22636b0e0d9

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 17:38:39 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "90cc-58ca2193c4807"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37068

GET
H/1.1 200
OK mini-petya-goldeneye.png
ransomware.pl/images/screens/ 3 KB
4 KB 58ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-petya-goldeneye.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9c4ec5db6740e4fd1bd3e45bbe6d21123cff2c4657feaf585b3b21fe00df53f0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 14:46:16 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "d36-58c9fb0be4115"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3382

GET
H/1.1 200
OK mini-raransomware.png
ransomware.pl/images/screens/ 24 KB
25 KB 58ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-raransomware.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b420a9e96daf8d32b09ab828c953076abfb046f1a4360608437293bcddc83c18

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 08 Jul 2019 18:16:30 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "61ee-58d2f7182cc04"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25070

GET
H/1.1 200
OK mini-ransiria.png
ransomware.pl/images/screens/ 20 KB
20 KB 58ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-ransiria.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2d288fd628e1f675a3aff2b61c0a6e01da37f5f86644a711123aaa2bafa9ca0f

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 08 Jul 2019 07:46:05 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "4e07-58d26a2ee2702"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19975

GET
H/1.1 200
OK mini-satan.png
ransomware.pl/images/screens/ 9 KB
9 KB 58ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-satan.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 88c7f211a568aee2d12fdfbe37b487dc32f5bb25d95135808600acda5826614c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 08 Jul 2019 18:38:01 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "2403-58d2fbe6a584b"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9219

GET
H/1.1 200
OK mini-satana.png
ransomware.pl/images/screens/ 16 KB
17 KB 58ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-satana.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 57542284bb28199b225f20766d2823edec53a4f96b3d7b8fa935b811142619f4

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 08 Jul 2019 07:38:10 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "418d-58d2686a64c6c"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16781

GET
H/1.1 200
OK mini-scarab.png
ransomware.pl/images/screens/ 22 KB
22 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-scarab.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4900351804961ce96fff6517fb9d09e63b143c29d3f2bfa3efeb319e1c747718

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 14:53:36 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5871-58c9fcaff27a3"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22641

GET
H/1.1 200
OK mini-scarab-x3.png
ransomware.pl/images/screens/ 15 KB
15 KB 59ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-scarab-x3.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 36011baa324393c9ce8adb5c361ecc0c81f40467d3674c9d7a2be12dddaa1c17

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 08 Jul 2019 18:18:48 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "3a86-58d2f79ae8496"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14982

GET
H/1.1 200
OK mini-scotch-tape-locker.png
ransomware.pl/images/screens/ 16 KB
16 KB 58ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-scotch-tape-locker.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ce2341af34153f675f680dc591fb85237702688557d2dc09143b2f707d024fd6

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 15:26:36 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "3e93-58ca040f61377"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16019

GET
H/1.1 200
OK mini-seed-locker.png
ransomware.pl/images/screens/ 15 KB
15 KB 58ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-seed-locker.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4432feb09cc70778efc2327674c98e858a4aea9f3394ddaa4675f0ad450427c7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 08 Jul 2019 18:21:07 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "3cb2-58d2f81fbb559"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15538

GET
H/1.1 200
OK mini-sodinokibi.png
ransomware.pl/images/screens/ 24 KB
25 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-sodinokibi.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5798d60f250df2a2b531011e1f77c7726d8cae1f7edc46939e6d74bbfd67102f

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Sun, 07 Jul 2019 22:09:33 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6108-58d1e95130144"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24840

GET
H/1.1 200
OK mini-swamp.png
ransomware.pl/images/screens/ 19 KB
19 KB 58ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-swamp.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 10a5dcd6b838d70cdaa4a61ff196e19b8adda50f7a3dd0e1de3b1725a2dba816

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Sun, 30 Jun 2019 10:50:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "4cee-58c88474355fd"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19694

GET
H/1.1 200
OK mini-teslacrypt-blue.png
ransomware.pl/images/screens/ 9 KB
9 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-teslacrypt-blue.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5101078d3b655e522e673dd24376220d3b7314e0ce09e71cc6e50051a6c12e6c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Tue, 02 Jul 2019 19:53:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "223d-58cb818d6aadf"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8765

GET
H/1.1 200
OK mini-teslacrypt-cl.png
ransomware.pl/images/screens/ 13 KB
13 KB 58ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-teslacrypt-cl.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9a5b90d30ac02c1713f8c4f77610f22e2e70fd4883324e553c1cfda527096ca5

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Tue, 02 Jul 2019 19:48:56 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "32a7-58cb808fa2dc5"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12967

GET
H/1.1 200
OK mini-teslacrypt-cw.png
ransomware.pl/images/screens/ 13 KB
13 KB 58ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-teslacrypt-cw.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 557bf5a32d3652744f1ff53265ba27bd8ea1fbf0a666e87fe5146be7c306ea6c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Tue, 02 Jul 2019 19:50:43 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "3414-58cb80f6638b7"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13332

GET
H/1.1 200
OK mini-tron.png
ransomware.pl/images/screens/ 13 KB
14 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-tron.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: eb5b234d3362e581126e2b339e7d40a06e6d693ede0cf770f9e28c6e4eab5f5a

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Sun, 07 Jul 2019 22:44:31 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "35d9-58d1f1220b326"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13785

GET
H/1.1 200
OK mini-ukash-komorowski.png
ransomware.pl/images/screens/ 18 KB
18 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-ukash-komorowski.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4b06255fd9d0b995d6af5cd69cbfb7025c7c64d82b06af78d0e6aed520bdf4ba

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 16:16:45 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "466c-58ca0f451c997"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18028

GET
H/1.1 200
OK mini-ukash-policja.png
ransomware.pl/images/screens/ 19 KB
19 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-ukash-policja.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f301fb70a8cb55df8ae0ce8b82d1fdc77e759a124ddc1531edac72183ba144a7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 19:09:24 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "4ad8-58ca35dcecf04"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19160

GET
H/1.1 200
OK mini-ukash-pl.png
ransomware.pl/images/screens/ 11 KB
12 KB 58ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-ukash-pl.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: bcb8b3f7d98c81505fa09c24cd58f318c1cb046d787b7a0f5810ae524ea495e7

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 17:28:56 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "2d38-58ca1f681cd8f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11576

GET
H/1.1 200
OK mini-waddup.png
ransomware.pl/images/screens/ 26 KB
27 KB 59ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-waddup.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c2ab861a67bf3082ca822515cf58f038ef26ac8a045334d05f5963c1595ff857

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Sun, 07 Jul 2019 22:35:30 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6914-58d1ef1e03b02"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26900

GET
H/1.1 200
OK mini-wanacrypt2-pl.png
ransomware.pl/images/screens/ 14 KB
14 KB 58ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-wanacrypt2-pl.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0d32d73da06a975a2a369f8d38d7eb3cb0d5527a8b640eb0cd038bdc0528615c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 11:50:55 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "38b3-58c9d3da4cec0"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14515

GET
H/1.1 200
OK mini-whoopsie.png
ransomware.pl/images/screens/ 13 KB
13 KB 58ms
58ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-whoopsie.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 48c148e5ac041c341c3905e88145daea97a5b3db7b43d30da963fcfe59503589

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 08 Jul 2019 18:23:26 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "33eb-58d2f8a4afdb1"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13291

GET
H/1.1 200
OK mini-xorist-boom.png
ransomware.pl/images/screens/ 15 KB
16 KB 58ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/screens/mini-xorist-boom.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 16578d91e7834356bdab9bc22e81ea0d3703731f32b13b8644603bd6ae872e2a

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 01 Jul 2019 19:45:59 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "3d8f-58ca3e0a132ab"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15759

GET
H/1.1 200
OK logo-pl-blue.png
ransomware.pl/images/custom/ 32 KB
32 KB 57ms
57ms Image
image/png 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/custom/logo-pl-blue.png
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 29576d5fb218f47d83e6f362b5a453e2d3f71afcdcc8bdbae6409493e4df5d7e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:56 GMT
Last-Modified: Sat, 29 Jun 2019 18:56:23 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "7ede-58c7af39369e4"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32478

GET
H/1.1 200
OK jquery.js Show response
ransomware.pl/js/ 287 KB
86 KB 422ms
82ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/js/jquery.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Dec 2016 02:37:42 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "47a36-54358df0e6980-gzip"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery.cookiebar.js Show response
ransomware.pl/js/ 7 KB
3 KB 412ms
58ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/js/jquery.cookiebar.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 48c4f48e82e91a2ee301dfdeb2dc2c8d96b792eba06c467488a4731a9cdd29b4

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 14 Apr 2015 11:45:00 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "1ce6-513adc2ade700-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2253

GET
H/1.1 200
OK bootstrap.min.js Show response
ransomware.pl/js/ 36 KB
10 KB 434ms
59ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/js/bootstrap.min.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jul 2016 10:23:30 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "90b5-538732cf1ec80-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9833

GET
H/1.1 200
OK jquery.bxslider.min.js Show response
ransomware.pl/js/ 19 KB
5 KB 433ms
57ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/js/jquery.bxslider.min.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Apr 2014 17:44:38 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "4b9f-4f63b12566d80-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5162

GET
H/1.1 200
OK jquery.countTo.js Show response
ransomware.pl/js/ 3 KB
1 KB 376ms
58ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/js/jquery.countTo.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 65800a729f583f1366785a9890e856396f4563f7b1b2d3b8ea4e275950a65d5e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 May 2015 00:56:18 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "d8a-51719d3c3d080-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1027

GET
H/1.1 200
OK owl.carousel.min.js Show response
ransomware.pl/js/ 39 KB
11 KB 60ms
59ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/js/owl.carousel.min.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Jun 2014 14:21:42 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "9dd1-4fcbde96b8980-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10522

GET
H/1.1 200
OK validate.js Show response
ransomware.pl/js/ 20 KB
6 KB 61ms
61ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/js/validate.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 46c364468eac164a057f562fe16953c54cb79245e9d6ed1e2ec605483fc09304

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jul 2015 14:11:10 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5198-51bf00abfdb80-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6278

GET
H/1.1 200
OK jquery.mixitup.min.js Show response
ransomware.pl/js/ 28 KB
8 KB 60ms
59ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/js/jquery.mixitup.min.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a7b4cb3db2cf3d417e8e69528fde70b5ed09686cbf54cb06e5dd993dfa452670

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 28 Sep 2015 08:16:48 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "7107-520ca5198bc00-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8232

GET
H/1.1 200
OK jquery.easing.min.js Show response
ransomware.pl/js/ 5 KB
2 KB 61ms
61ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/js/jquery.easing.min.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 16 Aug 2015 11:27:34 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "15b3-51d6bf8a7b580-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859

GET
H/1.1 200
OK jquery.fitvids.js Show response
ransomware.pl/js/ 3 KB
2 KB 58ms
57ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/js/jquery.fitvids.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Feb 2016 05:02:24 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "d16-52c54bd0a5800-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1342

GET
H/1.1 200
OK jquery-ui.js Show response
ransomware.pl/assets/jquery-ui-1.11.4/ 447 KB
108 KB 90ms
90ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/jquery-ui-1.11.4/jquery-ui.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7b747c28dbc530303016e0e6c102c07a7aa3ed4b4bcc4ffe70276a7c0febee39

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Apr 2016 20:10:02 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6fc50-52f71f6cd1a80-gzip"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK jquery.fancybox.pack.js Show response
ransomware.pl/js/ 23 KB
9 KB 60ms
60ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/js/jquery.fancybox.pack.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jun 2013 19:42:28 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5a5f-4df0e548e7100-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8634

GET
H/1.1 200
OK jquery.appear.js Show response
ransomware.pl/js/ 1 KB
1020 B 58ms
57ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/js/jquery.appear.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: fa77538239ff2758ff9fa8ef646cad3e9ca818dd13fbf15ff3ca8a8bee173c69

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 18 Jan 2016 09:54:30 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5c6-52998bd39c180-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 710

GET
H/1.1 200
OK isotope.js Show response
ransomware.pl/js/ 37 KB
10 KB 60ms
59ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/js/isotope.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4fa72a8e292674529c8c0fdc8b0ccb7974e214d83e862316e91743ed7453b1c6

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Aug 2016 20:56:10 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "9393-539d1fed6ee80-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10188

GET
H/1.1 200
OK jquery.prettyPhoto.js Show response
ransomware.pl/js/ 21 KB
6 KB 60ms
60ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/js/jquery.prettyPhoto.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 47ec7ea65620c8be7945819dd593916a9c7c892e727e645c2990819c414ff31c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 May 2015 16:05:50 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5402-5156bf8003380-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5940

GET
H/1.1 200
OK timePicker.js Show response
ransomware.pl/assets/timepicker/ 24 KB
6 KB 60ms
60ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/timepicker/timePicker.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c0b1950c24f059ab7fe9c2f6321dcf8b8148b01156e09f8424982c4bcf5a1d21

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Mar 2016 01:06:22 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "614d-52df7e3963f80-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5351

GET
H/1.1 200
OK bootstrap-select.js Show response
ransomware.pl/assets/bootstrap-sl-1.12.1/ 68 KB
16 KB 72ms
72ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/bootstrap-sl-1.12.1/bootstrap-select.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: fe4e5d4d4f0e1b9904c98cbb7711983fc593380683492756e21c2325e72b6dad

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Nov 2016 05:08:36 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "1110e-541dcc3bb5d00-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15885

GET
H/1.1 200
OK jquery.themepunch.tools.min.js Show response
ransomware.pl/assets/revolution/js/ 102 KB
36 KB 70ms
69ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/revolution/js/jquery.themepunch.tools.min.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7722eb69e500cd417ad68004ff568351d3d47faee948468c311a8dd3cf7a770d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Nov 2015 08:21:12 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "1993f-525592420ce00-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36050

GET
H/1.1 200
OK jquery.themepunch.revolution.min.js Show response
ransomware.pl/assets/revolution/js/ 46 KB
14 KB 62ms
62ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/revolution/js/jquery.themepunch.revolution.min.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1d638248f0b343ca46bba0aadd5dae169bbae6ba52e2054ff24d2404d7146d3b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Nov 2015 04:37:28 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "b864-5257e3fad9200-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13695

GET
H/1.1 200
OK revolution.extension.actions.min.js Show response
ransomware.pl/assets/revolution/js/extensions/ 7 KB
2 KB 58ms
57ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/revolution/js/extensions/revolution.extension.actions.min.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4f6296e444d107bfb62fe165b3ea638ee10a603193cfd87e78d80bd3e289f57b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Nov 2015 10:27:52 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "1a86-5255ae91f9a00-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2115

GET
H/1.1 200
OK revolution.extension.carousel.min.js Show response
ransomware.pl/assets/revolution/js/extensions/ 7 KB
3 KB 58ms
58ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/revolution/js/extensions/revolution.extension.carousel.min.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2f6728e4e86d7e94258096758a335bfc31e1c5f18de79ddc511709a5b17fda2b

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Oct 2015 09:52:24 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "1cc4-5210801034600-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2470

GET
H/1.1 200
OK revolution.extension.kenburn.min.js Show response
ransomware.pl/assets/revolution/js/extensions/ 3 KB
2 KB 58ms
57ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/revolution/js/extensions/revolution.extension.kenburn.min.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2beef56f943cd5a4219ffa68183a1a5a5c1e0a1e3fb9e64d2dfcc68de258eec3

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 27 Sep 2015 11:18:46 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "c34-520b8be84d180-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1291

GET
H/1.1 200
OK revolution.extension.layeranimation.min.js Show response
ransomware.pl/assets/revolution/js/extensions/ 29 KB
8 KB 62ms
61ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/revolution/js/extensions/revolution.extension.layeranimation.min.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d2373378d19cc2477eeeee4f88cc63ef3f982bd7d92f37d595287a1d6a4ffa3a

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Nov 2015 04:38:00 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "74f5-5257e4195da00-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8301

GET
H/1.1 200
OK revolution.extension.migration.min.js Show response
ransomware.pl/assets/revolution/js/extensions/ 6 KB
2 KB 59ms
58ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/revolution/js/extensions/revolution.extension.migration.min.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4f811fc19c67d51cc0c0fa6db44f0185d7e646210f18e1586356ceb53fcdcb11

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 27 Sep 2015 11:18:46 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "17c0-520b8be84d180-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1744

GET
H/1.1 200
OK revolution.extension.navigation.min.js Show response
ransomware.pl/assets/revolution/js/extensions/ 22 KB
6 KB 60ms
60ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/revolution/js/extensions/revolution.extension.navigation.min.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 03c970ea4c3f6d574182c00962623dc0f6f09232f52ca327cdaea24e6ebd71fe

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Nov 2015 10:40:04 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "59ae-5242d55226900-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6180

GET
H/1.1 200
OK revolution.extension.parallax.min.js Show response
ransomware.pl/assets/revolution/js/extensions/ 8 KB
3 KB 58ms
58ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/revolution/js/extensions/revolution.extension.parallax.min.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 65aa02cae25114e3ee163d509586827435930dba0eabca2dd059c3961a28d189

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 26 Nov 2015 11:46:06 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "1f6a-525701ebfbb80-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2393

GET
H/1.1 200
OK revolution.extension.slideanims.min.js Show response
ransomware.pl/assets/revolution/js/extensions/ 27 KB
7 KB 59ms
59ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/revolution/js/extensions/revolution.extension.slideanims.min.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c350fa4a0da7403eccfc32600fe6b3d7beb5b590c53293b8f69bf68df6e43bea

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Nov 2015 10:55:46 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6de0-5242d8d483080-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6627

GET
H/1.1 200
OK revolution.extension.video.min.js Show response
ransomware.pl/assets/revolution/js/extensions/ 20 KB
5 KB 59ms
58ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/revolution/js/extensions/revolution.extension.video.min.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 925dff987ca733064fdc994aa05aba0157b423f6ca594d0cd986712183b0f851

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Nov 2015 09:29:10 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "5143-5258252e0e580-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5239

GET
H/1.1 200
OK custom.js Show response
ransomware.pl/js/ 10 KB
3 KB 58ms
58ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/js/custom.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f3f96161d642558a8c6b61d48165ae6f59758010ba634b9a0182c05c08c6246d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Jul 2019 15:31:40 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "287f-58d19062d4ae5-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2740

GET
H/1.1 200
OK custom-pl.js Show response
ransomware.pl/js/ 527 B
657 B 57ms
57ms Script
text/javascript 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/js/custom-pl.js
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9a0cb29c9dbc895dc0b77ff446f6f7e10df6f9a2302327b4fba52c77c546a0e4

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Content-Encoding: gzip
Last-Modified: Sun, 07 Jul 2019 15:31:33 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "20f-58d1905bf5cb9-gzip"
Vary: Accept-Encoding
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 347

GET
H2 200 css
fonts.googleapis.com/ 25 KB
2 KB 151ms
54ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Requested by

Host: ransomware.pl
URL: https://ransomware.pl/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

2ece1ce88d0c0ee1733e95c7bab6fc3795dc0fefc8e09027c67302d621479b47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Jun 2023 16:20:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 15:09:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Jun 2023 16:20:54 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
1 KB 153ms
56ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i,800,800i

Requested by

Host: ransomware.pl
URL: https://ransomware.pl/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

1d90d8acaf8e945cbe6301f571086a38f216bd9c161fa975fea3c75b6f8d3662

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 27 Jun 2023 16:20:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 27 Jun 2023 16:20:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Jun 2023 16:20:54 GMT

GET
H/1.1 200
OK imp.css
ransomware.pl/css/ 6 KB
2 KB 101ms
58ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/css/imp.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 49f209ad858a67f0a90be769a67fbd0027916f9a63b13f96bf34bb43baad5b4a

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Feb 2017 05:39:54 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "1721-54785983e5e80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1545

GET
H/1.1 200
OK bootstrap.min.css
ransomware.pl/css/ 118 KB
20 KB 171ms
116ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/css/bootstrap.min.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jul 2016 10:23:28 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "1d970-538732cd36800-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19744

GET
H/1.1 200
OK font-awesome.min.css
ransomware.pl/css/ 27 KB
6 KB 119ms
58ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/css/font-awesome.min.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Dec 2015 10:19:26 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "6b4a-527013da18780-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6243

GET
H/1.1 200
OK hover.css
ransomware.pl/css/ 123 KB
9 KB 124ms
63ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/css/hover.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d73e3cbe5d0ca7fc2c9fd69d9e3a137fcb03bf0bbb7b5f31541a40984e751543

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jul 2015 14:10:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "1eb59-51bf0070dd000-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8530

GET
H/1.1 200
OK jquery.bxslider.css
ransomware.pl/css/ 4 KB
1 KB 122ms
56ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/css/jquery.bxslider.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 560869e861e2bc3ef27b70181a49f1767380e1731627b7886a24dd9cd4a54d3f

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Feb 2016 16:10:40 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "f2e-52ab7a047e000-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1199

GET
H/1.1 200
OK owl.carousel.css
ransomware.pl/css/ 5 KB
1 KB 125ms
57ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/css/owl.carousel.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: eb7ccdc502d7b011f69b0c7ea745abade2a50a2d3974d9a22b2a64d09adc3b8e

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jul 2015 14:10:08 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "125d-51bf0070dd000-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1117

GET
H/1.1 200
OK owl.theme.default.min.css
ransomware.pl/css/ 1 KB
706 B 158ms
57ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/css/owl.theme.default.min.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e6e40fa26713134203caed2e8d9362a8c75f5c337f02e25e00723a258eef66ea

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Jul 2015 14:10:10 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "476-51bf0072c5480-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 403

GET
H/1.1 200
OK animate.min.css
ransomware.pl/css/ 52 KB
4 KB 179ms
59ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/css/animate.min.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d612214a5a30838bea68567f6e290f31f106c1280cd05b48b3b9b1d4f0031c29

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Sat, 23 Jan 2016 21:49:52 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "ce35-52a0750c86000-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3954

GET
H/1.1 200
OK jquery.bootstrap-touchspin.css
ransomware.pl/css/ 772 B
609 B 179ms
57ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/css/jquery.bootstrap-touchspin.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ea40d450aba1b968363c725912b035222155046a64acc60f14829a3e53e2006c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 12 Feb 2016 07:11:28 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "304-52b8d6034a800-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 306

GET
H/1.1 200
OK jquery.fancybox.css
ransomware.pl/css/ 5 KB
2 KB 182ms
58ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/css/jquery.fancybox.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e0686445a95fa043ed2cdf6b66846189d0048148e116188e3bf3abeda649f622

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Dec 2016 04:12:18 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "1391-542f59c2a6c80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1434

GET
H/1.1 200
OK prettyPhoto.css
ransomware.pl/css/ 19 KB
3 KB 183ms
58ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/css/prettyPhoto.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c63be02717683d2efdc8c887d77d289092a50b7d51210e87033045ea2b7c9eed

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 27 Nov 2016 09:31:32 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "4db0-542450542e500-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2769

GET
H/1.1 200
OK bootstrap-select.min.css
ransomware.pl/css/ 6 KB
2 KB 216ms
58ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/css/bootstrap-select.min.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8d5ad3c7f7f2ffbcf18f6a25b01a4cb94992168af5100f8f0a05c09f9800d889

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Dec 2016 08:28:38 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "18a3-544b3c164d980-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1502

GET
H/1.1 200
OK nouislider.css
ransomware.pl/assets/price-filter/ 3 KB
1 KB 228ms
57ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/price-filter/nouislider.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 24db18ce2f84de05c5d1699844639e31b7e1765ad91c1658ff13a5875f7160f8

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Sep 2015 13:27:38 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "c42-51eebdd082680-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1004

GET
H/1.1 200
OK nouislider.pips.css
ransomware.pl/assets/price-filter/ 1 KB
757 B 236ms
57ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/price-filter/nouislider.pips.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 6eeae6b2e8b618cfd938ad2c054bd11e27c4d0914a99c606cb600ef4e6279cdc

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 29 Jun 2015 17:56:46 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "58d-519abd028f380-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 454

GET
H/1.1 200
OK flexslider.css
ransomware.pl/css/ 7 KB
2 KB 238ms
59ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/css/flexslider.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 88b7bb3616903293b098dd1209d6cf82c81190c2bc655510688153e9871934c4

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Aug 2015 17:24:48 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "1a8a-51d207edb1800-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1607

GET
H/1.1 200
OK timePicker.css
ransomware.pl/assets/timepicker/ 4 KB
1 KB 239ms
57ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/timepicker/timePicker.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f9c5d7f4f45e782f726d815400ba9e8a33355f2f231f9f6d20db0903ddada98d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Sat, 24 Dec 2016 11:24:46 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "fc1-54465bfee3b80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1053

GET
H/1.1 200
OK flaticon.css
ransomware.pl/fonts/flaticon/ 2 KB
987 B 240ms
57ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/fonts/flaticon/flaticon.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 194f5a56ab7bbb138647b4228ccbc5462b9b5e2a5b7afba4c4079b6808555a10

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Dec 2016 04:13:50 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "91b-544377f1c3b80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 684

GET
H/1.1 200
OK jquery-ui.css
ransomware.pl/assets/jquery-ui-1.11.4/ 33 KB
8 KB 277ms
60ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/jquery-ui-1.11.4/jquery-ui.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f3f198bd3505f9244df739ccddc4fece7a3036aa9f268548f49364e9a5d3060c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Apr 2016 20:10:02 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "830d-52f71f6cd1a80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7628

GET
H/1.1 200
OK settings.css
ransomware.pl/assets/revolution/css/ 35 KB
8 KB 290ms
61ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/revolution/css/settings.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5f2c60cf23b7ffdce424ea0853322ba77e971fb0da0f88a7d2cfdefafd766f3d

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Nov 2015 08:53:02 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "8b78-5255995f91780-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7719

GET
H/1.1 200
OK layers.css
ransomware.pl/assets/revolution/css/ 100 KB
8 KB 307ms
64ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/revolution/css/layers.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0ab16e166be3148e6566d249b7b15b035163508d645de47e86eca26b4df0085c

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Nov 2015 10:01:04 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "18ee3-52582c4f63800-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7502

GET
H/1.1 200
OK navigation.css
ransomware.pl/assets/revolution/css/ 58 KB
8 KB 305ms
62ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/revolution/css/navigation.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ea132692052eff279b83e112d4f77f9ef37e6c88386032a2162931cf3f0e72e4

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 26 Oct 2015 04:43:48 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "e8af-522fa9b67e900-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8028

GET
H/1.1 200
OK bootstrap-select.css
ransomware.pl/assets/bootstrap-sl-1.12.1/ 8 KB
2 KB 309ms
64ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/bootstrap-sl-1.12.1/bootstrap-select.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8a85545635f451285bdc25c06313ad945bcf21ba26cb876d848ab133ee6e2736

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Dec 2016 10:31:04 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "1e3d-544a159688a00-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1652

GET
H/1.1 200
OK polyglot-language-switcher.css
ransomware.pl/assets/language-switcher/ 3 KB
1 KB 310ms
65ms Stylesheet
text/css 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/language-switcher/polyglot-language-switcher.css
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d980ed68664d9096f884a0e2957b638ce9c0766917cf9f1fb7b2a0dfc5e4e56f

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Content-Encoding: gzip
Last-Modified: Sat, 19 Nov 2016 05:54:56 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "b72-541a10fe8ac00-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 886

GET
H/1.1 200
OK categories-bg.jpg
ransomware.pl/images/resources/ 297 KB
297 KB 67ms
58ms Image
image/jpeg 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/images/resources/categories-bg.jpg
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5e706492a58126e46d39531931a35eb9cf31a401a477d8b5fc6d659f1f3cc490

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Last-Modified: Wed, 21 Dec 2016 05:34:12 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "4a2fb-5442480aebd00"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 303867

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 141ms
43ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ransomware.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 25 Jun 2023 05:19:29 GMT
x-content-type-options: nosniff
age: 212485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Jun 2024 05:19:29 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
ransomware.pl/fonts/ 65 KB
65 KB 68ms
57ms Font
font/woff2 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/css/font-awesome.min.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer: https://ransomware.pl/css/font-awesome.min.css
Origin: https://ransomware.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Last-Modified: Wed, 16 Dec 2015 10:19:24 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "10440-527013d830300"
Content-Type: font/woff2
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66624

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 152ms
54ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ransomware.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 18:58:23 GMT
x-content-type-options: nosniff
age: 249751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 18:58:23 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
47 KB 187ms
90ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ransomware.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 05:45:28 GMT
x-content-type-options: nosniff
age: 297326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 05:45:28 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 259ms
161ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ransomware.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:38:09 GMT
x-content-type-options: nosniff
age: 603765
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 16:38:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 223ms
129ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ransomware.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 22 Jun 2023 22:16:07 GMT
x-content-type-options: nosniff
age: 410687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jun 2024 22:16:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 247ms
155ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ransomware.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 16:38:05 GMT
x-content-type-options: nosniff
age: 603769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11824
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jun 2024 16:38:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 256ms
168ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ransomware.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 03:39:22 GMT
x-content-type-options: nosniff
age: 304892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 03:39:22 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v35/ 34 KB
34 KB 262ms
175ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600,600i,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

b153ed5268005996e0bf3f4aa64b436e0f1721c44122101441f683ca5f7763a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ransomware.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 15:47:35 GMT
x-content-type-options: nosniff
age: 261199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35184
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:11:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 15:47:35 GMT

GET
H/1.1 200
OK Flaticon.woff
ransomware.pl/fonts/flaticon/ 6 KB
7 KB 79ms
58ms Font
font/woff 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/fonts/flaticon/Flaticon.woff
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/fonts/flaticon/flaticon.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b3890858ae4043da2795aa5c770c54b215a20d8e30f650c96c68e2d693b8214b

Request headers

Referer: https://ransomware.pl/fonts/flaticon/flaticon.css
Origin: https://ransomware.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:54 GMT
Last-Modified: Wed, 21 Dec 2016 04:19:14 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "19b8-544237494b480"
Content-Type: font/woff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6584

GET
H2 200 KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 11 KB
12 KB 233ms
149ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

2781e9e7c3f369b8fc7965e679b17b60b5b11eaae5da1e5045107bbdd9d568f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ransomware.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 22:40:08 GMT
x-content-type-options: nosniff
age: 236446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11756
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 22:40:08 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 12 KB
12 KB 189ms
116ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ransomware.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 24 Jun 2023 18:23:15 GMT
x-content-type-options: nosniff
age: 251859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jun 2024 18:23:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 147ms
43ms Script
text/javascript 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ransomware.pl
URL: https://ransomware.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Jun 2023 14:35:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6333
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 27 Jun 2023 16:35:22 GMT

GET
H2 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
2 KB 164ms
53ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: ransomware.pl
URL: https://ransomware.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

38799e533bce08a6747d6274ab753635675208a06b1077d372774d3378eedc87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Jun 2023 16:20:55 GMT
content-md5: FDoanO3Xqkn/Z7I8o2dmsA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2165
x-fb-debug: 0LngOIQO7YTms4cVE2kTZ2h12liKbyQesUcgZ3p8mXCO8qJnyuiwAiZhRXKoCmko24dsczFwJYLxN3Zk42A67Q==
x-fb-content-md5: 21ff5df5a3ecde5a5b4cb2126417b74c
cross-origin-opener-policy: same-origin-allow-popups
etag: "9bc04db2e26a0289840b1d4d213cede5"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 27 Jun 2023 16:34:15 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/pl_PL/ 3 KB
2 KB 162ms
51ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pl_PL/sdk.js

Requested by

Host: ransomware.pl
URL: https://ransomware.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

b34065462b7d60503022c224913e09c338aae7258e181e66e57ed11636eee27d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Jun 2023 16:20:55 GMT
content-md5: 44OvPZZKZSuiIARQGd9ruA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1683
x-fb-debug: B/uMCTz0xn1SAVibCBULNqQQbGVzHGPNU+3Og5EGHv8aPvBFqPC6fcNGiAxCHgLfztk8brYZZTq8MlD64nDbkQ==
x-fb-content-md5: db5930a98d73e7b742b11c7d372f0531
cross-origin-opener-policy: same-origin-allow-popups
etag: "dff3a3118f8b48aff0959f7bdb33dccd"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Tue, 27 Jun 2023 16:22:44 GMT

GET
H2 200 e3567b9c-71bb-4832-8078-1921ae80f745.js Show response
payload.containers.piwik.pro/ 221 KB
55 KB 169ms
61ms Script
application/javascript 20.79.102.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payload.containers.piwik.pro/e3567b9c-71bb-4832-8078-1921ae80f745.js

Requested by

Host: ransomware.pl
URL: https://ransomware.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.79.102.66 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a79022dd32ea8cbef21ad52d1055a5d7df0ded0d75dbf6a4111c42a519cb47f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 16:20:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
referrer-policy: origin
etag: W/"367eaf63720b5c71-8ed947b6f5a76fe2"
vary: Accept-Encoding, Accept-Encoding, Cookie
x-frame-options: sameorigin
content-type: application/javascript; charset=utf-8
cache-control: public, must-revalidate
x-robots-tag: none

GET
H/1.1 200
OK loader.gif
ransomware.pl/assets/revolution/assets/ 2 KB
3 KB 79ms
60ms Image
image/gif 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ransomware.pl/assets/revolution/assets/loader.gif
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/assets/revolution/css/settings.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/assets/revolution/css/settings.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 12 Jan 2015 05:20:50 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "9f1-50c6dab645080"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2545

GET
H/1.1 200
OK revicons.woff
ransomware.pl/assets/revolution/fonts/revicons/ 7 KB
8 KB 68ms
60ms Font
font/woff 167.235.242.21
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ransomware.pl/assets/revolution/fonts/revicons/revicons.woff?5510888
Requested by: Host: ransomware.pl
URL: https://ransomware.pl/assets/revolution/css/settings.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.235.242.21 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: payload.pl
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686

Request headers

Referer: https://ransomware.pl/assets/revolution/css/settings.css
Origin: https://ransomware.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 27 Jun 2023 16:20:55 GMT
Last-Modified: Mon, 12 Jan 2015 05:20:52 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "1d70-50c6dab82d500"
Content-Type: font/woff
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7536

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
219 B 52ms
50ms XHR
text/plain 142.250.181.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=139197821&t=pageview&_s=1&dl=https%3A%2F%2Fransomware.pl%2F&ul=en-us&de=UTF-8&dt=Ransomware.pl%20-%20Polish%20Data%20Recovery%20Center&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=507289809&gjid=1386387593&cid=1212574710.1687882855&tid=UA-61875139-2&_gid=2127126448.1687882855&_r=1&_slc=1&z=2011938472

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

e031a0cc2732a103c5c9b619b51ec58c0bccfe398173861af12ef4f2be2e9407

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ransomware.pl/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 16:20:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ransomware.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/pl_PL/ 302 KB
85 KB 104ms
52ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/pl_PL/sdk.js?hash=e2680834baac4aea4aacd80cbae12bba

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pl_PL/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

a1f81fe1ba4be284b6e4361e6492ecf832aac23e72a0302807085c7b83c4123c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ransomware.pl/
Origin: https://ransomware.pl
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 27 Jun 2023 16:20:55 GMT
content-md5: PPQyGeSaHphiFytiqr30xA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87425
x-fb-debug: Vq1w1r9yLvHWeB11mWBMsd4iQEsxrgju4gXWzS5CuEbsff2Jlf9hXmeAuLpYehS1qrnAJchCJyaLZn4m8Xg0Sg==
x-fb-content-md5: 133da07c39d9284d0244814dd1fb46df
cross-origin-opener-policy: same-origin-allow-popups
etag: "6eb53a3c607b31e9f0eaf5100ae30516"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 26 Jun 2024 15:33:32 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 164ms
51ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=398243400360784&ev=PixelInitialized&dl=https%3A%2F%2Fransomware.pl%2F&rl=&if=false&ts=1687882855265

Requested by

Host: ransomware.pl
URL: https://ransomware.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 27 Jun 2023 16:20:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 212 KB
77 KB 165ms
59ms Script
application/javascript 142.250.74.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3JK2BMK9XJ&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.200 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

de01e33153b2fc38c17d259d411ce3c05fb3914dca28de7594eb3356828ef58d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 16:20:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78114
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 27 Jun 2023 16:20:55 GMT

GET
H2 200 ppms.js Show response
payload.containers.piwik.pro/ 79 KB
27 KB 56ms
54ms Script
application/javascript 20.79.102.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://payload.containers.piwik.pro/ppms.js

Requested by

Host: ransomware.pl
URL: https://ransomware.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.79.102.66 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

38148a365eff1b335706eb3a448f1124a2edb4424d2b9a97261c2c7c4e3290e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 16:20:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15768000
last-modified: Tue, 13 Jun 2023 10:50:48 GMT
referrer-policy: origin
etag: W/"64884a08-13d26"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=21600
expires: Tue, 27 Jun 2023 22:20:55 GMT

POST
H2 202 ppms.php
payload.piwik.pro/ 0
0 158ms
50ms Ping
text/html 20.79.102.66
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://payload.piwik.pro/ppms.php
Requested by: Host: payload.containers.piwik.pro
URL: https://payload.containers.piwik.pro/ppms.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.79.102.66 Frankfurt am Main, Germany, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ransomware.pl/
accept-language: pl-PL,pl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 127ms
49ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3JK2BMK9XJ&gtm=45je36q0&_p=139197821&ul=en-us&sr=1600x1200&cid=1212574710.1687882855&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBA&ngs=1&_s=1&dl=https%3A%2F%2Fransomware.pl%2F&dt=Ransomware.pl%20-%20Polish%20Data%20Recovery%20Center&sid=1687882855&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3JK2BMK9XJ&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://ransomware.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Jun 2023 16:20:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ransomware.pl
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 like.php Show response
www.facebook.com/v2.3/plugins/ Frame 4CC6 59 KB
18 KB 397ms
396ms Document
text/html 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2683fb5a433ac8%26domain%3Dransomware.pl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fransomware.pl%252Ffd10d7fd255578%26relation%3Dparent.parent&container_width=237&href=https%3A%2F%2Fransomware.pl%2F&layout=button_count&locale=pl_PL&sdk=joey&share=true&show_faces=false&size=small

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/pl_PL/sdk.js?hash=e2680834baac4aea4aacd80cbae12bba

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

c00b431262563c94ac1f4581b1d954c2ec5c62d78474ed9789c3b335a79ec600

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ransomware.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: pl-PL,pl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 27 Jun 2023 16:20:56 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v11.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 7x6w7jzt2pZ6Eugl9K8Xq6EQOCFgizNbnUMLwGmOZWwm9qXfbkr733o9DCyg7iNeho4sRDpg5fM1fmGzGDvYWw==
x-xss-protection: 0

GET
H2 200 FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 4CC6 299 B
548 B 51ms
50ms Image
image/png 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2683fb5a433ac8%26domain%3Dransomware.pl%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fransomware.pl%252Ffd10d7fd255578%26relation%3Dparent.parent&container_width=237&href=https%3A%2F%2Fransomware.pl%2F&layout=button_count&locale=pl_PL&sdk=joey&share=true&show_faces=false&size=small

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 16:20:56 GMT
x-content-type-options: nosniff
content-md5: OIlAxCmR79nrM/Ez4ygGlg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 299
x-fb-debug: ic88XuOJtGkNz7JR1RYJ+/0Or9Cd3Jkxw8ha1Zq5u8+20e7YKcz26wkrACXrlssewZLN8ZIzbvgz7Ibtpl2jUQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Thu, 20 Jun 2024 22:19:58 GMT

GET
H2 200 UQEWgAUyr7Z.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7Kf4/yS/l/pl_PL/ Frame 4CC6 517 KB
134 KB 154ms
51ms XHR
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7Kf4/yS/l/pl_PL/UQEWgAUyr7Z.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

2c967cb0e2351b0ec9af57d928d7ecf40b871dc993fb0600d194f43875f0c963

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: pl-PL,pl;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 16:20:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Envk8nMuQp3vjn1WGGXrQQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 136657
x-fb-debug: XcYlBC/axp7fx4h/IG0AG+4l+GAjaWpUBS/9wD/N33Q77OoZ14uqwBruKk/iEvRcAGzTDYsD+QFYlGPkvDL6zw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Wed, 26 Jun 2024 03:19:08 GMT

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ransomware.pl/	1970-01-20 21:36:58	Name: cb-enabled Value: enabled
.ransomware.pl/	1970-01-20 22:27:22	Name: _ga Value: GA1.2.1212574710.1687882855
.ransomware.pl/	1970-01-20 12:52:49	Name: _gid Value: GA1.2.2127126448.1687882855
.ransomware.pl/	1970-01-20 12:51:22	Name: _gat Value: 1
ransomware.pl/	1970-01-20 12:51:24	Name: stg_traffic_source_priority Value: 1
ransomware.pl/	1970-01-20 22:17:18	Name: _pk_id.e3567b9c-71bb-4832-8078-1921ae80f745.7fb6 Value: 3c89820632dda8d5.1687882855.1.1687882855.1687882855.
ransomware.pl/	1970-01-20 12:51:24	Name: _pk_ses.e3567b9c-71bb-4832-8078-1921ae80f745.7fb6 Value: *
.ransomware.pl/	1970-01-20 22:27:22	Name: _ga_3JK2BMK9XJ Value: GS1.2.1687882855.1.0.1687882855.0.0.0
ransomware.pl/	1970-01-20 21:36:58	Name: stg_last_interaction Value: Tue%2C%2027%20Jun%202023%2016:20:56%20GMT
ransomware.pl/	1970-01-20 21:36:58	Name: stg_returning_visitor Value: Tue%2C%2027%20Jun%202023%2016:20:56%20GMT

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
payload.containers.piwik.pro
payload.piwik.pro
ransomware.pl
region1.google-analytics.com
static.xx.fbcdn.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
142.250.181.238
142.250.186.35
142.250.186.74
142.250.74.200
157.240.251.9
157.240.253.35
167.235.242.21
20.79.102.66
216.239.32.36
01ab066ac9e46d2cf6350f1cee4aab2fce81235c59595ce17d0bf6bf6d052bb2
03c970ea4c3f6d574182c00962623dc0f6f09232f52ca327cdaea24e6ebd71fe
042f7b4e2b5d289f0c2c4dd00c773e846c021ca7806883cca35a3f73070797b0
0622a340d9ce5483d12655dc8b9e0a04e708339704173db3f5adbe679ea302ba
067f90c698566d0d3c7d828a8d90f7236a109ae011f6efafe76b92ab02050d89
07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293
099b5a32356628a6fe89ec6839b8ce2e2fdbd828c3b8e017448880c44fba25af
0ab16e166be3148e6566d249b7b15b035163508d645de47e86eca26b4df0085c
0d32d73da06a975a2a369f8d38d7eb3cb0d5527a8b640eb0cd038bdc0528615c
10a5dcd6b838d70cdaa4a61ff196e19b8adda50f7a3dd0e1de3b1725a2dba816
163af638ea76633ba4b594c907cfd6baa6226770eaa99a2a91f0dce644350aa9
16578d91e7834356bdab9bc22e81ea0d3703731f32b13b8644603bd6ae872e2a
194f5a56ab7bbb138647b4228ccbc5462b9b5e2a5b7afba4c4079b6808555a10
1be10587f37bc75439dfbf5f48214cf6bd4aba0b2dcff39159ea12642474a0d0
1d638248f0b343ca46bba0aadd5dae169bbae6ba52e2054ff24d2404d7146d3b
1d90d8acaf8e945cbe6301f571086a38f216bd9c161fa975fea3c75b6f8d3662
2261bd9432f6e525f51adda3d46fdcd806984c17bc5b6125a2966789add14e15
2275f5912b625f866b09e38923e81105b9c25595dafd1142718cc22636b0e0d9
22e59e77c6ffb9606d52ad5d9c1c204b482c7fa6ee9f86c7b0d24ec16585e7d6
24db18ce2f84de05c5d1699844639e31b7e1765ad91c1658ff13a5875f7160f8
2647bcc9e11f9491bf329d5eecf09eaec7757f04eadf1e0d6398e8b5887f070a
272bfa13f9302434e4791cd822429f7a93278a2897817732aeaf2a2a3f64ba72
2781e9e7c3f369b8fc7965e679b17b60b5b11eaae5da1e5045107bbdd9d568f0
29576d5fb218f47d83e6f362b5a453e2d3f71afcdcc8bdbae6409493e4df5d7e
297f10b415968f32ba96155e689b02d5a969ea0a2c11fc3323906eea32f559da
2aeb19c0153eb1ece80060d8a72a2334c3525b37e1c49cd1b5fcdba07f5ea755
2b2dcc10b9dc84f5c7621cfecdefa5843fa223f6b303e770cd717f1202384df7
2beef56f943cd5a4219ffa68183a1a5a5c1e0a1e3fb9e64d2dfcc68de258eec3
2c967cb0e2351b0ec9af57d928d7ecf40b871dc993fb0600d194f43875f0c963
2d288fd628e1f675a3aff2b61c0a6e01da37f5f86644a711123aaa2bafa9ca0f
2ece1ce88d0c0ee1733e95c7bab6fc3795dc0fefc8e09027c67302d621479b47
2f6728e4e86d7e94258096758a335bfc31e1c5f18de79ddc511709a5b17fda2b
36011baa324393c9ce8adb5c361ecc0c81f40467d3674c9d7a2be12dddaa1c17
37f54cc01ebb6ebf3588137d58ac15bbb0fa334da989c6bee4e9ecea99fd76a4
38148a365eff1b335706eb3a448f1124a2edb4424d2b9a97261c2c7c4e3290e2
3824730ade9891ae29ba5ffa9885217fdbc27c047d470f41078e0029bde9bd70
38799e533bce08a6747d6274ab753635675208a06b1077d372774d3378eedc87
3add9ff7a05c03ea0fd691d30b143b532a9cd2baf3f47950484f6bdeafb21137
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575
4432feb09cc70778efc2327674c98e858a4aea9f3394ddaa4675f0ad450427c7
46a281a1408249d6cfd6f5e2bd7db6ba8c45e74b51c15d8a2a68d02a4df7f82c
46c364468eac164a057f562fe16953c54cb79245e9d6ed1e2ec605483fc09304
4724bbe13a836017dbe5dec9e60114b2c202b04ef4a27a277ca21edc9273ecd3
47ec7ea65620c8be7945819dd593916a9c7c892e727e645c2990819c414ff31c
48c148e5ac041c341c3905e88145daea97a5b3db7b43d30da963fcfe59503589
48c4f48e82e91a2ee301dfdeb2dc2c8d96b792eba06c467488a4731a9cdd29b4
4900351804961ce96fff6517fb9d09e63b143c29d3f2bfa3efeb319e1c747718
49f209ad858a67f0a90be769a67fbd0027916f9a63b13f96bf34bb43baad5b4a
4b06255fd9d0b995d6af5cd69cbfb7025c7c64d82b06af78d0e6aed520bdf4ba
4d9639da0330ff7b0b52f87df53cba3b1f593c54365667f187668bb7b2bc305e
4e3ce54f49342ba7be93e5c39eab191f882c71168125025563966512c041f402
4f6296e444d107bfb62fe165b3ea638ee10a603193cfd87e78d80bd3e289f57b
4f811fc19c67d51cc0c0fa6db44f0185d7e646210f18e1586356ceb53fcdcb11
4fa72a8e292674529c8c0fdc8b0ccb7974e214d83e862316e91743ed7453b1c6
5039f3a6e9dc5769a5a549d8cb447deaf41b1996845d801d4061b98dbe2182b7
5101078d3b655e522e673dd24376220d3b7314e0ce09e71cc6e50051a6c12e6c
518709d5211082b7eaad885b0af029879b541047ca168fe8939c58faa479c78e
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
557bf5a32d3652744f1ff53265ba27bd8ea1fbf0a666e87fe5146be7c306ea6c
55cf1dbaf9ae34863df6756fdba5d4bb4c95e5a161e3ce2b443bf78e9cf8209a
560869e861e2bc3ef27b70181a49f1767380e1731627b7886a24dd9cd4a54d3f
57542284bb28199b225f20766d2823edec53a4f96b3d7b8fa935b811142619f4
5798d60f250df2a2b531011e1f77c7726d8cae1f7edc46939e6d74bbfd67102f
57ee79a075988022dbba194641b8ac15c9fdd7ca903fbdec2393426b782dd03a
5d9948871b14b1b87abdb4b7f1fb40815f3dd6b0da8fe1049473cb4b413e3010
5e706492a58126e46d39531931a35eb9cf31a401a477d8b5fc6d659f1f3cc490
5f2c60cf23b7ffdce424ea0853322ba77e971fb0da0f88a7d2cfdefafd766f3d
606b1eb6cc280faaae1422856955112606541562380ab9a40f5121e2611be891
60db219ea6b7b1dc8c88ecd200903275cc80ceaaf90a779cbe3c48ee15132226
65800a729f583f1366785a9890e856396f4563f7b1b2d3b8ea4e275950a65d5e
65aa02cae25114e3ee163d509586827435930dba0eabca2dd059c3961a28d189
6eeae6b2e8b618cfd938ad2c054bd11e27c4d0914a99c606cb600ef4e6279cdc
70225c8f003d2557ac84a953b4c5e33062a3f7953fc1c2aec55fa47ae3b1b123
744228ff00e5a7d6a0934a291e0386618899afbfae14fa0252dab9de7349eb89
744835aa963019d01ae30880ab933c594fcdfc586c1e568bbec95be8afeda0b9
75ae022c6e095b9e19e39b29568278086df84bccb97dd9015ea2eee4d521cb45
76ebd45640122ea81ec039c615a7a214a6e140ee26534231125518c87ddcf81e
7722eb69e500cd417ad68004ff568351d3d47faee948468c311a8dd3cf7a770d
7a481217cb673a6b9c197e340bc6304728c430d5ee711271a6464b541e0e4483
7b747c28dbc530303016e0e6c102c07a7aa3ed4b4bcc4ffe70276a7c0febee39
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7e09ecd62324b18146ce23420fca5a5ac27cd88d0f843ae975243e93d58637e5
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7f1c829b0c90fd664a03bb714a74f7d35d9e38ee1687104abc8ad5bd9c8ccb6c
83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91
84db9f0855d24f9a7dfba9315d4744be666fd9514752c18d85945bf6cd7202a2
85df19230dee5023ee0992b6ccfd192513cb4d9ccffa90ccfd6fe23c19085d18
88b7bb3616903293b098dd1209d6cf82c81190c2bc655510688153e9871934c4
88c7f211a568aee2d12fdfbe37b487dc32f5bb25d95135808600acda5826614c
8950f2c49603c83bdac275a679e06e9f8938bc564198bb39c195014033bf4e94
8a85545635f451285bdc25c06313ad945bcf21ba26cb876d848ab133ee6e2736
8d5ad3c7f7f2ffbcf18f6a25b01a4cb94992168af5100f8f0a05c09f9800d889
8f3c48bdb2a714f3ab6737935009e39f8c07aaacaafe928efbafe812a5fb41ac
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
925dff987ca733064fdc994aa05aba0157b423f6ca594d0cd986712183b0f851
9612a964003c294bc9e9909ee31eebc0344ddbfbc09420e376a1235f06702696
990cb2cd5d06444fe18e91d06b54c8578f29ab2187e77fb76496cf76a64010f8
9a0cb29c9dbc895dc0b77ff446f6f7e10df6f9a2302327b4fba52c77c546a0e4
9a5b90d30ac02c1713f8c4f77610f22e2e70fd4883324e553c1cfda527096ca5
9b34f57820a9c50ab5139983581c60d7382a6754d2e407a951acb090556c992d
9c4ec5db6740e4fd1bd3e45bbe6d21123cff2c4657feaf585b3b21fe00df53f0
9d50ff9eb95bff0004a8a26fe25e9681671b3356b5a9a0bf1b6f0d6eae0d1d12
9e1a043dcceb521ef2773506220afb68bf366e2bcf048dd8efca38e98827b7c4
9e53fa51c6b430f0da9bc997d73f64584b56e7e0a3ac0b4eac1202ce3ec6bfc5
9f2346b992a9bf57ac45a54bacf914941d89b68daeccb9deace09bd02411d0cd
a14b46fef9dccd7dd3b6c8e6a7e19e32438d474713e8ef8927629e30b4142ace
a1f81fe1ba4be284b6e4361e6492ecf832aac23e72a0302807085c7b83c4123c
a24274c6376cf0e0b147381c07edd272d680601bae61743a32160d612875be81
a4bed3982e81ba49c2f01e5d7a210011d652090f2e563b19ab66455974ed4736
a6f9990dbc0f0cb595fddf47ef359eb3299fe1c5256fd85a9ddcfb9054de8e7b
a79022dd32ea8cbef21ad52d1055a5d7df0ded0d75dbf6a4111c42a519cb47f8
a7b4cb3db2cf3d417e8e69528fde70b5ed09686cbf54cb06e5dd993dfa452670
ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0e3aa49a4b8c073551a63f973fbd5000a23d17a5af3cf07e2ea30edec7bd9d5
b153ed5268005996e0bf3f4aa64b436e0f1721c44122101441f683ca5f7763a6
b34065462b7d60503022c224913e09c338aae7258e181e66e57ed11636eee27d
b3890858ae4043da2795aa5c770c54b215a20d8e30f650c96c68e2d693b8214b
b420a9e96daf8d32b09ab828c953076abfb046f1a4360608437293bcddc83c18
b464b1036ed3304bbc037ab8c5990d59061ff934967e58f5fecb98998238f50a
b577d7465c784e6fbd140306a8fe1aab4b1fcd64db72792f2917b288f7201e2c
bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e
bbeff172da178352b52b17bf4d275db6a08f1cd0b07040a9bbecf9d0d9a828d7
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
bcb8b3f7d98c81505fa09c24cd58f318c1cb046d787b7a0f5810ae524ea495e7
c00b431262563c94ac1f4581b1d954c2ec5c62d78474ed9789c3b335a79ec600
c0b1950c24f059ab7fe9c2f6321dcf8b8148b01156e09f8424982c4bcf5a1d21
c2ab861a67bf3082ca822515cf58f038ef26ac8a045334d05f5963c1595ff857
c350fa4a0da7403eccfc32600fe6b3d7beb5b590c53293b8f69bf68df6e43bea
c52f94386e6fb8ce56d01340f475727ebaa99bbda6b1c5225957c77b2fd86bed
c63be02717683d2efdc8c887d77d289092a50b7d51210e87033045ea2b7c9eed
c6bf82f42be4aebc51833686acae849881c4246e32b6ac0da024d97c02cdef4f
c6f961290c57a11443a705f0c49b2a5374a148272a3f4f79e2961315f6339ee2
c6f97e84f8cd9ac8c18ebd43f90decc8ce54c6bba747463f38256f8ab5ef6418
c748e7b82a140653ae2d854ff76d7cfa40fa1242f656ee08e93bf8d05ac82602
c770b5c9a93803b76179f741d98ded894b826d3cec688b57e312e62f45f8bf15
ca89234b9b45dfaa22b430e0783f2a42b0e749c03053c7f69828cae157e1d08e
ce2341af34153f675f680dc591fb85237702688557d2dc09143b2f707d024fd6
d2373378d19cc2477eeeee4f88cc63ef3f982bd7d92f37d595287a1d6a4ffa3a
d5354ecc4e4e73ad1e939d16f92e5db7b110f9dac18314d78ca5b47fb461d825
d612214a5a30838bea68567f6e290f31f106c1280cd05b48b3b9b1d4f0031c29
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d73e3cbe5d0ca7fc2c9fd69d9e3a137fcb03bf0bbb7b5f31541a40984e751543
d7d4334b43cb324c2c19f523bdb74a1ff2e7b828b669a76b71e97d81a606f78e
d81f13cc878d1c9d97f8c69dc5aadd1e54fb77897a32e1dba8f3154b1f4e6047
d980ed68664d9096f884a0e2957b638ce9c0766917cf9f1fb7b2a0dfc5e4e56f
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
de01e33153b2fc38c17d259d411ce3c05fb3914dca28de7594eb3356828ef58d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df136d6462968b36a84f1e44b06e037a2a165f3f5655fcee92afb2a7f6ae98e3
e031a0cc2732a103c5c9b619b51ec58c0bccfe398173861af12ef4f2be2e9407
e0686445a95fa043ed2cdf6b66846189d0048148e116188e3bf3abeda649f622
e399d8b739951201899777df0fcca4624f3cd19406e488e172b691908f675d31
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c4639f7bbe20142c85f7103efa90c90155fc0bc98dea12a115d903c38ecff7
e65c28535add6ccc255596d00bc3584a94f4dd18918fa1b4b44c497aa7f8593b
e6e40fa26713134203caed2e8d9362a8c75f5c337f02e25e00723a258eef66ea
ea132692052eff279b83e112d4f77f9ef37e6c88386032a2162931cf3f0e72e4
ea40d450aba1b968363c725912b035222155046a64acc60f14829a3e53e2006c
eab1977fa71640e335e89de2fff701d073e9617692136ea0abc4363e02e5b478
eb0eac11d4469d53fd027bd46e1542956964072d29b0014009a89a78c4fbb312
eb5b234d3362e581126e2b339e7d40a06e6d693ede0cf770f9e28c6e4eab5f5a
eb7ccdc502d7b011f69b0c7ea745abade2a50a2d3974d9a22b2a64d09adc3b8e
eed02cba44c41a3cc05f567d4ac609dbaa9877c92b5ad0ca76eb4c17bf9ebb4a
f301fb70a8cb55df8ae0ce8b82d1fdc77e759a124ddc1531edac72183ba144a7
f3f198bd3505f9244df739ccddc4fece7a3036aa9f268548f49364e9a5d3060c
f3f96161d642558a8c6b61d48165ae6f59758010ba634b9a0182c05c08c6246d
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5e40bf5eb84cf9793e143cca1296d343a2f08463074c7ba621e48cc435910e3
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6ad13c5998b9c35694384d3b8a11b680a6f645e59fab0d9d704a1ec95795736
f756ddc0418dc49ca245927cd8c577c3c304af79182efc65d5ecbf8e77a690ca
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686
f995db2d9eec30f4e0b2d72572165f382459ab825d4819a091c1cce5640f2ec4
f9c5d7f4f45e782f726d815400ba9e8a33355f2f231f9f6d20db0903ddada98d
fa5cfd7e6844e92acad311257288780bf680e6ad61167ad7f90eb17a9f47dd27
fa77538239ff2758ff9fa8ef646cad3e9ca818dd13fbf15ff3ca8a8bee173c69
fc66f942651a9fe1a598770d3d896529dcd7a03d02f40655451513093103e61b
fe4e5d4d4f0e1b9904c98cbb7711983fc593380683492756e21c2325e72b6dad
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

ransomware.pl Open in urlscan Pro 167.235.242.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

184 Requests

100 %HTTPS

0 %IPv6

9 Domains

11 Subdomains

9 IPs

2 Countries

3146 kBTransfer

5923 kBSize

10 Cookies

1 Outgoing links

Page URL History

Redirected requests

184 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ransomware.pl Open in urlscan Pro
167.235.242.21 Public Scan

Screenshot
Live screenshot

Full Image

184
Requests

100 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

9
IPs

2
Countries

3146 kB
Transfer

5923 kB
Size

10
Cookies

184 HTTP transactions
0 data transactions