fastfire
commented
9 months ago I get a 403.
Closed nu11pointer closed 9 months ago
fastfire
commented
9 months ago I get a 403.
nu11pointer
commented
9 months ago You get a 403 on the root page. But that domain, if used with the format I specified, will give you the files from the leaks. If you access the main domain from RansomEXX and download a leak, you'll see it comes from this domain I specified.
fastfire
commented
9 months ago Thank you @fssecur3
This is the domain RansomEXX uses to make the leaks available for download.
Format:
http://zubllg7o774lgc4rdxmfcfpjewfkqa7ml7gxwl5fetogc7hbkvaprhid.onion/<leak hash>/<file>