URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Submission: On November 12 via manual from US

Summary

This website contacted 9 IPs in 5 countries across 8 domains to perform 71 HTTP transactions.
The main IP is 185.244.217.73, located in Dronten, Netherlands and belongs to ON-LINE-DATA Server location - Netherlands, Dronten, UA. The main domain is hvcep.ybsfdownsee.info.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
42 185.244.217.73 204601 (ON-LINE-D...)
1 104.155.200.82 15169 (GOOGLE)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
14 217.182.203.50 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
3 217.69.133.145 47764 (MAILRU-AS...)
1 4 2a02:6b8::1:119 13238 (YANDEX)
1 2 88.212.201.204 39134 (UNITEDNET)
3 2a00:1450:400... 15169 (GOOGLE)
71 9
Domain
Subdomains
Transfer
42 ybsfdownsee.info
571 KB
14 pokemongo-go.ru
419 KB
6 gstatic.com
73 KB
4 yandex.ru
94 KB
3 mail.ru
9 KB
2 yadro.ru
1010 B
1 webgringo.ru
14 KB
1 gogofinder.com.tw
182 KB
71 8
Domain Requested by
42 hvcep.ybsfdownsee.info hvcep.ybsfdownsee.info
14 pokemongo-go.ru hvcep.ybsfdownsee.info
5 fonts.gstatic.com hvcep.ybsfdownsee.info
4 mc.yandex.ru 1 redirects hvcep.ybsfdownsee.info
3 top-fwz1.mail.ru hvcep.ybsfdownsee.info
top-fwz1.mail.ru
2 counter.yadro.ru 1 redirects hvcep.ybsfdownsee.info
1 www.gstatic.com top-fwz1.mail.ru
1 webgringo.ru hvcep.ybsfdownsee.info
1 www.gogofinder.com.tw hvcep.ybsfdownsee.info
71 9

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
Subject / Issuer Validity Valid
mc.yandex.ru
Yandex CA
2019-09-23 -
2020-09-22
a year
*.mail.ru
GlobalSign Organization Validation CA - SHA256 - G2
2019-01-18 -
2021-01-18
2 years
*.google.com
GTS CA 1O1
2019-10-16 -
2020-01-08
3 months

Screenshot


Detected technologies

Web
Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i

Web
Overall confidence: 100%
Detected patterns
  • url /\.aspx?(?:$|\?)/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Web
Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

71 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set arvest-data-leak.aspx
/blog
37 KB
38 KB
Document
General
Full URL
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 / PHP/7.1.22
Resource Hash
55e5cbbd9f5fb1090c60cf476268d49efa6c54c790b58881ac220fded296342e

Request headers

Host
hvcep.ybsfdownsee.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.14.0
Date
Tue, 12 Nov 2019 16:14:30 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.1.22
Set-Cookie
marker=02288c4444148b522b2786ae24942065da5e579e; expires=Sat, 11-Jan-2020 16:14:30 GMT; Max-Age=5184000; path=.aspx id=89edd985d3359329274111bfece56ee5; expires=Sat, 11-Jan-2020 16:14:30 GMT; Max-Age=5184000; path=.aspx qwerty=0; expires=Tue, 12-Nov-2019 17:14:30 GMT; Max-Age=3600; path=/
css.css
/templates/theme7
2 KB
2 KB
Stylesheet
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/css.css
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
597a5c80aad846e7f8c58618db309856ad1007124399b9d53c7535f550250e9d

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-851"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2129
00ba95c9f5889579c42449c9bf698229.css
/templates/theme7
21 KB
21 KB
Stylesheet
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
d5680d59080f80143ab3b553aac4c1bccf542ebdcba9b23d8585678b6e0ffbe1

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-5397"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21399
pokemon-russia.png
/templates/theme7
28 KB
29 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemon-russia.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
50c8e0ec0aa0df594be47cfe4f9df6996960dee8df18eed18543f775aa5520a5

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-71e0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29152
pikachu.gif
/templates/theme7
25 KB
25 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pikachu.gif
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
e054e41f454ae020be13f213a4b76f2441d65de61cdf9fd25ea721a6bdb4ab32

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-62f5"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25333
pokemongo-vk.png
/templates/theme7
930 B
1 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemongo-vk.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
8c7402b25cd775c2a97afa98fb9096afafda07b858ff6bd17917039764c05bee

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-3a2"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
930
pokemongo-facebook.png
/templates/theme7
777 B
1015 B
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemongo-facebook.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
a3581bfec3de5b95af9d538899eebbd7030c0378bee2b6389bd5aaa86361f803

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-309"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
777
pokemongo-twitter.png
/templates/theme7
822 B
1 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemongo-twitter.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
6eec744deec67c7e4a8dfdcff71f88485c10dcfc7085f539bfe8e7383e8d70af

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-336"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
822
pokemongo-instagram.png
/templates/theme7
2 KB
2 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemongo-instagram.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
fb33b0369ddb01a73cafa41bd0e17b08528977a16cd41cf0a4bbd100c5d269df

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-61c"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1564
pokemongo-google-plus.png
/templates/theme7
870 B
1 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemongo-google-plus.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
b2968fbf3502e7c99c31936da119e5e1d0f5c92e9b07f281957802efdf29843b

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-366"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
870
pokemongo-rss.png
/templates/theme7
1 KB
1 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemongo-rss.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
43e8bb7493f32f620c2da7c83c5cab1d1a21342366e8465eec84139b881ac14c

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-427"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1063
pokemon-smartphone.png
/templates/theme7
52 KB
52 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemon-smartphone.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
349d145a4a5e3adea6457a4c8c26385192ce242dded0f09267848dd1f74c6434

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-ce0c"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
52748
views.png
/templates/theme7
141 B
378 B
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/views.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
13a848ce06543b52c8f733911f5dba000c83e279538bb66b670dc38ab36870dc

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:16 GMT
Server
nginx/1.14.0
ETag
"5d386d58-8d"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
141
1372214534wXRLwg6b.jpg
www.gogofinder.com.tw/books/pida/1/s
181 KB
182 KB
Image
General
Full URL
http://www.gogofinder.com.tw/books/pida/1/s/1372214534wXRLwg6b.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
104.155.200.82 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
82.200.155.104.bc.googleusercontent.com
Software
Apache /
Resource Hash
77f457750504ca1b9c40bb84762cff84f8a84f31245b8ddd661dcb231bb7a794
Security Headers
Name Value
Strict-Transport-Security max-age=631138519; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 26 Jun 2013 02:40:20 GMT
Server
Apache
ETag
"34f535f-2d591-4e005910f4d00"
Strict-Transport-Security
max-age=631138519; includeSubDomains
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
185745
x-xss-protection
1; mode=block
vk.png
/templates/theme7
213 B
450 B
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/vk.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
d2411fa1e7f6d6ab9ad16e976402f8ddc58e6454cfc31f80f42475aef2c5daaa

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-d5"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
213
fb.png
/templates/theme7
198 B
435 B
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/fb.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
1977e06ea4c903abe171c97aa488c3acf6c9d7c84660b668728e04bf9c7bbb9e

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-c6"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
198
tw.png
/templates/theme7
305 B
543 B
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/tw.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
ebb4153e1522fdd1fd2a602d40a75a17eb2461298adb755afa45423ed55ce223

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-131"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
305
mm.png
/templates/theme7
312 B
550 B
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/mm.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
21cd8ae20dab28500a9f8123943f37ba2cccf2b04c5c5338ace45dd13f3a7b9d

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-138"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
312
od.png
/templates/theme7
284 B
522 B
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/od.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
93ab01bd4b9756501f309fd16be25a299b61c4c81a3204031fe319105890bc7e

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-11c"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
284
brght.png
/templates/theme7
1 KB
1 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/brght.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
0bbb11fc9f19e93ace2c4779595f631f89c51b74eacba2dea6ce1cee5cab1571

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-4da"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1242
bleft.png
/templates/theme7
1 KB
1 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/bleft.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
166e008b231c0d454bb4c7ce017740a51776808f9a4d799be78951386d83bd74

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-4fc"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1276
pokemon-go-lap-220x140.jpg
/templates/theme7
10 KB
10 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemon-go-lap-220x140.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
c3e45cc1995a51ab6b234700d1911f5b6cd65e12cc837c8e251c5ba759035811

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-27fc"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10236
pokemon-go-domen-220x140.jpg
/templates/theme7
12 KB
12 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemon-go-domen-220x140.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
45aab5ed90ee99efb1e5841c63104ba9cfcc365320ce976e6f01e058eb30bbee

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-2eb6"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11958
pokemon-go-vyletaet-ekran-220x140.jpg
/templates/theme7
8 KB
8 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemon-go-vyletaet-ekran-220x140.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
d2261a88cc06cb20c7cf90efe6dc912a97d0c44842a2fe1c3f2ee0ddf47d5b6d

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-20b3"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8371
143.png
/templates/theme7
9 KB
9 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/143.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
87f1f192b584ae14c223aa13d95601c7b451895ffa814274dfc2b60c6780b87e

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-22c7"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8903
pokemon-go-cp-kalkulator-220x140.jpg
/templates/theme7
9 KB
9 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemon-go-cp-kalkulator-220x140.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
4ff693b6d136978bcc3a7bad9ac0497ae693b138d5594435cfd6a80a38ef5ae3

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-2248"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8776
pokemon-go-komandy-220x140.jpg
/templates/theme7
8 KB
8 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemon-go-komandy-220x140.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
43f5e482c1abe5b5f81619dd5adf432ed015b8124b1b838dab5ae424ea8ce45b

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-20bf"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8383
code.js?d=gjtdu5deomstemzzgq&public=1&ref=&title=Arvest%20data%20leak
webgringo.ru
84 KB
14 KB
Script
General
Full URL
http://webgringo.ru/code.js?d=gjtdu5deomstemzzgq&public=1&ref=&title=Arvest%20data%20leak
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
2606:4700:30::6812:3b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.4.45-0+deb7u14
Resource Hash
19d3432349ff0c7b5b3956f4eaa3ea7c14da73581bd6e5dd761823039f8b9e58

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
X-Powered-By
PHP/5.4.45-0+deb7u14
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
CF-RAY
5349cc9f7903cbc8-VIE
bg.jpg
pokemongo-go.ru/img
954 B
1 KB
Image
General
Full URL
http://pokemongo-go.ru/img/bg.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
53ccbc3b24d5bbf9a78e130fad7046c5cf0941ec9a7753d8b0f570451bf46282

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-3ba"
Content-Type
image/jpeg
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
954
head.png
pokemongo-go.ru/img
97 KB
97 KB
Image
General
Full URL
http://pokemongo-go.ru/img/head.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
0e3eccb30a69416eed735e3080da56626e068eb8b32e264bb7737ced8e4c94c6

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-1822c"
Content-Type
image/png
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
98860
forums2.php?key=arvest+data+leak
32 KB
33 KB
Document
General
Full URL
http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 / PHP/7.1.22
Resource Hash
3d37d0f9635baef822ff39d323c722d1ec249abdf095d0cd99f4df4e5968ab66

Request headers

Host
hvcep.ybsfdownsee.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Accept-Encoding
gzip, deflate
Cookie
qwerty=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx

Response headers

Server
nginx/1.14.0
Date
Tue, 12 Nov 2019 16:14:30 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.1.22
mlug.png
pokemongo-go.ru/img
103 B
357 B
Image
General
Full URL
http://pokemongo-go.ru/img/mlug.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
1c330d2a04c208e4a814de540c8f7046e8add00ede7cbce8b5945d8514e6aa19

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-67"
Content-Type
image/png
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
103
slusov.png
pokemongo-go.ru/img
116 B
370 B
Image
General
Full URL
http://pokemongo-go.ru/img/slusov.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
d04af9f5dbd68913a3f6b38b9b19b4e0df101324cc96af9978fc87a963bb4ec7

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-74"
Content-Type
image/png
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
116
strela.png
pokemongo-go.ru/img
88 B
341 B
Image
General
Full URL
http://pokemongo-go.ru/img/strela.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
1e2c1bf6583cacc524c6fcaea6dcdb8308ae20c20b2b0e031ce5c4beba21b0ef

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-58"
Content-Type
image/png
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
88
men2sep.png
pokemongo-go.ru/img
124 B
378 B
Image
General
Full URL
http://pokemongo-go.ru/img/men2sep.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
bc413dcdd5261a8f4fa5695fcac94913fb504dce4fea7f13f44b42a02799d2a0

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-7c"
Content-Type
image/png
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
124
mlug2.png
pokemongo-go.ru/img
100 B
354 B
Image
General
Full URL
http://pokemongo-go.ru/img/mlug2.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
eb817d4d75b3396319463cdb7fa54d904ca145bfb14647e6314db7520db44164

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-64"
Content-Type
image/png
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
100
cit.png
pokemongo-go.ru/img
89 B
342 B
Image
General
Full URL
http://pokemongo-go.ru/img/cit.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
84425d9b7ff008939ad0298fc0ee2a816bc7a4ade7ee5cd13187327bae663445

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-59"
Content-Type
image/png
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
89
bul.png
pokemongo-go.ru/img
87 B
340 B
Image
General
Full URL
http://pokemongo-go.ru/img/bul.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
190bc32e894a450fccbd49195e2e69072a2972a99b7125be78992cf22b6c2a0f

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-57"
Content-Type
image/png
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
87
metki.jpg
pokemongo-go.ru/img
389 B
645 B
Image
General
Full URL
http://pokemongo-go.ru/img/metki.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
14f483dc2a8f5537d297f7eaad2466fc96f0201cb9fe0057e6c3ebb2f687d274

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-185"
Content-Type
image/jpeg
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
389
pokeball.png
pokemongo-go.ru/img
17 KB
17 KB
Image
General
Full URL
http://pokemongo-go.ru/img/pokeball.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
efce01381b060f96c55182d98c9f07219f075a2b9f2bbf1819929d08f78e81e4

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-447a"
Content-Type
image/png
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17530
bgrandom.jpg
pokemongo-go.ru/img
3 KB
3 KB
Image
General
Full URL
http://pokemongo-go.ru/img/bgrandom.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
10b968a89dca2181a89a67768501169d3ea623a38ee34ef2c51002521e786cd9

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Mon, 18 Jul 2016 03:15:37 GMT
Server
nginx
ETag
"578c49d9-cc1"
Content-Type
image/jpeg
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3265
arrow.png
pokemongo-go.ru/img
1 KB
1 KB
Image
General
Full URL
http://pokemongo-go.ru/img/arrow.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
9f88c0f2c1952525d0f476c45d99df76f930dc17943b42c93a19f0a4bb0ffee7

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Mon, 18 Jul 2016 12:30:43 GMT
Server
nginx
ETag
"578ccbf3-42c"
Content-Type
image/png
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1068
footerp.png
pokemongo-go.ru/img
296 KB
296 KB
Image
General
Full URL
http://pokemongo-go.ru/img/footerp.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
04f94fdfbbf2a2cb0b258b49c35e4253188182b3ed45016c95724da6a37ac0dc

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-49f0c"
Content-Type
image/png
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
302860
rZj40-VH1f1Wt0yg6Fkbcw.woff2
fonts.gstatic.com/s/cuprum/v7
17 KB
17 KB
Font
General
Full URL
http://fonts.gstatic.com/s/cuprum/v7/rZj40-VH1f1Wt0yg6Fkbcw.woff2
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c92cd6f29e0a977a447bf4dbda2d1ccf31e15c055ef965eddc4c8f2c88768f71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://hvcep.ybsfdownsee.info/templates/theme7/css.css
Origin
http://hvcep.ybsfdownsee.info

Response headers

Date
Thu, 31 Oct 2019 07:18:57 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 28 Aug 2014 18:20:43 GMT
Server
sffe
Age
1068933
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
16936
X-XSS-Protection
0
Expires
Fri, 30 Oct 2020 07:18:57 GMT
gJovVCIsuVHpE7lUT-5TYfesZW2xOQ-xsNqO47m55DA.woff2
fonts.gstatic.com/s/cuprum/v7
10 KB
11 KB
Font
General
Full URL
http://fonts.gstatic.com/s/cuprum/v7/gJovVCIsuVHpE7lUT-5TYfesZW2xOQ-xsNqO47m55DA.woff2
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
dc9b573ed2c28cccfaa72e2d1ca50b252121763e7aa6fea4152420fcd9c1915a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://hvcep.ybsfdownsee.info/templates/theme7/css.css
Origin
http://hvcep.ybsfdownsee.info

Response headers

Date
Tue, 29 Oct 2019 23:23:18 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 28 Aug 2014 18:24:54 GMT
Server
sffe
Age
1183872
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
10656
X-XSS-Protection
0
Expires
Wed, 28 Oct 2020 23:23:18 GMT
code.js
top-fwz1.mail.ru/js
16 KB
7 KB
Script
General
Full URL
http://top-fwz1.mail.ru/js/code.js
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
31bb1ba9c97d97ce20d80a4f7513c9c78107313ef437cb462fdcac3fcce43e65
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
AMP-Access-Control-Allow-Source-Origin
*
Last-Modified
Thu, 24 Oct 2019 07:46:23 GMT
Server
nginx
ETag
W/"5db156cf-3e05"
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
max-age=43200, private
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Keep-Alive
timeout=60
tag.js
mc.yandex.ru/metrika
356 KB
91 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
9306de88183d37300a50b617a59441e9d18eb23aa1bb0e0e1d1498f10e4bfe92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Content-Encoding
br
Last-Modified
Thu, 07 Nov 2019 13:09:02 GMT
Server
nginx/1.14.2
ETag
"5dc4176e-16bf0"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
93168
Expires
Tue, 12 Nov 2019 17:14:30 GMT
arvest-data-leak.aspx;hArvest%20data%20leak;0.924287914219394
counter.yadro.ru/hit;drs2019f?q;t45.6;r;s1600*1200*24;uhttp%3A//hvcep.ybsfdownsee.info/blog
Redirect Chain
  • http://counter.yadro.ru/hit;drs2019f?t45.6;r;s1600*1200*24;uhttp%3A//hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx;hArvest%20data%20leak;0.924287914219394
  • http://counter.yadro.ru/hit;drs2019f?q;t45.6;r;s1600*1200*24;uhttp%3A//hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx;hArvest%20data%20leak;0.924287914219394
104 B
473 B
Image
General
Full URL
http://counter.yadro.ru/hit;drs2019f?q;t45.6;r;s1600*1200*24;uhttp%3A//hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx;hArvest%20data%20leak;0.924287914219394
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
0W/0.8c /
Resource Hash
aba98d0405c2aad0b6513f606b491a6f03c19811d9dfb2640d5ec9899652a970

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Nov 2019 16:14:30 GMT
Server
0W/0.8c
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
Close
Content-Type
image/gif
Content-Length
104
Expires
Sun, 11 Nov 2018 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Nov 2019 16:14:30 GMT
Server
0W/0.8c
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
http://counter.yadro.ru/hit;drs2019f?q;t45.6;r;s1600*1200*24;uhttp%3A//hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx;hArvest%20data%20leak;0.924287914219394
Cache-control
no-cache
Content-Type
text/html
Content-Length
32
Expires
Sun, 11 Nov 2018 21:00:00 GMT
index.css
/en2_filesss
206 KB
206 KB
Stylesheet
General
Full URL
http://hvcep.ybsfdownsee.info/en2_filesss/index.css
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
4e7bb6566e42c2fdee152a08e86c318168995488c6de03b276829d8623d3fbab

Request headers

Referer
http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Thu, 05 Sep 2019 19:10:10 GMT
Server
nginx/1.14.0
ETag
"5d715d92-3376a"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
210794
style.css
/en2_filesss
9 KB
9 KB
Stylesheet
General
Full URL
http://hvcep.ybsfdownsee.info/en2_filesss/style.css
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
342edfefe87e90119e8c0bea35dbad2b074a45af800a0b530f02346def29a352

Request headers

Referer
http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Thu, 05 Sep 2019 19:10:10 GMT
Server
nginx/1.14.0
ETag
"5d715d92-237b"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9083
translateelement.css
/en2_filesss
18 KB
19 KB
Stylesheet
General
Full URL
http://hvcep.ybsfdownsee.info/en2_filesss/translateelement.css
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
99b27633e72d0a0efc23402c62b01cc0ec5ff40821cd1a84c89a1ef31773612d

Request headers

Referer
http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Thu, 05 Sep 2019 19:10:10 GMT
Server
nginx/1.14.0
ETag
"5d715d92-4924"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18724
logo.svg
/en2_filesss
18 KB
18 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/en2_filesss/logo.svg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
e998d2972092300fbd96a50bb8f98aef7ffeb5bad5573951223502fa526e1c04

Request headers

Referer
http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Thu, 05 Sep 2019 19:10:10 GMT
Server
nginx/1.14.0
ETag
"5d715d92-4703"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18179
de8d69ad638addff7ca1921102b4ae3c.jpg
/en2_filesss
12 KB
13 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/en2_filesss/de8d69ad638addff7ca1921102b4ae3c.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
6fe0721e6988c5c0af7890bd7a93a8a5aca3be0ac40b4ba756a7b872c60c8f9e

Request headers

Referer
http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Thu, 05 Sep 2019 19:10:10 GMT
Server
nginx/1.14.0
ETag
"5d715d92-3115"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12565
2474641_b1475157341523.jpg
/en2_filesss
12 KB
13 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/en2_filesss/2474641_b1475157341523.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
47926118e488878b043c63393f7cd04c14d7bbcea6a41b0ebdcdf68c9750ae3e

Request headers

Referer
http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Thu, 05 Sep 2019 19:10:10 GMT
Server
nginx/1.14.0
ETag
"5d715d92-31ca"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12746
266304.jpg
/en2_filesss
14 KB
15 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/en2_filesss/266304.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
2fd12611f50c86cb1bba2b31a62643b35b260ce15784009f936578b6a01f6ef4

Request headers

Referer
http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Thu, 05 Sep 2019 19:10:10 GMT
Server
nginx/1.14.0
ETag
"5d715d92-39f0"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14832
i.jpg
/en2_filesss
9 KB
9 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/en2_filesss/i.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
8cac518c034914b66edaea2f4e84ff88109369b541203f19f1b673a384f0241f

Request headers

Referer
http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Thu, 05 Sep 2019 19:10:10 GMT
Server
nginx/1.14.0
ETag
"5d715d92-2351"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
9041
translate_24dp.png
/en2_filesss
825 B
1 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/en2_filesss/translate_24dp.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Request headers

Referer
http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Thu, 05 Sep 2019 19:10:10 GMT
Server
nginx/1.14.0
ETag
"5d715d92-339"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
825
;_=0.19308797274239442
top-fwz1.mail.ru/counter?js=13;id=3061886;u=http%3A//hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx;st=1573575270493;title=Arvest%20data%20leak;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=...
43 B
934 B
Other
General
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=3061886;u=http%3A//hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx;st=1573575270493;title=Arvest%20data%20leak;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=f3db3d90829b1724;ver=60.1.0;tz=-60%2FEurope%2FBerlin;ni=9.9//4g/0/0/;_=0.19308797274239442
Requested by
Host: top-fwz1.mail.ru
URL: http://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Pragma
no-cache
AMP-Access-Control-Allow-Source-Origin
http://hvcep.ybsfdownsee.info
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
http://hvcep.ybsfdownsee.info
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
http://hvcep.ybsfdownsee.info
Keep-Alive
timeout=60
translate_24dp.png
www.gstatic.com/images/branding/product/2x
2 KB
2 KB
Image
General
Full URL
http://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: top-fwz1.mail.ru
URL: http://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://hvcep.ybsfdownsee.info/en2_filesss/translateelement.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 30 Oct 2019 07:27:14 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 22 Oct 2019 18:15:00 GMT
Server
sffe
Age
1154836
Vary
Origin
Content-Type
image/png
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Content-Length
1847
X-XSS-Protection
0
Expires
Thu, 29 Oct 2020 07:27:14 GMT
1?wmode=7&page-url=http%3A%2F%2Fhvcep.ybsfdownsee.info%2Fblog%2Farvest-data-leak.aspx&charset=utf-8&browser-info=ti%3A10%3Ans%3A1573575269992%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626...
mc.yandex.ru/watch/49643227
Redirect Chain
  • https://mc.yandex.ru/watch/49643227?wmode=7&page-url=http%3A%2F%2Fhvcep.ybsfdownsee.info%2Fblog%2Farvest-data-leak.aspx&charset=utf-8&browser-info=ti%3A10%3Ans%3A1573575269992%3As%3A1600x1200x24%3A...
  • https://mc.yandex.ru/watch/49643227/1?wmode=7&page-url=http%3A%2F%2Fhvcep.ybsfdownsee.info%2Fblog%2Farvest-data-leak.aspx&charset=utf-8&browser-info=ti%3A10%3Ans%3A1573575269992%3As%3A1600x1200x24%...
152 B
709 B
XHR
General
Full URL
https://mc.yandex.ru/watch/49643227/1?wmode=7&page-url=http%3A%2F%2Fhvcep.ybsfdownsee.info%2Fblog%2Farvest-data-leak.aspx&charset=utf-8&browser-info=ti%3A10%3Ans%3A1573575269992%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20191112171430%3Aet%3A1573575271%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A852071448%3Ahid%3A843400284%3Ads%3A1%2C17%2C191%2C20%2C0%2C0%2C0%2C283%2C0%2C%2C%2C%2C501%3Afp%3A423%3Awn%3A37949%3Ahl%3A2%3Agdpr%3A14%3Av%3A1739%3Awv%3A2%3Ast%3A1573575271%3Au%3A1573575271417669720%3At%3AArvest%20data%20leak
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
1b7ac6642e64c03324ab414fc7e5bd14cf56c7c2af9c72302f61cbce1296c019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Nov 2019 16:14:30 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 12-Nov-2019 16:14:30 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://hvcep.ybsfdownsee.info
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Tue, 12-Nov-2019 16:14:30 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Nov 2019 16:14:30 GMT
Last-Modified
Tue, 12-Nov-2019 16:14:30 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
http://hvcep.ybsfdownsee.info
Strict-Transport-Security
max-age=31536000
Location
/watch/49643227/1?wmode=7&page-url=http%3A%2F%2Fhvcep.ybsfdownsee.info%2Fblog%2Farvest-data-leak.aspx&charset=utf-8&browser-info=ti%3A10%3Ans%3A1573575269992%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20191112171430%3Aet%3A1573575271%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A852071448%3Ahid%3A843400284%3Ads%3A1%2C17%2C191%2C20%2C0%2C0%2C0%2C283%2C0%2C%2C%2C%2C501%3Afp%3A423%3Awn%3A37949%3Ahl%3A2%3Agdpr%3A14%3Av%3A1739%3Awv%3A2%3Ast%3A1573575271%3Au%3A1573575271417669720%3At%3AArvest%20data%20leak
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 12-Nov-2019 16:14:30 GMT
CWB0XYA8bzo0kSThX0UTuA.woff2
fonts.gstatic.com/s/roboto/v16
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v16/CWB0XYA8bzo0kSThX0UTuA.woff2
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
db44c6b7985f942465865cfe688770803ab464ec35fb9aefaeccc052e9b74b2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://hvcep.ybsfdownsee.info/en2_filesss/style.css
Origin
http://hvcep.ybsfdownsee.info
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 03:16:47 GMT
x-content-type-options
nosniff
last-modified
Mon, 17 Apr 2017 21:22:19 GMT
server
sffe
age
1083463
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14600
x-xss-protection
0
expires
Fri, 30 Oct 2020 03:16:47 GMT
materialdesignicons-webfont.woff2
/en2_filesss
0
0
Font
General
Full URL
http://hvcep.ybsfdownsee.info/en2_filesss/materialdesignicons-webfont.woff2
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://hvcep.ybsfdownsee.info/en2_filesss/index.css
Origin
http://hvcep.ybsfdownsee.info

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Server
nginx/1.14.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=iso-8859-1
RxZJdnzeo3R5zSexge8UUVtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/roboto/v16
14 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v16/RxZJdnzeo3R5zSexge8UUVtXRa8TVwTICgirnJhmVJw.woff2
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
266b4cce701b1c27f1c62a9bd5b6ab64fcf74859400e6fabac2d7e11f96103d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://hvcep.ybsfdownsee.info/en2_filesss/style.css
Origin
http://hvcep.ybsfdownsee.info
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 01 Nov 2019 16:15:11 GMT
x-content-type-options
nosniff
last-modified
Mon, 17 Apr 2017 21:21:20 GMT
server
sffe
age
950359
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14748
x-xss-protection
0
expires
Sat, 31 Oct 2020 16:15:11 GMT
d-6IYplOFocCacKzxwXSOFtXRa8TVwTICgirnJhmVJw.woff2
fonts.gstatic.com/s/roboto/v16
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v16/d-6IYplOFocCacKzxwXSOFtXRa8TVwTICgirnJhmVJw.woff2
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
36eea693231e39de5efd21718fea8fc98005b580b264522ffbef360939b8d75c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
cors
Referer
http://hvcep.ybsfdownsee.info/en2_filesss/style.css
Origin
http://hvcep.ybsfdownsee.info
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 31 Oct 2019 03:18:36 GMT
x-content-type-options
nosniff
last-modified
Mon, 17 Apr 2017 21:22:29 GMT
server
sffe
age
1083354
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
14680
x-xss-protection
0
expires
Fri, 30 Oct 2020 03:18:36 GMT
fontawesome-webfont.woff2
/en2_filesss
0
0
Font
General
Full URL
http://hvcep.ybsfdownsee.info/en2_filesss/fontawesome-webfont.woff2
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://hvcep.ybsfdownsee.info/en2_filesss/index.css
Origin
http://hvcep.ybsfdownsee.info

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Server
nginx/1.14.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=iso-8859-1
advert.gif
mc.yandex.ru/metrika
43 B
445 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.14.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Tue, 12 Nov 2019 17:14:30 GMT
materialdesignicons-webfont.woff
/en2_filesss
0
0
Font
General
Full URL
http://hvcep.ybsfdownsee.info/en2_filesss/materialdesignicons-webfont.woff
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://hvcep.ybsfdownsee.info/en2_filesss/index.css
Origin
http://hvcep.ybsfdownsee.info

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Server
nginx/1.14.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=iso-8859-1
fontawesome-webfont.woff
/en2_filesss
0
0
Font
General
Full URL
http://hvcep.ybsfdownsee.info/en2_filesss/fontawesome-webfont.woff
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://hvcep.ybsfdownsee.info/en2_filesss/index.css
Origin
http://hvcep.ybsfdownsee.info

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Server
nginx/1.14.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=iso-8859-1
materialdesignicons-webfont.ttf
/en2_filesss
0
0
Font
General
Full URL
http://hvcep.ybsfdownsee.info/en2_filesss/materialdesignicons-webfont.ttf
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://hvcep.ybsfdownsee.info/en2_filesss/index.css
Origin
http://hvcep.ybsfdownsee.info

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Server
nginx/1.14.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=iso-8859-1
fontawesome-webfont.ttf
/en2_filesss
0
0
Font
General
Full URL
http://hvcep.ybsfdownsee.info/en2_filesss/fontawesome-webfont.ttf
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/forums2.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://hvcep.ybsfdownsee.info/en2_filesss/index.css
Origin
http://hvcep.ybsfdownsee.info

Response headers

Date
Tue, 12 Nov 2019 16:14:30 GMT
Server
nginx/1.14.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=iso-8859-1
load;et=1573575272339
top-fwz1.mail.ru/tracker?js=13;id=3061886;u=http%3A//hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx;st=1573575270493;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=f3db3d90829b1724;ver=60.1.0...
43 B
842 B
Other
General
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=3061886;u=http%3A//hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx;st=1573575270493;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=f3db3d90829b1724;ver=60.1.0;tz=-60%2FEurope%2FBerlin;nt=0/0/1573575269992/////0/0/1/1/18//18/209/229/218/501/501/501/2346/2346/;ni=9.9//4g/0/0/;_=0.49414946213628497;e=RT/load;et=1573575272339
Requested by
Host: top-fwz1.mail.ru
URL: http://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Nov 2019 16:14:32 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Pragma
no-cache
AMP-Access-Control-Allow-Source-Origin
http://hvcep.ybsfdownsee.info
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
http://hvcep.ybsfdownsee.info
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
http://hvcep.ybsfdownsee.info
Keep-Alive
timeout=60

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 47
  • http://counter.yadro.ru/hit;drs2019f?t45.6;r;s1600*1200*24;uhttp%3A//hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx;hArvest%20data%20leak;0.924287914219394
  • http://counter.yadro.ru/hit;drs2019f?q;t45.6;r;s1600*1200*24;uhttp%3A//hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx;hArvest%20data%20leak;0.924287914219394
Request 59
  • https://mc.yandex.ru/watch/49643227?wmode=7&page-url=http%3A%2F%2Fhvcep.ybsfdownsee.info%2Fblog%2Farvest-data-leak.aspx&charset=utf-8&browser-info=ti%3A10%3Ans%3A1573575269992%3As%3A1600x1200x24%3A...
  • https://mc.yandex.ru/watch/49643227/1?wmode=7&page-url=http%3A%2F%2Fhvcep.ybsfdownsee.info%2Fblog%2Farvest-data-leak.aspx&charset=utf-8&browser-info=ti%3A10%3Ans%3A1573575269992%3As%3A1600x1200x24%...

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| Chart object| body object| _tmr function| ym object| Ya object| yaCounter49643227

7 Cookies

Domain/Path Name / Value
.ybsfdownsee.info/ Name: _ym_isad
Value: 2
.ybsfdownsee.info/ Name: _ym_visorc_49643227
Value: w
.ybsfdownsee.info/ Name: _ym_uid
Value: 1573575271417669720
hvcep.ybsfdownsee.info/ Name: qwerty
Value: 0
.ybsfdownsee.info/ Name: _ym_d
Value: 1573575271
hvcep.ybsfdownsee.info/blog Name: id
Value: 89edd985d3359329274111bfece56ee5
hvcep.ybsfdownsee.info/blog Name: marker
Value: 02288c4444148b522b2786ae24942065da5e579e

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

counter.yadro.ru
fonts.gstatic.com
hvcep.ybsfdownsee.info
mc.yandex.ru
pokemongo-go.ru
top-fwz1.mail.ru
webgringo.ru
www.gogofinder.com.tw
www.gstatic.com


104.155.200.82
185.244.217.73
217.182.203.50
217.69.133.145
2606:4700:30::6812:3b29
2a00:1450:4001:818::2003
2a00:1450:4001:821::2003
2a02:6b8::1:119
88.212.201.204

04f94fdfbbf2a2cb0b258b49c35e4253188182b3ed45016c95724da6a37ac0dc
0bbb11fc9f19e93ace2c4779595f631f89c51b74eacba2dea6ce1cee5cab1571
0e3eccb30a69416eed735e3080da56626e068eb8b32e264bb7737ced8e4c94c6
10b968a89dca2181a89a67768501169d3ea623a38ee34ef2c51002521e786cd9
13a848ce06543b52c8f733911f5dba000c83e279538bb66b670dc38ab36870dc
14f483dc2a8f5537d297f7eaad2466fc96f0201cb9fe0057e6c3ebb2f687d274
166e008b231c0d454bb4c7ce017740a51776808f9a4d799be78951386d83bd74
190bc32e894a450fccbd49195e2e69072a2972a99b7125be78992cf22b6c2a0f
1977e06ea4c903abe171c97aa488c3acf6c9d7c84660b668728e04bf9c7bbb9e
19d3432349ff0c7b5b3956f4eaa3ea7c14da73581bd6e5dd761823039f8b9e58
1b7ac6642e64c03324ab414fc7e5bd14cf56c7c2af9c72302f61cbce1296c019
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1c330d2a04c208e4a814de540c8f7046e8add00ede7cbce8b5945d8514e6aa19
1e2c1bf6583cacc524c6fcaea6dcdb8308ae20c20b2b0e031ce5c4beba21b0ef
21cd8ae20dab28500a9f8123943f37ba2cccf2b04c5c5338ace45dd13f3a7b9d
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
266b4cce701b1c27f1c62a9bd5b6ab64fcf74859400e6fabac2d7e11f96103d0
2fd12611f50c86cb1bba2b31a62643b35b260ce15784009f936578b6a01f6ef4
31bb1ba9c97d97ce20d80a4f7513c9c78107313ef437cb462fdcac3fcce43e65
342edfefe87e90119e8c0bea35dbad2b074a45af800a0b530f02346def29a352
349d145a4a5e3adea6457a4c8c26385192ce242dded0f09267848dd1f74c6434
36eea693231e39de5efd21718fea8fc98005b580b264522ffbef360939b8d75c
3d37d0f9635baef822ff39d323c722d1ec249abdf095d0cd99f4df4e5968ab66
43e8bb7493f32f620c2da7c83c5cab1d1a21342366e8465eec84139b881ac14c
43f5e482c1abe5b5f81619dd5adf432ed015b8124b1b838dab5ae424ea8ce45b
45aab5ed90ee99efb1e5841c63104ba9cfcc365320ce976e6f01e058eb30bbee
47926118e488878b043c63393f7cd04c14d7bbcea6a41b0ebdcdf68c9750ae3e
4e7bb6566e42c2fdee152a08e86c318168995488c6de03b276829d8623d3fbab
4ff693b6d136978bcc3a7bad9ac0497ae693b138d5594435cfd6a80a38ef5ae3
50c8e0ec0aa0df594be47cfe4f9df6996960dee8df18eed18543f775aa5520a5
53ccbc3b24d5bbf9a78e130fad7046c5cf0941ec9a7753d8b0f570451bf46282
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55e5cbbd9f5fb1090c60cf476268d49efa6c54c790b58881ac220fded296342e
597a5c80aad846e7f8c58618db309856ad1007124399b9d53c7535f550250e9d
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6eec744deec67c7e4a8dfdcff71f88485c10dcfc7085f539bfe8e7383e8d70af
6fe0721e6988c5c0af7890bd7a93a8a5aca3be0ac40b4ba756a7b872c60c8f9e
77f457750504ca1b9c40bb84762cff84f8a84f31245b8ddd661dcb231bb7a794
84425d9b7ff008939ad0298fc0ee2a816bc7a4ade7ee5cd13187327bae663445
87f1f192b584ae14c223aa13d95601c7b451895ffa814274dfc2b60c6780b87e
8c7402b25cd775c2a97afa98fb9096afafda07b858ff6bd17917039764c05bee
8cac518c034914b66edaea2f4e84ff88109369b541203f19f1b673a384f0241f
9306de88183d37300a50b617a59441e9d18eb23aa1bb0e0e1d1498f10e4bfe92
93ab01bd4b9756501f309fd16be25a299b61c4c81a3204031fe319105890bc7e
99b27633e72d0a0efc23402c62b01cc0ec5ff40821cd1a84c89a1ef31773612d
9f88c0f2c1952525d0f476c45d99df76f930dc17943b42c93a19f0a4bb0ffee7
a3581bfec3de5b95af9d538899eebbd7030c0378bee2b6389bd5aaa86361f803
aba98d0405c2aad0b6513f606b491a6f03c19811d9dfb2640d5ec9899652a970
b2968fbf3502e7c99c31936da119e5e1d0f5c92e9b07f281957802efdf29843b
bc413dcdd5261a8f4fa5695fcac94913fb504dce4fea7f13f44b42a02799d2a0
c3e45cc1995a51ab6b234700d1911f5b6cd65e12cc837c8e251c5ba759035811
c92cd6f29e0a977a447bf4dbda2d1ccf31e15c055ef965eddc4c8f2c88768f71
d04af9f5dbd68913a3f6b38b9b19b4e0df101324cc96af9978fc87a963bb4ec7
d2261a88cc06cb20c7cf90efe6dc912a97d0c44842a2fe1c3f2ee0ddf47d5b6d
d2411fa1e7f6d6ab9ad16e976402f8ddc58e6454cfc31f80f42475aef2c5daaa
d5680d59080f80143ab3b553aac4c1bccf542ebdcba9b23d8585678b6e0ffbe1
db44c6b7985f942465865cfe688770803ab464ec35fb9aefaeccc052e9b74b2a
dc9b573ed2c28cccfaa72e2d1ca50b252121763e7aa6fea4152420fcd9c1915a
e054e41f454ae020be13f213a4b76f2441d65de61cdf9fd25ea721a6bdb4ab32
e998d2972092300fbd96a50bb8f98aef7ffeb5bad5573951223502fa526e1c04
eb817d4d75b3396319463cdb7fa54d904ca145bfb14647e6314db7520db44164
ebb4153e1522fdd1fd2a602d40a75a17eb2461298adb755afa45423ed55ce223
efce01381b060f96c55182d98c9f07219f075a2b9f2bbf1819929d08f78e81e4
fb33b0369ddb01a73cafa41bd0e17b08528977a16cd41cf0a4bbd100c5d269df