URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Submission: On November 12 via manual from US

Summary

This website contacted 8 IPs in 5 countries across 8 domains to perform 71 HTTP transactions.
The main IP is 185.244.217.73, located in Dronten, Netherlands and belongs to ON-LINE-DATA Server location - Netherlands, Dronten, UA. The main domain is hvcep.ybsfdownsee.info.
This is the first time this domain was scanned on urlscan.io!

Verdict: Malicious (Score: 100/100) Show Details

  • urlscan - Score: 100
    phishing
    Phishing against Tech Support Scam (Consumer)

Domain & IP information

IP Address AS Autonomous System
46 185.244.217.73 204601 (ON-LINE-D...)
1 104.155.200.82 15169 (GOOGLE)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
14 217.182.203.50 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
3 217.69.133.145 47764 (MAILRU-AS...)
1 4 2a02:6b8::1:119 13238 (YANDEX)
1 2 88.212.201.204 39134 (UNITEDNET)
71 8
Domain
Subdomains
Transfer
46 ybsfdownsee.info
326 KB
14 pokemongo-go.ru
419 KB
4 yandex.ru
94 KB
3 mail.ru
9 KB
2 yadro.ru
1011 B
2 gstatic.com
28 KB
1 webgringo.ru
14 KB
1 gogofinder.com.tw
182 KB
71 8
Domain Requested by
46 hvcep.ybsfdownsee.info hvcep.ybsfdownsee.info
14 pokemongo-go.ru hvcep.ybsfdownsee.info
4 mc.yandex.ru 1 redirects hvcep.ybsfdownsee.info
3 top-fwz1.mail.ru hvcep.ybsfdownsee.info
top-fwz1.mail.ru
2 counter.yadro.ru 1 redirects hvcep.ybsfdownsee.info
2 fonts.gstatic.com hvcep.ybsfdownsee.info
1 webgringo.ru hvcep.ybsfdownsee.info
1 www.gogofinder.com.tw hvcep.ybsfdownsee.info
71 8

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
Subject / Issuer Validity Valid
mc.yandex.ru
Yandex CA
2019-09-23 -
2020-09-22
a year
*.mail.ru
GlobalSign Organization Validation CA - SHA256 - G2
2019-01-18 -
2021-01-18
2 years

Screenshot


Detected technologies

Web
Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i

Web
Overall confidence: 100%
Detected patterns
  • url /\.aspx?(?:$|\?)/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Web
Overall confidence: 50%
Detected patterns
  • url /\.aspx?(?:$|\?)/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

71 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set arvest-data-leak.aspx
/blog
37 KB
38 KB
Document
General
Full URL
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 / PHP/7.1.22
Resource Hash
b4388497d2a732b021df4699e50856bbfc149237706b519c01a646ea90090676

Request headers

Host
hvcep.ybsfdownsee.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.14.0
Date
Tue, 12 Nov 2019 16:01:24 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.1.22
Set-Cookie
marker=7bd4a46e723daf4984e19242818c0135f1aa9db6; expires=Sat, 11-Jan-2020 16:01:24 GMT; Max-Age=5184000; path=.aspx id=9ab04aeabfcb22bf74628b5f823a3af1; expires=Sat, 11-Jan-2020 16:01:24 GMT; Max-Age=5184000; path=.aspx qwerty=0; expires=Tue, 12-Nov-2019 17:01:24 GMT; Max-Age=3600; path=/
css.css
/templates/theme7
2 KB
2 KB
Stylesheet
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/css.css
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
597a5c80aad846e7f8c58618db309856ad1007124399b9d53c7535f550250e9d

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-851"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2129
00ba95c9f5889579c42449c9bf698229.css
/templates/theme7
21 KB
21 KB
Stylesheet
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
d5680d59080f80143ab3b553aac4c1bccf542ebdcba9b23d8585678b6e0ffbe1

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-5397"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21399
pokemon-russia.png
/templates/theme7
28 KB
29 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemon-russia.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
50c8e0ec0aa0df594be47cfe4f9df6996960dee8df18eed18543f775aa5520a5

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-71e0"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29152
pikachu.gif
/templates/theme7
25 KB
25 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pikachu.gif
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
e054e41f454ae020be13f213a4b76f2441d65de61cdf9fd25ea721a6bdb4ab32

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-62f5"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25333
pokemongo-vk.png
/templates/theme7
930 B
1 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemongo-vk.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
8c7402b25cd775c2a97afa98fb9096afafda07b858ff6bd17917039764c05bee

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-3a2"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
930
pokemongo-facebook.png
/templates/theme7
777 B
1015 B
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemongo-facebook.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
a3581bfec3de5b95af9d538899eebbd7030c0378bee2b6389bd5aaa86361f803

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-309"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
777
pokemongo-twitter.png
/templates/theme7
822 B
1 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemongo-twitter.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
6eec744deec67c7e4a8dfdcff71f88485c10dcfc7085f539bfe8e7383e8d70af

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-336"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
822
pokemongo-instagram.png
/templates/theme7
2 KB
2 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemongo-instagram.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
fb33b0369ddb01a73cafa41bd0e17b08528977a16cd41cf0a4bbd100c5d269df

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-61c"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1564
pokemongo-google-plus.png
/templates/theme7
870 B
1 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemongo-google-plus.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
b2968fbf3502e7c99c31936da119e5e1d0f5c92e9b07f281957802efdf29843b

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-366"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
870
pokemongo-rss.png
/templates/theme7
1 KB
1 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemongo-rss.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
43e8bb7493f32f620c2da7c83c5cab1d1a21342366e8465eec84139b881ac14c

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-427"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1063
pokemon-smartphone.png
/templates/theme7
52 KB
52 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemon-smartphone.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
349d145a4a5e3adea6457a4c8c26385192ce242dded0f09267848dd1f74c6434

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-ce0c"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
52748
views.png
/templates/theme7
141 B
378 B
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/views.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
13a848ce06543b52c8f733911f5dba000c83e279538bb66b670dc38ab36870dc

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:16 GMT
Server
nginx/1.14.0
ETag
"5d386d58-8d"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
141
1372214534wXRLwg6b.jpg
www.gogofinder.com.tw/books/pida/1/s
181 KB
182 KB
Image
General
Full URL
http://www.gogofinder.com.tw/books/pida/1/s/1372214534wXRLwg6b.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
104.155.200.82 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
82.200.155.104.bc.googleusercontent.com
Software
Apache /
Resource Hash
77f457750504ca1b9c40bb84762cff84f8a84f31245b8ddd661dcb231bb7a794
Security Headers
Name Value
Strict-Transport-Security max-age=631138519; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:25 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 26 Jun 2013 02:40:20 GMT
Server
Apache
ETag
"34f535f-2d591-4e005910f4d00"
Strict-Transport-Security
max-age=631138519; includeSubDomains
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
185745
x-xss-protection
1; mode=block
vk.png
/templates/theme7
213 B
450 B
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/vk.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
d2411fa1e7f6d6ab9ad16e976402f8ddc58e6454cfc31f80f42475aef2c5daaa

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-d5"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
213
fb.png
/templates/theme7
198 B
435 B
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/fb.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
1977e06ea4c903abe171c97aa488c3acf6c9d7c84660b668728e04bf9c7bbb9e

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-c6"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
198
tw.png
/templates/theme7
305 B
543 B
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/tw.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
ebb4153e1522fdd1fd2a602d40a75a17eb2461298adb755afa45423ed55ce223

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-131"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
305
mm.png
/templates/theme7
312 B
550 B
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/mm.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
21cd8ae20dab28500a9f8123943f37ba2cccf2b04c5c5338ace45dd13f3a7b9d

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-138"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
312
od.png
/templates/theme7
284 B
522 B
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/od.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
93ab01bd4b9756501f309fd16be25a299b61c4c81a3204031fe319105890bc7e

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-11c"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
284
brght.png
/templates/theme7
1 KB
1 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/brght.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
0bbb11fc9f19e93ace2c4779595f631f89c51b74eacba2dea6ce1cee5cab1571

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-4da"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1242
bleft.png
/templates/theme7
1 KB
1 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/bleft.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
166e008b231c0d454bb4c7ce017740a51776808f9a4d799be78951386d83bd74

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-4fc"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1276
pokemon-go-lap-220x140.jpg
/templates/theme7
10 KB
10 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemon-go-lap-220x140.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
c3e45cc1995a51ab6b234700d1911f5b6cd65e12cc837c8e251c5ba759035811

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-27fc"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10236
pokemon-go-domen-220x140.jpg
/templates/theme7
12 KB
12 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemon-go-domen-220x140.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
45aab5ed90ee99efb1e5841c63104ba9cfcc365320ce976e6f01e058eb30bbee

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-2eb6"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11958
pokemon-go-vyletaet-ekran-220x140.jpg
/templates/theme7
8 KB
8 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemon-go-vyletaet-ekran-220x140.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
d2261a88cc06cb20c7cf90efe6dc912a97d0c44842a2fe1c3f2ee0ddf47d5b6d

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-20b3"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8371
143.png
/templates/theme7
9 KB
9 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/143.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
87f1f192b584ae14c223aa13d95601c7b451895ffa814274dfc2b60c6780b87e

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-22c7"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8903
pokemon-go-cp-kalkulator-220x140.jpg
/templates/theme7
9 KB
9 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemon-go-cp-kalkulator-220x140.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
4ff693b6d136978bcc3a7bad9ac0497ae693b138d5594435cfd6a80a38ef5ae3

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-2248"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8776
pokemon-go-komandy-220x140.jpg
/templates/theme7
8 KB
8 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/templates/theme7/pokemon-go-komandy-220x140.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
43f5e482c1abe5b5f81619dd5adf432ed015b8124b1b838dab5ae424ea8ce45b

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Wed, 24 Jul 2019 14:38:14 GMT
Server
nginx/1.14.0
ETag
"5d386d56-20bf"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8383
code.js?d=gjtdu5deomstemzzgq&public=1&ref=&title=Arvest%20data%20leak
webgringo.ru
84 KB
14 KB
Script
General
Full URL
http://webgringo.ru/code.js?d=gjtdu5deomstemzzgq&public=1&ref=&title=Arvest%20data%20leak
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
2606:4700:30::6812:3b29 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / PHP/5.4.45-0+deb7u14
Resource Hash
19d3432349ff0c7b5b3956f4eaa3ea7c14da73581bd6e5dd761823039f8b9e58

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
X-Powered-By
PHP/5.4.45-0+deb7u14
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
CF-RAY
5349b971c9bfcbac-VIE
bg.jpg
pokemongo-go.ru/img
954 B
1 KB
Image
General
Full URL
http://pokemongo-go.ru/img/bg.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
53ccbc3b24d5bbf9a78e130fad7046c5cf0941ec9a7753d8b0f570451bf46282

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-3ba"
Content-Type
image/jpeg
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
954
head.png
pokemongo-go.ru/img
97 KB
97 KB
Image
General
Full URL
http://pokemongo-go.ru/img/head.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
0e3eccb30a69416eed735e3080da56626e068eb8b32e264bb7737ced8e4c94c6

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-1822c"
Content-Type
image/png
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
98860
enframes.php?key=arvest+data+leak
25 KB
25 KB
Document
General
Full URL
http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 / PHP/7.1.22
Resource Hash
fc44dcae8290075bd5e7e55d2283f2d4fb75417d08325788e35fe5e4d6f99d6a

Request headers

Host
hvcep.ybsfdownsee.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Accept-Encoding
gzip, deflate
Cookie
qwerty=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx

Response headers

Server
nginx/1.14.0
Date
Tue, 12 Nov 2019 16:01:24 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.1.22
mlug.png
pokemongo-go.ru/img
103 B
357 B
Image
General
Full URL
http://pokemongo-go.ru/img/mlug.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
1c330d2a04c208e4a814de540c8f7046e8add00ede7cbce8b5945d8514e6aa19

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-67"
Content-Type
image/png
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
103
slusov.png
pokemongo-go.ru/img
116 B
370 B
Image
General
Full URL
http://pokemongo-go.ru/img/slusov.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
d04af9f5dbd68913a3f6b38b9b19b4e0df101324cc96af9978fc87a963bb4ec7

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-74"
Content-Type
image/png
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
116
strela.png
pokemongo-go.ru/img
88 B
341 B
Image
General
Full URL
http://pokemongo-go.ru/img/strela.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
1e2c1bf6583cacc524c6fcaea6dcdb8308ae20c20b2b0e031ce5c4beba21b0ef

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-58"
Content-Type
image/png
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
88
men2sep.png
pokemongo-go.ru/img
124 B
378 B
Image
General
Full URL
http://pokemongo-go.ru/img/men2sep.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
bc413dcdd5261a8f4fa5695fcac94913fb504dce4fea7f13f44b42a02799d2a0

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-7c"
Content-Type
image/png
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
124
mlug2.png
pokemongo-go.ru/img
100 B
354 B
Image
General
Full URL
http://pokemongo-go.ru/img/mlug2.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
eb817d4d75b3396319463cdb7fa54d904ca145bfb14647e6314db7520db44164

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-64"
Content-Type
image/png
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
100
cit.png
pokemongo-go.ru/img
89 B
342 B
Image
General
Full URL
http://pokemongo-go.ru/img/cit.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
84425d9b7ff008939ad0298fc0ee2a816bc7a4ade7ee5cd13187327bae663445

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-59"
Content-Type
image/png
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
89
bul.png
pokemongo-go.ru/img
87 B
340 B
Image
General
Full URL
http://pokemongo-go.ru/img/bul.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
190bc32e894a450fccbd49195e2e69072a2972a99b7125be78992cf22b6c2a0f

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-57"
Content-Type
image/png
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
87
metki.jpg
pokemongo-go.ru/img
389 B
645 B
Image
General
Full URL
http://pokemongo-go.ru/img/metki.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
14f483dc2a8f5537d297f7eaad2466fc96f0201cb9fe0057e6c3ebb2f687d274

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-185"
Content-Type
image/jpeg
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
389
pokeball.png
pokemongo-go.ru/img
17 KB
17 KB
Image
General
Full URL
http://pokemongo-go.ru/img/pokeball.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
efce01381b060f96c55182d98c9f07219f075a2b9f2bbf1819929d08f78e81e4

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-447a"
Content-Type
image/png
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17530
bgrandom.jpg
pokemongo-go.ru/img
3 KB
3 KB
Image
General
Full URL
http://pokemongo-go.ru/img/bgrandom.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
10b968a89dca2181a89a67768501169d3ea623a38ee34ef2c51002521e786cd9

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Mon, 18 Jul 2016 03:15:37 GMT
Server
nginx
ETag
"578c49d9-cc1"
Content-Type
image/jpeg
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3265
arrow.png
pokemongo-go.ru/img
1 KB
1 KB
Image
General
Full URL
http://pokemongo-go.ru/img/arrow.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
9f88c0f2c1952525d0f476c45d99df76f930dc17943b42c93a19f0a4bb0ffee7

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Mon, 18 Jul 2016 12:30:43 GMT
Server
nginx
ETag
"578ccbf3-42c"
Content-Type
image/png
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1068
footerp.png
pokemongo-go.ru/img
296 KB
296 KB
Image
General
Full URL
http://pokemongo-go.ru/img/footerp.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.182.203.50 , Poland, ASN16276 (OVH, FR),
Reverse DNS
ns3080373.ip-217-182-203.eu
Software
nginx /
Resource Hash
04f94fdfbbf2a2cb0b258b49c35e4253188182b3ed45016c95724da6a37ac0dc

Request headers

Referer
http://hvcep.ybsfdownsee.info/templates/theme7/00ba95c9f5889579c42449c9bf698229.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Fri, 15 Jul 2016 22:15:50 GMT
Server
nginx
ETag
"57896096-49f0c"
Content-Type
image/png
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
302860
rZj40-VH1f1Wt0yg6Fkbcw.woff2
fonts.gstatic.com/s/cuprum/v7
17 KB
17 KB
Font
General
Full URL
http://fonts.gstatic.com/s/cuprum/v7/rZj40-VH1f1Wt0yg6Fkbcw.woff2
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
c92cd6f29e0a977a447bf4dbda2d1ccf31e15c055ef965eddc4c8f2c88768f71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://hvcep.ybsfdownsee.info/templates/theme7/css.css
Origin
http://hvcep.ybsfdownsee.info

Response headers

Date
Thu, 31 Oct 2019 07:18:57 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 28 Aug 2014 18:20:43 GMT
Server
sffe
Age
1068147
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
16936
X-XSS-Protection
0
Expires
Fri, 30 Oct 2020 07:18:57 GMT
gJovVCIsuVHpE7lUT-5TYfesZW2xOQ-xsNqO47m55DA.woff2
fonts.gstatic.com/s/cuprum/v7
10 KB
11 KB
Font
General
Full URL
http://fonts.gstatic.com/s/cuprum/v7/gJovVCIsuVHpE7lUT-5TYfesZW2xOQ-xsNqO47m55DA.woff2
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
dc9b573ed2c28cccfaa72e2d1ca50b252121763e7aa6fea4152420fcd9c1915a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://hvcep.ybsfdownsee.info/templates/theme7/css.css
Origin
http://hvcep.ybsfdownsee.info

Response headers

Date
Tue, 29 Oct 2019 23:23:18 GMT
X-Content-Type-Options
nosniff
Last-Modified
Thu, 28 Aug 2014 18:24:54 GMT
Server
sffe
Age
1183086
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
10656
X-XSS-Protection
0
Expires
Wed, 28 Oct 2020 23:23:18 GMT
code.js
top-fwz1.mail.ru/js
16 KB
7 KB
Script
General
Full URL
http://top-fwz1.mail.ru/js/code.js
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
31bb1ba9c97d97ce20d80a4f7513c9c78107313ef437cb462fdcac3fcce43e65
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
AMP-Access-Control-Allow-Source-Origin
*
Last-Modified
Thu, 24 Oct 2019 07:46:23 GMT
Server
nginx
ETag
W/"5db156cf-3e05"
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
max-age=43200, private
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
*
Keep-Alive
timeout=60
tag.js
mc.yandex.ru/metrika
356 KB
91 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
9306de88183d37300a50b617a59441e9d18eb23aa1bb0e0e1d1498f10e4bfe92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:25 GMT
Content-Encoding
br
Last-Modified
Thu, 07 Nov 2019 13:09:02 GMT
Server
nginx/1.14.2
ETag
"5dc4176e-16bf0"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
93168
Expires
Tue, 12 Nov 2019 17:01:25 GMT
arvest-data-leak.aspx;hArvest%20data%20leak;0.6866684069896647
counter.yadro.ru/hit;drs2019f?q;t45.6;r;s1600*1200*24;uhttp%3A//hvcep.ybsfdownsee.info/blog
Redirect Chain
  • http://counter.yadro.ru/hit;drs2019f?t45.6;r;s1600*1200*24;uhttp%3A//hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx;hArvest%20data%20leak;0.6866684069896647
  • http://counter.yadro.ru/hit;drs2019f?q;t45.6;r;s1600*1200*24;uhttp%3A//hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx;hArvest%20data%20leak;0.6866684069896647
104 B
473 B
Image
General
Full URL
http://counter.yadro.ru/hit;drs2019f?q;t45.6;r;s1600*1200*24;uhttp%3A//hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx;hArvest%20data%20leak;0.6866684069896647
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
0W/0.8c /
Resource Hash
aba98d0405c2aad0b6513f606b491a6f03c19811d9dfb2640d5ec9899652a970

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Nov 2019 16:01:25 GMT
Server
0W/0.8c
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
Close
Content-Type
image/gif
Content-Length
104
Expires
Sun, 11 Nov 2018 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Nov 2019 16:01:25 GMT
Server
0W/0.8c
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
http://counter.yadro.ru/hit;drs2019f?q;t45.6;r;s1600*1200*24;uhttp%3A//hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx;hArvest%20data%20leak;0.6866684069896647
Cache-control
no-cache
Content-Type
text/html
Content-Length
32
Expires
Sun, 11 Nov 2018 21:00:00 GMT
qa-styles.css
/enframes_files
21 KB
22 KB
Stylesheet
General
Full URL
http://hvcep.ybsfdownsee.info/enframes_files/qa-styles.css
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
e7aa3d6514493b0b52f3f6062eca647ad6066686dd1dcfcb4cf30a4a13868116

Request headers

Referer
http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Mon, 21 Oct 2019 12:00:02 GMT
Server
nginx/1.14.0
ETag
"5dad9dc2-558a"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21898
question2answer-qa-logo-white-454x40.png
/enframes_files
13 KB
13 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/enframes_files/question2answer-qa-logo-white-454x40.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
5ded4a46691b3ee6cb10d3608ca01655a42a8089633814786ed9c18fe8f73bef

Request headers

Referer
http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Mon, 21 Oct 2019 12:00:01 GMT
Server
nginx/1.14.0
ETag
"5dad9dc1-3208"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12808
a_004.jpg
/enframes_files
1 KB
2 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/enframes_files/a_004.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
22a0fed477e50ebcf6af81af036d1d1d999018325918bda640ebee4f1ec96a32

Request headers

Referer
http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Mon, 21 Oct 2019 12:00:01 GMT
Server
nginx/1.14.0
ETag
"5dad9dc1-53d"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1341
a.jpg
/enframes_files
2 KB
2 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/enframes_files/a.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
80e226581b4c2e041a231f5238dc4b7fc0d37c8f23280846ffd8cc2b68e4ef91

Request headers

Referer
http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Mon, 21 Oct 2019 12:00:01 GMT
Server
nginx/1.14.0
ETag
"5dad9dc1-6e8"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1768
a_003.jpg
/enframes_files
898 B
1 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/enframes_files/a_003.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
a308fb231f0a076ec1f9ce2360c5cce26b32bff58b5d5ad0e18ca8637759a4c2

Request headers

Referer
http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Mon, 21 Oct 2019 12:00:01 GMT
Server
nginx/1.14.0
ETag
"5dad9dc1-382"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
898
a_007.jpg
/enframes_files
1 KB
1 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/enframes_files/a_007.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
da6a6b2a37e2db6dc4b49e511ae137de19a0a71ed3050dee31b40ff434deedba

Request headers

Referer
http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:24 GMT
Last-Modified
Mon, 21 Oct 2019 12:00:02 GMT
Server
nginx/1.14.0
ETag
"5dad9dc2-441"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1089
a_009.jpg
/enframes_files
1 KB
1 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/enframes_files/a_009.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
d5913bd83f482ad3def1daaa20a8e0a3e0c18aa4ca1925f67aea09c1979d5d83

Request headers

Referer
http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:25 GMT
Last-Modified
Mon, 21 Oct 2019 12:00:02 GMT
Server
nginx/1.14.0
ETag
"5dad9dc2-480"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1152
a_008.jpg
/enframes_files
2 KB
2 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/enframes_files/a_008.jpg
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
5d2b370c042781a480988bc519c97b872c97b871c26ae330fa02084121dc36aa

Request headers

Referer
http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:25 GMT
Last-Modified
Mon, 21 Oct 2019 12:00:02 GMT
Server
nginx/1.14.0
ETag
"5dad9dc2-6bb"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1723
ubuntu-bold.woff2
/template_files
0
0
Font
General
Full URL
http://hvcep.ybsfdownsee.info/template_files/ubuntu-bold.woff2
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Origin
http://hvcep.ybsfdownsee.info

Response headers

Date
Tue, 12 Nov 2019 16:01:25 GMT
Server
nginx/1.14.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=iso-8859-1
vote-buttons.png
/enframes_files
2 KB
2 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/enframes_files/vote-buttons.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
2e97f7b91246f0871c53cd4439838dbc4fc869051b8091409ec4df672f05b2f5

Request headers

Referer
http://hvcep.ybsfdownsee.info/enframes_files/qa-styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:25 GMT
Last-Modified
Mon, 21 Oct 2019 12:00:01 GMT
Server
nginx/1.14.0
ETag
"5dad9dc1-74d"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1869
ubuntu-regular.woff2
/template_files
0
0
Font
General
Full URL
http://hvcep.ybsfdownsee.info/template_files/ubuntu-regular.woff2
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Origin
http://hvcep.ybsfdownsee.info

Response headers

Date
Tue, 12 Nov 2019 16:01:25 GMT
Server
nginx/1.14.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=iso-8859-1
answer-white.png
/enframes_files
3 KB
3 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/enframes_files/answer-white.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c

Request headers

Referer
http://hvcep.ybsfdownsee.info/enframes_files/qa-styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:25 GMT
Last-Modified
Mon, 21 Oct 2019 12:00:01 GMT
Server
nginx/1.14.0
ETag
"5dad9dc1-b33"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2867
comment-white.png
/enframes_files
3 KB
3 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/enframes_files/comment-white.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d

Request headers

Referer
http://hvcep.ybsfdownsee.info/enframes_files/qa-styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:25 GMT
Last-Modified
Mon, 21 Oct 2019 12:00:02 GMT
Server
nginx/1.14.0
ETag
"5dad9dc2-b5a"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2906
link-white.png
/enframes_files
3 KB
3 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/enframes_files/link-white.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405

Request headers

Referer
http://hvcep.ybsfdownsee.info/enframes_files/qa-styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:25 GMT
Last-Modified
Mon, 21 Oct 2019 12:00:02 GMT
Server
nginx/1.14.0
ETag
"5dad9dc2-bd2"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3026
comment.png
/enframes_files
190 B
427 B
Image
General
Full URL
http://hvcep.ybsfdownsee.info/enframes_files/comment.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
9afd202c3c8cdda6e0e07fba05f02e6d804b81c336c2b128168c2532eac62792

Request headers

Referer
http://hvcep.ybsfdownsee.info/enframes_files/qa-styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:25 GMT
Last-Modified
Mon, 21 Oct 2019 12:00:02 GMT
Server
nginx/1.14.0
ETag
"5dad9dc2-be"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
190
search-icon-white.png
/enframes_files
1 KB
2 KB
Image
General
Full URL
http://hvcep.ybsfdownsee.info/enframes_files/search-icon-white.png
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535

Request headers

Referer
http://hvcep.ybsfdownsee.info/enframes_files/qa-styles.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:25 GMT
Last-Modified
Mon, 21 Oct 2019 12:00:01 GMT
Server
nginx/1.14.0
ETag
"5dad9dc1-584"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1412
fontello.woff
/enframes_files
7 KB
7 KB
Font
General
Full URL
http://hvcep.ybsfdownsee.info/enframes_files/fontello.woff
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://hvcep.ybsfdownsee.info/enframes_files/qa-styles.css
Origin
http://hvcep.ybsfdownsee.info

Response headers

Date
Tue, 12 Nov 2019 16:01:25 GMT
Last-Modified
Mon, 21 Oct 2019 12:00:02 GMT
Server
nginx/1.14.0
ETag
"1c20-5956a6c78323e"
Content-Type
application/font-woff
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7200
;_=0.8977735351173322
top-fwz1.mail.ru/counter?js=13;id=3061886;u=http%3A//hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx;st=1573574484915;title=Arvest%20data%20leak;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=...
43 B
934 B
Other
General
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=3061886;u=http%3A//hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx;st=1573574484915;title=Arvest%20data%20leak;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=6c10499dc89839a0;ver=60.1.0;tz=-60%2FEurope%2FBerlin;ni=10//4g/0/0/;_=0.8977735351173322
Requested by
Host: top-fwz1.mail.ru
URL: http://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Nov 2019 16:01:25 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Pragma
no-cache
AMP-Access-Control-Allow-Source-Origin
http://hvcep.ybsfdownsee.info
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
http://hvcep.ybsfdownsee.info
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
http://hvcep.ybsfdownsee.info
Keep-Alive
timeout=60
ubuntu-regular.woff
/template_files
0
0
Font
General
Full URL
http://hvcep.ybsfdownsee.info/template_files/ubuntu-regular.woff
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Origin
http://hvcep.ybsfdownsee.info

Response headers

Date
Tue, 12 Nov 2019 16:01:25 GMT
Server
nginx/1.14.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=iso-8859-1
ubuntu-bold.woff
/template_files
0
0
Font
General
Full URL
http://hvcep.ybsfdownsee.info/template_files/ubuntu-bold.woff
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Protocol
HTTP/1.1
Server
185.244.217.73 Dronten, Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, UA),
Reverse DNS
ds353863.had.su
Software
nginx/1.14.0 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://hvcep.ybsfdownsee.info/enframes.php?key=arvest+data+leak
Origin
http://hvcep.ybsfdownsee.info

Response headers

Date
Tue, 12 Nov 2019 16:01:25 GMT
Server
nginx/1.14.0
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=iso-8859-1
1?wmode=7&page-url=http%3A%2F%2Fhvcep.ybsfdownsee.info%2Fblog%2Farvest-data-leak.aspx&charset=utf-8&browser-info=ti%3A10%3Ans%3A1573574484211%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626...
mc.yandex.ru/watch/49643227
Redirect Chain
  • https://mc.yandex.ru/watch/49643227?wmode=7&page-url=http%3A%2F%2Fhvcep.ybsfdownsee.info%2Fblog%2Farvest-data-leak.aspx&charset=utf-8&browser-info=ti%3A10%3Ans%3A1573574484211%3As%3A1600x1200x24%3A...
  • https://mc.yandex.ru/watch/49643227/1?wmode=7&page-url=http%3A%2F%2Fhvcep.ybsfdownsee.info%2Fblog%2Farvest-data-leak.aspx&charset=utf-8&browser-info=ti%3A10%3Ans%3A1573574484211%3As%3A1600x1200x24%...
152 B
709 B
XHR
General
Full URL
https://mc.yandex.ru/watch/49643227/1?wmode=7&page-url=http%3A%2F%2Fhvcep.ybsfdownsee.info%2Fblog%2Farvest-data-leak.aspx&charset=utf-8&browser-info=ti%3A10%3Ans%3A1573574484211%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20191112170125%3Aet%3A1573574485%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A38105012%3Ahid%3A221324010%3Ads%3A1%2C13%2C391%2C72%2C0%2C0%2C0%2C294%2C0%2C%2C%2C%2C704%3Afp%3A722%3Awn%3A7403%3Ahl%3A2%3Agdpr%3A14%3Av%3A1739%3Awv%3A2%3Ast%3A1573574485%3Au%3A1573574485710862199%3At%3AArvest%20data%20leak
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
1b7ac6642e64c03324ab414fc7e5bd14cf56c7c2af9c72302f61cbce1296c019
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 12 Nov 2019 16:01:25 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 12-Nov-2019 16:01:25 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://hvcep.ybsfdownsee.info
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Tue, 12-Nov-2019 16:01:25 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 12 Nov 2019 16:01:25 GMT
Last-Modified
Tue, 12-Nov-2019 16:01:25 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
http://hvcep.ybsfdownsee.info
Strict-Transport-Security
max-age=31536000
Location
/watch/49643227/1?wmode=7&page-url=http%3A%2F%2Fhvcep.ybsfdownsee.info%2Fblog%2Farvest-data-leak.aspx&charset=utf-8&browser-info=ti%3A10%3Ans%3A1573574484211%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A60%3Ai%3A20191112170125%3Aet%3A1573574485%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A38105012%3Ahid%3A221324010%3Ads%3A1%2C13%2C391%2C72%2C0%2C0%2C0%2C294%2C0%2C%2C%2C%2C704%3Afp%3A722%3Awn%3A7403%3Ahl%3A2%3Agdpr%3A14%3Av%3A1739%3Awv%3A2%3Ast%3A1573574485%3Au%3A1573574485710862199%3At%3AArvest%20data%20leak
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Tue, 12-Nov-2019 16:01:25 GMT
advert.gif
mc.yandex.ru/metrika
43 B
445 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: hvcep.ybsfdownsee.info
URL: http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 12 Nov 2019 16:01:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.14.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Tue, 12 Nov 2019 17:01:25 GMT
load;et=1573574486713
top-fwz1.mail.ru/tracker?js=13;id=3061886;u=http%3A//hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx;st=1573574484915;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=6c10499dc89839a0;ver=60.1.0...
43 B
842 B
Other
General
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=3061886;u=http%3A//hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx;st=1573574484915;s=1600*1200;vp=1600*1200;touch=0;hds=1;flash=;sid=6c10499dc89839a0;ver=60.1.0;tz=-60%2FEurope%2FBerlin;nt=0/0/1573574484211/////0/2/3/3/16//17/408/480/410/704/704/704/2502/2502/;ni=10//4g/0/0/;_=0.31839612335334344;e=RT/load;et=1573574486713
Requested by
Host: top-fwz1.mail.ru
URL: http://top-fwz1.mail.ru/js/code.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
http://hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 12 Nov 2019 16:01:26 GMT
X-Content-Type-Options
nosniff
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Content-Length
43
Pragma
no-cache
AMP-Access-Control-Allow-Source-Origin
http://hvcep.ybsfdownsee.info
Server
nginx
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
http://hvcep.ybsfdownsee.info
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-control
private, no-cache, no-store, max-age=0
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
http://hvcep.ybsfdownsee.info
Keep-Alive
timeout=60

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 47
  • http://counter.yadro.ru/hit;drs2019f?t45.6;r;s1600*1200*24;uhttp%3A//hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx;hArvest%20data%20leak;0.6866684069896647
  • http://counter.yadro.ru/hit;drs2019f?q;t45.6;r;s1600*1200*24;uhttp%3A//hvcep.ybsfdownsee.info/blog/arvest-data-leak.aspx;hArvest%20data%20leak;0.6866684069896647
Request 68
  • https://mc.yandex.ru/watch/49643227?wmode=7&page-url=http%3A%2F%2Fhvcep.ybsfdownsee.info%2Fblog%2Farvest-data-leak.aspx&charset=utf-8&browser-info=ti%3A10%3Ans%3A1573574484211%3As%3A1600x1200x24%3A...
  • https://mc.yandex.ru/watch/49643227/1?wmode=7&page-url=http%3A%2F%2Fhvcep.ybsfdownsee.info%2Fblog%2Farvest-data-leak.aspx&charset=utf-8&browser-info=ti%3A10%3Ans%3A1573574484211%3As%3A1600x1200x24%...

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan - Score: 100

Categories:
phishing

Tags:
phishing

Phishing against: Tech Support Scam (Consumer)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| Chart object| body object| _tmr function| ym object| Ya object| yaCounter49643227

4 Cookies

Domain/Path Name / Value
.ybsfdownsee.info/ Name: _ym_visorc_49643227
Value: w
.ybsfdownsee.info/ Name: _ym_isad
Value: 2
.ybsfdownsee.info/ Name: _ym_d
Value: 1573574485
.ybsfdownsee.info/ Name: _ym_uid
Value: 1573574485710862199

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

counter.yadro.ru
fonts.gstatic.com
hvcep.ybsfdownsee.info
mc.yandex.ru
pokemongo-go.ru
top-fwz1.mail.ru
webgringo.ru
www.gogofinder.com.tw


104.155.200.82
185.244.217.73
217.182.203.50
217.69.133.145
2606:4700:30::6812:3b29
2a00:1450:4001:818::2003
2a02:6b8::1:119
88.212.201.204

04f94fdfbbf2a2cb0b258b49c35e4253188182b3ed45016c95724da6a37ac0dc
075c15c5e5b127cfd89b352a4f8e8d615d0abcc80977022ba45ad2032d26f535
0bbb11fc9f19e93ace2c4779595f631f89c51b74eacba2dea6ce1cee5cab1571
0e3eccb30a69416eed735e3080da56626e068eb8b32e264bb7737ced8e4c94c6
10b968a89dca2181a89a67768501169d3ea623a38ee34ef2c51002521e786cd9
13a848ce06543b52c8f733911f5dba000c83e279538bb66b670dc38ab36870dc
14f483dc2a8f5537d297f7eaad2466fc96f0201cb9fe0057e6c3ebb2f687d274
166e008b231c0d454bb4c7ce017740a51776808f9a4d799be78951386d83bd74
190bc32e894a450fccbd49195e2e69072a2972a99b7125be78992cf22b6c2a0f
1977e06ea4c903abe171c97aa488c3acf6c9d7c84660b668728e04bf9c7bbb9e
19d3432349ff0c7b5b3956f4eaa3ea7c14da73581bd6e5dd761823039f8b9e58
1b7ac6642e64c03324ab414fc7e5bd14cf56c7c2af9c72302f61cbce1296c019
1c330d2a04c208e4a814de540c8f7046e8add00ede7cbce8b5945d8514e6aa19
1e2c1bf6583cacc524c6fcaea6dcdb8308ae20c20b2b0e031ce5c4beba21b0ef
21cd8ae20dab28500a9f8123943f37ba2cccf2b04c5c5338ace45dd13f3a7b9d
22a0fed477e50ebcf6af81af036d1d1d999018325918bda640ebee4f1ec96a32
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2e97f7b91246f0871c53cd4439838dbc4fc869051b8091409ec4df672f05b2f5
31bb1ba9c97d97ce20d80a4f7513c9c78107313ef437cb462fdcac3fcce43e65
349d145a4a5e3adea6457a4c8c26385192ce242dded0f09267848dd1f74c6434
43e8bb7493f32f620c2da7c83c5cab1d1a21342366e8465eec84139b881ac14c
43f5e482c1abe5b5f81619dd5adf432ed015b8124b1b838dab5ae424ea8ce45b
45aab5ed90ee99efb1e5841c63104ba9cfcc365320ce976e6f01e058eb30bbee
4ff693b6d136978bcc3a7bad9ac0497ae693b138d5594435cfd6a80a38ef5ae3
50c8e0ec0aa0df594be47cfe4f9df6996960dee8df18eed18543f775aa5520a5
53ccbc3b24d5bbf9a78e130fad7046c5cf0941ec9a7753d8b0f570451bf46282
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
597a5c80aad846e7f8c58618db309856ad1007124399b9d53c7535f550250e9d
5d2b370c042781a480988bc519c97b872c97b871c26ae330fa02084121dc36aa
5ded4a46691b3ee6cb10d3608ca01655a42a8089633814786ed9c18fe8f73bef
6eec744deec67c7e4a8dfdcff71f88485c10dcfc7085f539bfe8e7383e8d70af
77f457750504ca1b9c40bb84762cff84f8a84f31245b8ddd661dcb231bb7a794
80e226581b4c2e041a231f5238dc4b7fc0d37c8f23280846ffd8cc2b68e4ef91
84425d9b7ff008939ad0298fc0ee2a816bc7a4ade7ee5cd13187327bae663445
87f1f192b584ae14c223aa13d95601c7b451895ffa814274dfc2b60c6780b87e
8c7402b25cd775c2a97afa98fb9096afafda07b858ff6bd17917039764c05bee
9306de88183d37300a50b617a59441e9d18eb23aa1bb0e0e1d1498f10e4bfe92
93ab01bd4b9756501f309fd16be25a299b61c4c81a3204031fe319105890bc7e
9afd202c3c8cdda6e0e07fba05f02e6d804b81c336c2b128168c2532eac62792
9f88c0f2c1952525d0f476c45d99df76f930dc17943b42c93a19f0a4bb0ffee7
a308fb231f0a076ec1f9ce2360c5cce26b32bff58b5d5ad0e18ca8637759a4c2
a3581bfec3de5b95af9d538899eebbd7030c0378bee2b6389bd5aaa86361f803
a90fe747bc217c49315c23c1c332bb255d3c5fd46ec85b0218b5f85bbbf6bd0c
aba98d0405c2aad0b6513f606b491a6f03c19811d9dfb2640d5ec9899652a970
b2968fbf3502e7c99c31936da119e5e1d0f5c92e9b07f281957802efdf29843b
b4388497d2a732b021df4699e50856bbfc149237706b519c01a646ea90090676
bc413dcdd5261a8f4fa5695fcac94913fb504dce4fea7f13f44b42a02799d2a0
c3e45cc1995a51ab6b234700d1911f5b6cd65e12cc837c8e251c5ba759035811
c7aca9ebef12465aad206aae5351ba575eebe4b5e3f0fb1d99f4f92f1c4f396d
c92cd6f29e0a977a447bf4dbda2d1ccf31e15c055ef965eddc4c8f2c88768f71
d04af9f5dbd68913a3f6b38b9b19b4e0df101324cc96af9978fc87a963bb4ec7
d2261a88cc06cb20c7cf90efe6dc912a97d0c44842a2fe1c3f2ee0ddf47d5b6d
d2411fa1e7f6d6ab9ad16e976402f8ddc58e6454cfc31f80f42475aef2c5daaa
d5680d59080f80143ab3b553aac4c1bccf542ebdcba9b23d8585678b6e0ffbe1
d5913bd83f482ad3def1daaa20a8e0a3e0c18aa4ca1925f67aea09c1979d5d83
da6a6b2a37e2db6dc4b49e511ae137de19a0a71ed3050dee31b40ff434deedba
dc0267e17f3bd3a2977910d47c34855d4c282e97502e6e1b0d3eb44b8b231405
dc9b573ed2c28cccfaa72e2d1ca50b252121763e7aa6fea4152420fcd9c1915a
e054e41f454ae020be13f213a4b76f2441d65de61cdf9fd25ea721a6bdb4ab32
e7aa3d6514493b0b52f3f6062eca647ad6066686dd1dcfcb4cf30a4a13868116
eb69d9e0cb830e3add604e60faf8f784835e5f1ba28bb38850ba19784f30911d
eb817d4d75b3396319463cdb7fa54d904ca145bfb14647e6314db7520db44164
ebb4153e1522fdd1fd2a602d40a75a17eb2461298adb755afa45423ed55ce223
efce01381b060f96c55182d98c9f07219f075a2b9f2bbf1819929d08f78e81e4
fb33b0369ddb01a73cafa41bd0e17b08528977a16cd41cf0a4bbd100c5d269df
fc44dcae8290075bd5e7e55d2283f2d4fb75417d08325788e35fe5e4d6f99d6a