tvq.ypupfy.com Open in urlscan Pro
31.220.27.98 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://refunds-tax.info/
Effective URL:
https://tvq.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wt...
Submission: On February 12 via api (February 12th 2024, 10:37:43 am UTC) from GB — Scanned from GB

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 3 countries across 9 domains to perform 28 HTTP transactions. The main IP is 31.220.27.98, located in Amsterdam, Netherlands and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is tvq.ypupfy.com.
TLS certificate: Issued by R3 on February 5th 2024. Valid for: 3 months.

This is the only time tvq.ypupfy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	91.195.240.123 91.195.240.123	47846 (SEDO-AS) (SEDO-AS)
1	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
2 3	173.239.53.32 173.239.53.32	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 2	139.177.202.97 139.177.202.97	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2	18.156.16.63 18.156.16.63	16509 (AMAZON-02) (AMAZON-02)
10	31.220.27.98 31.220.27.98	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a02:b4a:1:7:... 2a02:b4a:1:7::9167:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
10	2606:4700:303... 2606:4700:3034::6815:42b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
28	9

4 91.195.240.123 (Germany) 2 redirects

ASN47846 (SEDO-AS, DE)

refunds-tax.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

img.sedoparking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 173.239.53.32 (United States) 2 redirects

ASN27257 (WEBAIR-INTERNET, US)

xml.sedodna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
filter.sedodna.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.177.202.97 (Atlanta, United States) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 139-177-202-97.ip.linodeusercontent.com

4773.katurnan.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.16.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-16-63.eu-central-1.compute.amazonaws.com

track.wwwcheckyourstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.wewearegogogo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 31.220.27.98 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

ypupfy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jmx.ypupfy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vpb.ypupfy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lba.ypupfy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sa7.ypupfy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fiu.ypupfy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
irv.ypupfy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nj6.ypupfy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tvq.ypupfy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rmh.ypupfy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:7::9167:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

mdakky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3034::6815:42b7 (United States)

ASN13335 (CLOUDFLARENET, US)

himgta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	himgta.com himgta.com — Cisco Umbrella Rank: 91431	47 KB
10	ypupfy.com ypupfy.com jmx.ypupfy.com vpb.ypupfy.com lba.ypupfy.com sa7.ypupfy.com fiu.ypupfy.com irv.ypupfy.com nj6.ypupfy.com tvq.ypupfy.com rmh.ypupfy.com	560 KB
4	refunds-tax.info 2 redirects refunds-tax.info	3 KB
3	sedodna.com 2 redirects xml.sedodna.com — Cisco Umbrella Rank: 531726 filter.sedodna.com	13 KB
2	katurnan.xyz 1 redirects 4773.katurnan.xyz	2 KB
1	mdakky.com mdakky.com — Cisco Umbrella Rank: 38448	101 B
1	wewearegogogo.com track.wewearegogogo.com	844 B
1	wwwcheckyourstats.com track.wwwcheckyourstats.com	2 KB
1	sedoparking.com img.sedoparking.com — Cisco Umbrella Rank: 61065	5 KB
28	9

	Domain	Requested by
10	himgta.com	ypupfy.com himgta.com jmx.ypupfy.com vpb.ypupfy.com lba.ypupfy.com sa7.ypupfy.com fiu.ypupfy.com irv.ypupfy.com nj6.ypupfy.com tvq.ypupfy.com
4	refunds-tax.info	2 redirects refunds-tax.info
2	4773.katurnan.xyz	1 redirects
2	xml.sedodna.com	2 redirects
1	rmh.ypupfy.com	tvq.ypupfy.com
1	tvq.ypupfy.com	nj6.ypupfy.com
1	nj6.ypupfy.com	irv.ypupfy.com
1	irv.ypupfy.com	fiu.ypupfy.com
1	fiu.ypupfy.com	sa7.ypupfy.com
1	sa7.ypupfy.com	lba.ypupfy.com
1	lba.ypupfy.com	vpb.ypupfy.com
1	vpb.ypupfy.com	jmx.ypupfy.com
1	jmx.ypupfy.com	ypupfy.com
1	mdakky.com	ypupfy.com
1	ypupfy.com	track.wewearegogogo.com
1	track.wewearegogogo.com	track.wwwcheckyourstats.com
1	track.wwwcheckyourstats.com	refunds-tax.info
1	filter.sedodna.com	refunds-tax.info
1	img.sedoparking.com	refunds-tax.info
28	19

This site contains no links.

Subject Issuer	Validity	Valid
track.wwwcheckyourstats.com R3	`2024-01-20` - `2024-04-19`	3 months	crt.sh
track.wewearegogogo.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
ypupfy.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh
mdakky.com R3	`2023-12-11` - `2024-03-10`	3 months	crt.sh
himgta.com GTS CA 1P5	`2024-02-01` - `2024-05-01`	3 months	crt.sh

This page contains 1 frames:

Frame: https://rmh.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=9
Frame ID: F65532E6A381D5AD71285C85B067A04D
Requests: 47 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bot captcha

Page URL History Show full URLs

http://refunds-tax.info/ Page URL
http://refunds-tax.info/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DXLw%2ANYlo4... HTTP 302
http://refunds-tax.info/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DXLw%2ANYlo4... HTTP 302
http://xml.sedodna.com/click?i=XLw*NYlo4S4_0 HTTP 302
http://filter.sedodna.com/filter?q=refunds+tax&i=XLw*NYlo4S4_0&ci=-4367499374820976422&t=1147794557 Page URL
http://xml.sedodna.com/click2?i=XLw*NYlo4S4_0&ci=-4367499374820976422&j=rv%3Db%26ss%3D1600x1200%26w... HTTP 302
http://4773.katurnan.xyz/match-4773/66815/253609567/1707734258/mf_e58c2964-31f6-4acc-9c26-846da3e14a0... Page URL
http://4773.katurnan.xyz/match-4773/66815/253609567/1707734258/mf_e58c2964-31f6-4acc-9c26-846da3e14a0... HTTP 302
https://track.wwwcheckyourstats.com/1071beb2-deab-4611-8e0e-7912b5991da0?target=apix04-refunds-tax.info&category... Page URL
https://track.wewearegogogo.com/redirect?target=BASE64aHR0cHM6Ly95cHVwZnkuY29tL2JvdC1jYXB0Y2hhLTE_aD13YVdRaU... Page URL
https://ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI... Page URL
https://jmx.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI... Page URL
https://vpb.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI... Page URL
https://lba.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI... Page URL
https://sa7.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI... Page URL
https://fiu.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI... Page URL
https://irv.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI... Page URL
https://nj6.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI... Page URL
https://tvq.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI... Page URL

Page Statistics

28
Requests

82 %
HTTPS

25 %
IPv6

9
Domains

19
Subdomains

9
IPs

3
Countries

631 kB
Transfer

1389 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://refunds-tax.info/ Page URL
http://refunds-tax.info/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DXLw%2ANYlo4S4_0&v=NzkzZWFhNmI4ZDU0ODUwNGNjM2M1MjVmM2U1ZDZlNTMJMQlyZWZ1bmRzLXRheC5pbmZvNjVjOWY0ZjIyODc4NjYuODc2NjY4NDcJcmVmdW5kcy10YXguaW5mbzY1YzlmNGYyMjg3YjAwLjk0OTk4NjQzCTE3MDc3MzQyNTkJYWRfNjNfMA%3D%3D&l=OAlkZDQ0MTFjYTM0MmEyZjdmZmIzNjRjYjE2MzQ0MjkzMgkwCTEzCTAJYjEwODFlNmU5YzE0NTY2NDUzYzFhMTY3YzYzNDAxMDQJNTcxMzEwODcyCXJlZnVuZHMtdGF4CTAJNjMJNAkzCTE3MDc3MzQyNTkJMC4wMDE2NzIJTgkwCTAJMAkxMjA1CTU2MDEyMTU0OAkxOTQuNzQuMjEyLjExOQkw HTTP 302
http://refunds-tax.info/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DXLw%2ANYlo4S4_0&v=NzkzZWFhNmI4ZDU0ODUwNGNjM2M1MjVmM2U1ZDZlNTMJMQlyZWZ1bmRzLXRheC5pbmZvNjVjOWY0ZjIyODc4NjYuODc2NjY4NDcJcmVmdW5kcy10YXguaW5mbzY1YzlmNGYyMjg3YjAwLjk0OTk4NjQzCTE3MDc3MzQyNTkJYWRfNjNfMA%3D%3D&l=OAlkZDQ0MTFjYTM0MmEyZjdmZmIzNjRjYjE2MzQ0MjkzMgkwCTEzCTAJYjEwODFlNmU5YzE0NTY2NDUzYzFhMTY3YzYzNDAxMDQJNTcxMzEwODcyCXJlZnVuZHMtdGF4CTAJNjMJNAkzCTE3MDc3MzQyNTkJMC4wMDE2NzIJTgkwCTAJMAkxMjA1CTU2MDEyMTU0OAkxOTQuNzQuMjEyLjExOQkw HTTP 302
http://xml.sedodna.com/click?i=XLw*NYlo4S4_0 HTTP 302
http://filter.sedodna.com/filter?q=refunds+tax&i=XLw*NYlo4S4_0&ci=-4367499374820976422&t=1147794557 Page URL
http://xml.sedodna.com/click2?i=XLw*NYlo4S4_0&ci=-4367499374820976422&j=rv%3Db%26ss%3D1600x1200%26ws%3D1600x1200%26wp%3D0x0%26ce%3D1%26ck%3Djc%26cv%3D937%26cs%3D1%26fr%3D0%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D2%26rf%3Drefunds-tax.info%26lo%3Dfilter.sedodna.com%26mb%3D0%26hb%3D1%26pl%3DLinux%2Bx86_64%26ua%3DMozilla%252F5.0%2B%28Linux%253B%2BAndroid%2B10%253B%2BSM-A205U%29%2BAppleWebKit%252F537.36%2B%28KHTML%252C%2Blike%2BGecko%29%2BChrome%252F109.0.0.0%2BMobile%2BSafari%252F537.36%26nd%3D0%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0%26ln%3Den-US%252Cen%26lnl%3D2%26hsc%3D1%26frc%3D1%26dbt%3D1%26prb%3D20030107%26tz%3D0%26hid%3D0%26mq%3D1%26bch%3D%26blv%3D%26my%3D%26geo%3D1%26mmd_ao%3D%26mmd_ai%3D%26mmd_vi%3D%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3D%26hwc%3D4%26hrl%3D%26acd%3Dpppmp%26vcd%3Dppp%26pal%3D3%26pai%3D1%26pli%3D1%26win%3D1600x1200%26wout%3D1600x1200%26wpof%3D0x0%26bcld%3D1584x18%26scrp%3D0x0%26scrad%3D1600x1200%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D51%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3DIntel%2BInc.%26vrd%3DIntel%2BIris%2BOpenGL%2BEngine%26pnt%3Ddenied%26cnvs%3D80808080 HTTP 302
http://4773.katurnan.xyz/match-4773/66815/253609567/1707734258/mf_e58c2964-31f6-4acc-9c26-846da3e14a0e/YXBpeDA0LXJlZnVuZHMtdGF4LmluZm98MTcwNzczNDI1OC43Mjg0ODEtMjUzNjA5NTY3LTY2ODE1/feed Page URL
http://4773.katurnan.xyz/match-4773/66815/253609567/1707734258/mf_e58c2964-31f6-4acc-9c26-846da3e14a0e/YXBpeDA0LXJlZnVuZHMtdGF4LmluZm98MTcwNzczNDI1OC43Mjg0ODEtMjUzNjA5NTY3LTY2ODE1 HTTP 302
https://track.wwwcheckyourstats.com/1071beb2-deab-4611-8e0e-7912b5991da0?target=apix04-refunds-tax.info&category=&keyword=&sid=253609567&cpv=0.003&clickid=1707734258.728481-253609567-66815 Page URL
https://track.wewearegogogo.com/redirect?target=BASE64aHR0cHM6Ly95cHVwZnkuY29tL2JvdC1jYXB0Y2hhLTE_aD13YVdRaU9qRXdNREEyTkRZc0luTnBaQ0k2TVRNeU5qUTJNeXdpZDJsa0lqbzFNemMyTVRnc0luTnlZeUk2TW4wPWV5SiZjbGlja19pZD13dHRyaTIwNzducDhiaTR2aTkyb2ZpMDgmc2kxPSZzaTI9YXBpeDA0LXJlZnVuZHMtdGF4LmluZm8&ts=1707734260907&hash=WrMGbFsDWUeTKsZ6qcBkeL3PrDwDijuegbdTTaD7b2U&rm=DJ Page URL
https://ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si1=&si2=apix04-refunds-tax.info Page URL
https://jmx.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=1 Page URL
https://vpb.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=2 Page URL
https://lba.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=3 Page URL
https://sa7.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=4 Page URL
https://fiu.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=5 Page URL
https://irv.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=6 Page URL
https://nj6.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=7 Page URL
https://tvq.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=8 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://refunds-tax.info/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DXLw%2ANYlo4S4_0&v=NzkzZWFhNmI4ZDU0ODUwNGNjM2M1MjVmM2U1ZDZlNTMJMQlyZWZ1bmRzLXRheC5pbmZvNjVjOWY0ZjIyODc4NjYuODc2NjY4NDcJcmVmdW5kcy10YXguaW5mbzY1YzlmNGYyMjg3YjAwLjk0OTk4NjQzCTE3MDc3MzQyNTkJYWRfNjNfMA%3D%3D&l=OAlkZDQ0MTFjYTM0MmEyZjdmZmIzNjRjYjE2MzQ0MjkzMgkwCTEzCTAJYjEwODFlNmU5YzE0NTY2NDUzYzFhMTY3YzYzNDAxMDQJNTcxMzEwODcyCXJlZnVuZHMtdGF4CTAJNjMJNAkzCTE3MDc3MzQyNTkJMC4wMDE2NzIJTgkwCTAJMAkxMjA1CTU2MDEyMTU0OAkxOTQuNzQuMjEyLjExOQkw HTTP 302
http://refunds-tax.info/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DXLw%2ANYlo4S4_0&v=NzkzZWFhNmI4ZDU0ODUwNGNjM2M1MjVmM2U1ZDZlNTMJMQlyZWZ1bmRzLXRheC5pbmZvNjVjOWY0ZjIyODc4NjYuODc2NjY4NDcJcmVmdW5kcy10YXguaW5mbzY1YzlmNGYyMjg3YjAwLjk0OTk4NjQzCTE3MDc3MzQyNTkJYWRfNjNfMA%3D%3D&l=OAlkZDQ0MTFjYTM0MmEyZjdmZmIzNjRjYjE2MzQ0MjkzMgkwCTEzCTAJYjEwODFlNmU5YzE0NTY2NDUzYzFhMTY3YzYzNDAxMDQJNTcxMzEwODcyCXJlZnVuZHMtdGF4CTAJNjMJNAkzCTE3MDc3MzQyNTkJMC4wMDE2NzIJTgkwCTAJMAkxMjA1CTU2MDEyMTU0OAkxOTQuNzQuMjEyLjExOQkw HTTP 302
http://xml.sedodna.com/click?i=XLw*NYlo4S4_0 HTTP 302
http://filter.sedodna.com/filter?q=refunds+tax&i=XLw*NYlo4S4_0&ci=-4367499374820976422&t=1147794557

Request Chain 5

http://xml.sedodna.com/click2?i=XLw*NYlo4S4_0&ci=-4367499374820976422&j=rv%3Db%26ss%3D1600x1200%26ws%3D1600x1200%26wp%3D0x0%26ce%3D1%26ck%3Djc%26cv%3D937%26cs%3D1%26fr%3D0%26hc%3D0%26fl%3Dnull%26jv%3Dnull%26sc%3D24%26hr%3D2%26rf%3Drefunds-tax.info%26lo%3Dfilter.sedodna.com%26mb%3D0%26hb%3D1%26pl%3DLinux%2Bx86_64%26ua%3DMozilla%252F5.0%2B%28Linux%253B%2BAndroid%2B10%253B%2BSM-A205U%29%2BAppleWebKit%252F537.36%2B%28KHTML%252C%2Blike%2BGecko%29%2BChrome%252F109.0.0.0%2BMobile%2BSafari%252F537.36%26nd%3D0%26to%3Dnull%26wbd%3D1%26wbde%3D0%26sqm%3D0%26phj%3D0%26nmj%3D0%26sln%3D0%26es%3D0%26ln%3Den-US%252Cen%26lnl%3D2%26hsc%3D1%26frc%3D1%26dbt%3D1%26prb%3D20030107%26tz%3D0%26hid%3D0%26mq%3D1%26bch%3D%26blv%3D%26my%3D%26geo%3D1%26mmd_ao%3D%26mmd_ai%3D%26mmd_vi%3D%26thx%3D0%26the%3D0%26ths%3D0%26cpc%3D%26ocp%3D%26hwc%3D4%26hrl%3D%26acd%3Dpppmp%26vcd%3Dppp%26pal%3D3%26pai%3D1%26pli%3D1%26win%3D1600x1200%26wout%3D1600x1200%26wpof%3D0x0%26bcld%3D1584x18%26scrp%3D0x0%26scrad%3D1600x1200%26spd%3D24%26pxr%3D1%26sck%3D1%26ckl%3D51%26sls%3D1%26sss%3D1%26six%3D1%26sdb%3D0%26vvr%3DIntel%2BInc.%26vrd%3DIntel%2BIris%2BOpenGL%2BEngine%26pnt%3Ddenied%26cnvs%3D80808080 HTTP 302
http://4773.katurnan.xyz/match-4773/66815/253609567/1707734258/mf_e58c2964-31f6-4acc-9c26-846da3e14a0e/YXBpeDA0LXJlZnVuZHMtdGF4LmluZm98MTcwNzczNDI1OC43Mjg0ODEtMjUzNjA5NTY3LTY2ODE1/feed

Request Chain 6

http://4773.katurnan.xyz/match-4773/66815/253609567/1707734258/mf_e58c2964-31f6-4acc-9c26-846da3e14a0e/YXBpeDA0LXJlZnVuZHMtdGF4LmluZm98MTcwNzczNDI1OC43Mjg0ODEtMjUzNjA5NTY3LTY2ODE1 HTTP 302
https://track.wwwcheckyourstats.com/1071beb2-deab-4611-8e0e-7912b5991da0?target=apix04-refunds-tax.info&category=&keyword=&sid=253609567&cpv=0.003&clickid=1707734258.728481-253609567-66815

28 HTTP transactions
19 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response refunds-tax.info/	2 KB 2 KB	1289ms 1150ms	Document text/html	91.195.240.123 SEDO-AS
General Check archive.org Show headers Download Go to Full URL http://refunds-tax.info/ Protocol HTTP/1.1 Server 91.195.240.123 , Germany, ASN47846 (SEDO-AS, DE), Reverse DNS Software NginX / PHP/8.1.17 Resource Hash `d1c9549db675df295777fce00ad1da7189893642714f744eda7d6eb0cb40c899` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 accept-language en-GB,en;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 12 Feb 2024 10:37:39 GMT expires Mon, 26 Jul 1997 05:00:00 GMT last-modified Mon, 12 Feb 2024 10:37:38 GMT pragma no-cache server NginX transfer-encoding chunked vary Accept-Encoding x-adblock-key MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_cv4E8Wgo1u8vcg6VPFddvpyVgYB4BWUDZR5K4TCG0agQHqO2+fdIf+eSOzHOSDuJwHR4NNCkUsm4umvCzUOmTA== x-cache-miss-from parking-86bfbc88-f75c9 x-powered-by PHP/8.1.17
GET H/1.1	200 OK	js_preloader.gif img.sedoparking.com/images/	4 KB 5 KB	142ms 88ms	Image image/gif	205.234.175.175 CACHENETWORKS
General Check archive.org Show headers Download Go to Show image Full URL http://img.sedoparking.com/images/js_preloader.gif Requested by Host: refunds-tax.info URL: http://refunds-tax.info/ Protocol HTTP/1.1 Server 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US), Reverse DNS vip1.G-anycast1.cachefly.net Software CFS 0215 / Resource Hash Request headers accept-language en-GB,en;q=0.9 Referer http://refunds-tax.info/ User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers Date Mon, 12 Feb 2024 10:37:39 GMT x-cf-tsc 1698786093 X-CF3 H CF4ttl 31536000.000 X-CF1 11696:fB.lon1:cf:cacheN.lon1-01:H X-CF-ReqID 0fead2b8e5c6203cb3eab858090a08db Connection keep-alive Content-Length 4254 X-CF2 H Last-Modified Fri, 15 Mar 2019 12:24:07 GMT Server CFS 0215 X-CFF B Content-Type image/gif Access-Control-Allow-Origin * X-CFHash "90c93102a88c2ab94bff1575b7a6e86e" Cache-Control max-age=604800 CF4Age 923 Accept-Ranges bytes Expires Mon, 19 Feb 2024 10:37:39 GMT
GET H/1.1	200 OK	tsc.php refunds-tax.info/search/	0 199 B	62ms 61ms	XHR text/html	91.195.240.123 SEDO-AS
General Check archive.org Show headers Download Go to Full URL http://refunds-tax.info/search/tsc.php?200=NTcxMzEwODcy&21=MTk0Ljc0LjIxMi4xMTk=&681=MTcwNzczNDI1OWU3MDAwNmVhMzRiNGQxNjUwZjkwYTIzNWY3ZjcxNjNk&crc=99124943137227e74f1ca4a54900274c292c29e0&cv=1 Requested by Host: refunds-tax.info URL: http://refunds-tax.info/ Protocol HTTP/1.1 Server 91.195.240.123 , Germany, ASN47846 (SEDO-AS, DE), Reverse DNS Software NginX / PHP/8.1.17 Resource Hash Request headers accept-language en-GB,en;q=0.9 Referer http://refunds-tax.info/ User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers date Mon, 12 Feb 2024 10:37:39 GMT x-cache-miss-from parking-86bfbc88-jxp87 server NginX x-powered-by PHP/8.1.17 content-length 0 content-type text/html; charset=UTF-8
GET H/1.1	200 OK	filter Show response filter.sedodna.com/ Redirect Chain http://refunds-tax.info/search/redirect.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DXLw%2ANYlo4S4_0&v=NzkzZWFhNmI4ZDU0ODUwNGNjM2M1MjVmM2U1ZDZlNTMJMQlyZWZ1bmRzLXRheC5pbmZvNjVjOWY0ZjIyODc4NjYuOD... http://refunds-tax.info/search/tcerider.php?f=http%3A%2F%2Fxml.sedodna.com%2Fclick%3Fi%3DXLw%2ANYlo4S4_0&v=NzkzZWFhNmI4ZDU0ODUwNGNjM2M1MjVmM2U1ZDZlNTMJMQlyZWZ1bmRzLXRheC5pbmZvNjVjOWY0ZjIyODc4NjYuOD... http://xml.sedodna.com/click?i=XLwNYlo4S4_0 http://filter.sedodna.com/filter?q=refunds+tax&i=XLwNYlo4S4_0&ci=-4367499374820976422&t=1147794557**	13 KB 13 KB	286ms 257ms	Document text/html	173.239.53.32 WEBAIR-INTERNET
General Check archive.org Show headers Download Go to Full URL http://filter.sedodna.com/filter?q=refunds+tax&i=XLwNYlo4S4_0&ci=-4367499374820976422&t=1147794557 Requested by* Host: refunds-tax.info URL: http://refunds-tax.info/ Protocol HTTP/1.1 Server 173.239.53.32 , United States, ASN27257 (WEBAIR-INTERNET, US), Reverse DNS Software / Resource Hash `26342629efb38a64e59fb982130f075526ca6b82b7d57a1602d37eb6d0e3245a` Request headers Referer http://refunds-tax.info/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Cache-Control no-store Connection keep-alive Content-Length 12881 Content-Type text/html; charset=utf-8 Referrer-Policy unsafe-url Redirect headers Cache-Control no-store Connection keep-alive Content-Length 0 Location http://filter.sedodna.com/filter?q=refunds+tax&i=XLw*NYlo4S4_0&ci=-4367499374820976422&t=1147794557
GET DATA	200 OK	truncated /	68 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1` Request headers accept-language en-GB,en;q=0.9 Referer http://filter.sedodna.com/filter?q=refunds+tax&i=XLwNYlo4S4_0&ci=-4367499374820976422&t=1147794557 User-Agent* Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	feed 4773.katurnan.xyz/match-4773/66815/253609567/1707734258/mf_e58c2964-31f6-4acc-9c26-846da3e14a0e/YXBpeDA0LXJlZnVuZHMtdGF4LmluZm98MTcwNzczNDI1OC43Mjg0ODEtMjUzNjA5NTY3LTY2ODE1/ Redirect Chain http://xml.sedodna.com/click2?i=XLwNYlo4S4_0&ci=-4367499374820976422&j=rv%3Db%26ss%3D1600x1200%26ws%3D1600x1200%26wp%3D0x0%26ce%3D1%26ck%3Djc%26cv%3D937%26cs%3D1%26fr%3D0%26hc%3D0%26fl%3Dnull%26jv... http://4773.katurnan.xyz/match-4773/66815/253609567/1707734258/mf_e58c2964-31f6-4acc-9c26-846da3e14a0e/YXBpeDA0LXJlZnVuZHMtdGF4LmluZm98MTcwNzczNDI1OC43Mjg0ODEtMjUzNjA5NTY3LTY2ODE1/feed*	3 KB 2 KB	305ms 272ms	Document text/html	139.177.202.97 AKAMAI-LINODE-AP ...
General Check archive.org Show headers Download Go to Full URL http://4773.katurnan.xyz/match-4773/66815/253609567/1707734258/mf_e58c2964-31f6-4acc-9c26-846da3e14a0e/YXBpeDA0LXJlZnVuZHMtdGF4LmluZm98MTcwNzczNDI1OC43Mjg0ODEtMjUzNjA5NTY3LTY2ODE1/feed Protocol HTTP/1.1 Server 139.177.202.97 Atlanta, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG), Reverse DNS 139-177-202-97.ip.linodeusercontent.com Software nginx/1.14.2 / Resource Hash Request headers Referer http://filter.sedodna.com/filter?q=refunds+tax&i=XLwNYlo4S4_0&ci=-4367499374820976422&t=1147794557 Upgrade-Insecure-Requests* 1 User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 accept-language en-GB,en;q=0.9 Response headers content-encoding gzip content-type text/html date Mon, 12 Feb 2024 10:37:40 GMT server nginx/1.14.2 transfer-encoding chunked Redirect headers Cache-Control no-store Connection keep-alive Content-Length 0 Location http://4773.katurnan.xyz/match-4773/66815/253609567/1707734258/mf_e58c2964-31f6-4acc-9c26-846da3e14a0e/YXBpeDA0LXJlZnVuZHMtdGF4LmluZm98MTcwNzczNDI1OC43Mjg0ODEtMjUzNjA5NTY3LTY2ODE1/feed
GET H2	200	1071beb2-deab-4611-8e0e-7912b5991da0 Show response track.wwwcheckyourstats.com/ Redirect Chain http://4773.katurnan.xyz/match-4773/66815/253609567/1707734258/mf_e58c2964-31f6-4acc-9c26-846da3e14a0e/YXBpeDA0LXJlZnVuZHMtdGF4LmluZm98MTcwNzczNDI1OC43Mjg0ODEtMjUzNjA5NTY3LTY2ODE1 https://track.wwwcheckyourstats.com/1071beb2-deab-4611-8e0e-7912b5991da0?target=apix04-refunds-tax.info&category=&keyword=&sid=253609567&cpv=0.003&clickid=1707734258.728481-253609567-66815	1 KB 2 KB	234ms 59ms	Document text/html	18.156.16.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.wwwcheckyourstats.com/1071beb2-deab-4611-8e0e-7912b5991da0?target=apix04-refunds-tax.info&category=&keyword=&sid=253609567&cpv=0.003&clickid=1707734258.728481-253609567-66815 Requested by Host: refunds-tax.info URL: http://refunds-tax.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.16.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-16-63.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash `d82c31d346e1d258a8e2629f276a32cbe5bb915b826a45e0a82d19881287afdf` Request headers Referer http://4773.katurnan.xyz/match-4773/66815/253609567/1707734258/mf_e58c2964-31f6-4acc-9c26-846da3e14a0e/YXBpeDA0LXJlZnVuZHMtdGF4LmluZm98MTcwNzczNDI1OC43Mjg0ODEtMjUzNjA5NTY3LTY2ODE1/feed Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 accept-language en-GB,en;q=0.9 Response headers cache-control no-store, no-cache, pre-check=0, post-check=0 content-type text/html;charset=UTF-8 date Mon, 12 Feb 2024 10:37:40 GMT expires Thu, 01 Jan 1970 00:00:00 GMT pragma no-cache server nginx Redirect headers date Mon, 12 Feb 2024 10:37:40 GMT location https://track.wwwcheckyourstats.com/1071beb2-deab-4611-8e0e-7912b5991da0?target=apix04-refunds-tax.info&category=&keyword=&sid=253609567&cpv=0.003&clickid=1707734258.728481-253609567-66815 server nginx/1.14.2 transfer-encoding chunked
GET H2	200	redirect track.wewearegogogo.com/	678 B 844 B	210ms 61ms	Document text/html	18.156.16.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.wewearegogogo.com/redirect?target=BASE64aHR0cHM6Ly95cHVwZnkuY29tL2JvdC1jYXB0Y2hhLTE_aD13YVdRaU9qRXdNREEyTkRZc0luTnBaQ0k2TVRNeU5qUTJNeXdpZDJsa0lqbzFNemMyTVRnc0luTnlZeUk2TW4wPWV5SiZjbGlja19pZD13dHRyaTIwNzducDhiaTR2aTkyb2ZpMDgmc2kxPSZzaTI9YXBpeDA0LXJlZnVuZHMtdGF4LmluZm8&ts=1707734260907&hash=WrMGbFsDWUeTKsZ6qcBkeL3PrDwDijuegbdTTaD7b2U&rm=DJ Requested by Host: track.wwwcheckyourstats.com URL: https://track.wwwcheckyourstats.com/1071beb2-deab-4611-8e0e-7912b5991da0?target=apix04-refunds-tax.info&category=&keyword=&sid=253609567&cpv=0.003&clickid=1707734258.728481-253609567-66815 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.156.16.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-16-63.eu-central-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 accept-language en-GB,en;q=0.9 Response headers cache-control no-store, no-cache, pre-check=0, post-check=0 content-type text/html;charset=UTF-8 date Mon, 12 Feb 2024 10:37:41 GMT expires Thu, 01 Jan 1970 00:00:00 GMT pragma no-cache server nginx
GET H2	200	bot-captcha-1 Show response ypupfy.com/	91 KB 62 KB	188ms 50ms	Document text/html	31.220.27.98 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si1=&si2=apix04-refunds-tax.info Requested by Host: track.wewearegogogo.com URL: https://track.wewearegogogo.com/redirect?target=BASE64aHR0cHM6Ly95cHVwZnkuY29tL2JvdC1jYXB0Y2hhLTE_aD13YVdRaU9qRXdNREEyTkRZc0luTnBaQ0k2TVRNeU5qUTJNeXdpZDJsa0lqbzFNemMyTVRnc0luTnlZeUk2TW4wPWV5SiZjbGlja19pZD13dHRyaTIwNzducDhiaTR2aTkyb2ZpMDgmc2kxPSZzaTI9YXBpeDA0LXJlZnVuZHMtdGF4LmluZm8&ts=1707734260907&hash=WrMGbFsDWUeTKsZ6qcBkeL3PrDwDijuegbdTTaD7b2U&rm=DJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.25.0 / Resource Hash `bb2aa0a22918fb1e249df47a333d436e0f91f3570579040a142249db41628430` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 accept-language en-GB,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 12 Feb 2024 10:37:41 GMT server nginx/1.25.0 vary Accept-Encoding x-zone eu4
GET DATA	200 OK	truncated /	45 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `942975400f4dba33ae453b5d2da7cb55a58f3cbcdd5182fd11bca092542968a5` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	2 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e87849dd13972aa35e307b9589b873f6c5a126d9773f846aa758b28aa9ac4fc3` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers Content-Type image/jpeg
GET H2	200	rpe mdakky.com/	0 101 B	349ms 147ms	XHR text/plain	2a02:b4a:1:7::9167:1 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://mdakky.com/rpe?a=1&s=1&act=17&src=2&p=1000646&st=1326463&wd=537618&d=ypupfy.com&tpl=30&rnd=0.8876272783618591&sbid=&sbid2=apix04-refunds-tax.info Requested by Host: ypupfy.com URL: https://ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si1=&si2=apix04-refunds-tax.info Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 2a02:b4a:1:7::9167:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.18.0 / Resource Hash Request headers accept-language en-GB,en;q=0.9 Referer https://ypupfy.com/ User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers access-control-allow-origin * date Mon, 12 Feb 2024 10:37:41 GMT accept-ch Sec-CH-UA-Platform-Version server nginx/1.18.0 content-length 0
GET H2	200	sdk.js Show response himgta.com/v1/	13 KB 5 KB	184ms 58ms	Script application/javascript	2606:4700:3034::6815:42b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://himgta.com/v1/sdk.js?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6MiwicG0iOjJ9eyJ&d=ypupfy.com&tpl=30&pbd=iOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsImNsaWNrX2lkIjoid3R0cmkyMDc3bnA4Ymk0dmk5Mm9maTA4Iiwic2kxIjoiIiwic2kyIjoiYXBpeDA0LXJlZnVuZHMtdGF4LmluZm8ifQ==eyJwaWQ Requested by Host: ypupfy.com URL: https://ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si1=&si2=apix04-refunds-tax.info Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:42b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5a2b79a1e65a6f7e26eea4e234b63a320d1a482d3b1e5183c722059267a695b6` Request headers accept-language en-GB,en;q=0.9 Referer https://ypupfy.com/ User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers date Mon, 12 Feb 2024 10:37:41 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"PT1h66mDhFAYN303Tn5VJW5xYZw" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ioshU%2BMmWETOnSwOifY9aoNLq4AkDsMLm4zRqsDWVERFfXhByFU6wF3jvWQOxrzU6efN7%2FuvgdsuU%2F61oESpmkIJMiHIeym0T%2B1FL3vaJeBqYddNsq6gpWJLC4P%2BIYhAm0%2BD2ujkVPjv"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin https://ypupfy.com cache-control public, max-age=14400 x-zone eu cf-ray 8544329eea49dc6b-LHR alt-svc h3=":443"; ma=86400
GET H2	200	fp.js Show response himgta.com/	1 KB 873 B	54ms 51ms	Script application/javascript	2606:4700:3034::6815:42b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://himgta.com/fp.js?d=ypupfy.com Requested by Host: himgta.com URL: https://himgta.com/v1/sdk.js?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6MiwicG0iOjJ9eyJ&d=ypupfy.com&tpl=30&pbd=iOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsImNsaWNrX2lkIjoid3R0cmkyMDc3bnA4Ymk0dmk5Mm9maTA4Iiwic2kxIjoiIiwic2kyIjoiYXBpeDA0LXJlZnVuZHMtdGF4LmluZm8ifQ==eyJwaWQ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:42b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `29fc040c5b5c3cfc2f9612d262abe7fdcb55cd4d6c4d3d938587a5b896e980e3` Request headers accept-language en-GB,en;q=0.9 Referer https://ypupfy.com/ User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers date Mon, 12 Feb 2024 10:37:41 GMT content-encoding br cf-cache-status EXPIRED last-modified Mon, 12 Feb 2024 10:37:37 GMT max-age 0 server cloudflare nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDiLJyb4qi7%2BOUdIgQzfxyxF%2Fc7aCyaIQirYyubzrITLX6oe7KMwKqO2wvGivcdOAf%2BUgP6rMmVeG5eGK9H6TuyeHfc1kbkt6hXwQDRlA6gllZiolo58jVIY3LtDOE4cyPaI4CC%2Fwk1o"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin https://ypupfy.com cache-control max-age=14400 x-zone eu cf-ray 8544329f6b07dc6b-LHR alt-svc h3=":443"; ma=86400
GET H2	200	bot-captcha-1 Show response jmx.ypupfy.com/	91 KB 62 KB	58ms 38ms	Document text/html	31.220.27.98 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://jmx.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=1 Requested by Host: ypupfy.com URL: https://ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si1=&si2=apix04-refunds-tax.info Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.25.0 / Resource Hash `a103e8aa7ec89eb90aff0f43721d719e88e7ea2a5ec7dde55f82a812cee3a902` Request headers Referer https://ypupfy.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 accept-language en-GB,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 12 Feb 2024 10:37:41 GMT server nginx/1.25.0 vary Accept-Encoding x-zone eu4
GET DATA	200 OK	truncated /	45 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `942975400f4dba33ae453b5d2da7cb55a58f3cbcdd5182fd11bca092542968a5` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	2 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e87849dd13972aa35e307b9589b873f6c5a126d9773f846aa758b28aa9ac4fc3` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers Content-Type image/jpeg
GET H3	200	sdk.js Show response himgta.com/v1/	13 KB 5 KB	66ms 66ms	Script application/javascript	2606:4700:3034::6815:42b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://himgta.com/v1/sdk.js?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6MiwicG0iOjJ9eyJ&d=ypupfy.com&tpl=30&pbd=iOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsImNsaWNrX2lkIjoid3R0cmkyMDc3bnA4Ymk0dmk5Mm9maTA4Iiwic2kyIjoiYXBpeDA0LXJlZnVuZHMtdGF4LmluZm8iLCJpIjoiMSJ9eyJwaWQ Requested by Host: jmx.ypupfy.com URL: https://jmx.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:42b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `02e933f7e0f0e73e96f96e61b5b3c0ea8404fb2d5f58734f646509f84e2eabc0` Request headers accept-language en-GB,en;q=0.9 Referer https://jmx.ypupfy.com/ User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers date Mon, 12 Feb 2024 10:37:41 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"bwydYIzkWkoqAhyEKFSOrj10pC0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuQo8Ssvf8DQm67l%2BQE09rK57TUND1Qvsu92ozvJfpGakM11volmPA4BAo5XKV8an%2Bt7bM%2FJwOGeUjEVajVcRt43ALeiKIhLX7FNYBnXAUtxbGA1NUPWTjE72L0C7uk6Gg0IKry2K1fq"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin https://ypupfy.com cache-control public, max-age=14400 x-zone eu cf-ray 854432a088e14185-LHR alt-svc h3=":443"; ma=86400
GET H2	200	bot-captcha-1 Show response vpb.ypupfy.com/	91 KB 62 KB	60ms 42ms	Document text/html	31.220.27.98 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://vpb.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=2 Requested by Host: jmx.ypupfy.com URL: https://jmx.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.25.0 / Resource Hash `34337382d7063dc5e59dcdcf6d43c49a0a4c5e501ebfb291ac5357aa3c9ba6b8` Request headers Referer https://jmx.ypupfy.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 accept-language en-GB,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 12 Feb 2024 10:37:42 GMT server nginx/1.25.0 vary Accept-Encoding x-zone eu
GET DATA	200 OK	truncated /	45 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `942975400f4dba33ae453b5d2da7cb55a58f3cbcdd5182fd11bca092542968a5` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	2 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e87849dd13972aa35e307b9589b873f6c5a126d9773f846aa758b28aa9ac4fc3` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers Content-Type image/jpeg
GET H3	200	sdk.js Show response himgta.com/v1/	13 KB 5 KB	51ms 51ms	Script application/javascript	2606:4700:3034::6815:42b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://himgta.com/v1/sdk.js?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6MiwicG0iOjJ9eyJ&d=ypupfy.com&tpl=30&pbd=iOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsImNsaWNrX2lkIjoid3R0cmkyMDc3bnA4Ymk0dmk5Mm9maTA4Iiwic2kyIjoiYXBpeDA0LXJlZnVuZHMtdGF4LmluZm8iLCJpIjoiMiJ9eyJwaWQ Requested by Host: vpb.ypupfy.com URL: https://vpb.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:42b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8ac9f3799b221a4a810960acdc2122b6e27ef867a80a46dda2aa0a5b0642b19a` Request headers accept-language en-GB,en;q=0.9 Referer https://vpb.ypupfy.com/ User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers date Mon, 12 Feb 2024 10:37:42 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6XUo4EsR3hDBqvEajSvPZX7ysV8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZroPZk5Gj2gV%2BPFhh2EpT1QzQBe26sWY7sFNcbO5JSvOYXCEZFXe00NyaRxd4vbCrt0ayxt%2FmGsPC7st9HxdWZiEsfAjGiRwVPEfWRGCjerUB2dFgtTPYRpS8iIem1noRjYqG4u4V0s"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin https://ypupfy.com cache-control public, max-age=14400 x-zone eu cf-ray 854432a27c144185-LHR alt-svc h3=":443"; ma=86400
GET H2	200	bot-captcha-1 Show response lba.ypupfy.com/	91 KB 62 KB	58ms 40ms	Document text/html	31.220.27.98 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://lba.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=3 Requested by Host: vpb.ypupfy.com URL: https://vpb.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.25.0 / Resource Hash `c331c1773bdc4afd30a59b85d3c0c98a32e87b107036a8784a5c661c7d77aa1d` Request headers Referer https://vpb.ypupfy.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 accept-language en-GB,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 12 Feb 2024 10:37:42 GMT server nginx/1.25.0 vary Accept-Encoding x-zone eu3
GET DATA	200 OK	truncated /	45 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `942975400f4dba33ae453b5d2da7cb55a58f3cbcdd5182fd11bca092542968a5` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	2 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e87849dd13972aa35e307b9589b873f6c5a126d9773f846aa758b28aa9ac4fc3` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers Content-Type image/jpeg
GET H3	200	sdk.js Show response himgta.com/v1/	13 KB 5 KB	52ms 51ms	Script application/javascript	2606:4700:3034::6815:42b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://himgta.com/v1/sdk.js?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6MiwicG0iOjJ9eyJ&d=ypupfy.com&tpl=30&pbd=iOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsImNsaWNrX2lkIjoid3R0cmkyMDc3bnA4Ymk0dmk5Mm9maTA4Iiwic2kyIjoiYXBpeDA0LXJlZnVuZHMtdGF4LmluZm8iLCJpIjoiMyJ9eyJwaWQ Requested by Host: lba.ypupfy.com URL: https://lba.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=3 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:42b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f9fe69df31448098ba731f081248b27e211b04d740eba217dbeae365a87fe74c` Request headers accept-language en-GB,en;q=0.9 Referer https://lba.ypupfy.com/ User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers date Mon, 12 Feb 2024 10:37:42 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"sPCByt3E5uqa0N/lFqdbxRDutiw" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOqI3pSQ9eXn2IX3NMOOyXl0TGTwYl07IwzoOplz0QFjWP7KZzp8uy71tJ2n1RbnKtmkxgtt0skA3M9TYTjoHXqdN%2BOPmhrrYnOPfMuqKYtSMGOAvhAlZIx09FFbTjqs%2FjschjqeJymY"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin https://ypupfy.com cache-control public, max-age=14400 x-zone eu cf-ray 854432a39d704185-LHR alt-svc h3=":443"; ma=86400
GET H2	200	bot-captcha-1 Show response sa7.ypupfy.com/	91 KB 62 KB	72ms 39ms	Document text/html	31.220.27.98 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://sa7.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=4 Requested by Host: lba.ypupfy.com URL: https://lba.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.25.0 / Resource Hash `b6d3f57251f3efbf969d83fed235f1e959f72f067db5924bf305ac286d573f78` Request headers Referer https://lba.ypupfy.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 accept-language en-GB,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 12 Feb 2024 10:37:42 GMT server nginx/1.25.0 vary Accept-Encoding x-zone eu4
GET H3	200	sdk.js Show response himgta.com/v1/	13 KB 5 KB	54ms 53ms	Script application/javascript	2606:4700:3034::6815:42b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://himgta.com/v1/sdk.js?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6MiwicG0iOjJ9eyJ&d=ypupfy.com&tpl=30&pbd=iOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsImNsaWNrX2lkIjoid3R0cmkyMDc3bnA4Ymk0dmk5Mm9maTA4Iiwic2kyIjoiYXBpeDA0LXJlZnVuZHMtdGF4LmluZm8iLCJpIjoiNCJ9eyJwaWQ Requested by Host: sa7.ypupfy.com URL: https://sa7.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=4 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:42b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `956470d2d77cadf57e8e79836b5dbc7500e86113fafb0517f7b964be33e46df8` Request headers accept-language en-GB,en;q=0.9 Referer https://sa7.ypupfy.com/ User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers date Mon, 12 Feb 2024 10:37:42 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"rA8Looanuqk4le3k7N/LqfC5d38" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgfeucDZRCfgtJ10%2Bhye9zYc6HNg%2Bio1lCveKkbka%2BgDTVnG77PtvyufQ1%2FwN4IXvvwW55YmP0rkqxny1XrZCX4rYE8GdrtqhZqACdszoMtJvGDgFLU%2F9OfjFH3Qn1Q1snrOlOGxFxEe"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin https://ypupfy.com cache-control public, max-age=14400 x-zone eu cf-ray 854432a4ff144185-LHR alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	45 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `942975400f4dba33ae453b5d2da7cb55a58f3cbcdd5182fd11bca092542968a5` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	2 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e87849dd13972aa35e307b9589b873f6c5a126d9773f846aa758b28aa9ac4fc3` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers Content-Type image/jpeg
GET H2	200	bot-captcha-1 Show response fiu.ypupfy.com/	91 KB 62 KB	65ms 40ms	Document text/html	31.220.27.98 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://fiu.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=5 Requested by Host: sa7.ypupfy.com URL: https://sa7.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=4 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.25.0 / Resource Hash `8972eb2bf29c3e559ef13584e0e3842f093686d6c7114fb2cd7b1cf53061400b` Request headers Referer https://sa7.ypupfy.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 accept-language en-GB,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 12 Feb 2024 10:37:42 GMT server nginx/1.25.0 vary Accept-Encoding x-zone eu4
GET H3	200	sdk.js Show response himgta.com/v1/	13 KB 5 KB	51ms 51ms	Script application/javascript	2606:4700:3034::6815:42b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://himgta.com/v1/sdk.js?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6MiwicG0iOjJ9eyJ&d=ypupfy.com&tpl=30&pbd=iOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsImNsaWNrX2lkIjoid3R0cmkyMDc3bnA4Ymk0dmk5Mm9maTA4Iiwic2kyIjoiYXBpeDA0LXJlZnVuZHMtdGF4LmluZm8iLCJpIjoiNSJ9eyJwaWQ Requested by Host: fiu.ypupfy.com URL: https://fiu.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=5 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:42b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `2b4696f70379e3b8581fb02b2afc2f4aaabe07662834e04f8196633285ac2ff8` Request headers accept-language en-GB,en;q=0.9 Referer https://fiu.ypupfy.com/ User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers date Mon, 12 Feb 2024 10:37:42 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"DsE4z+zBvEBYKYFIbKKmJfzHN8g" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7inOCNuERp0D2azUM%2FISGZzJ2JzvyCaMD38l09qcqWJf5eJPQTXJabBRaPyKEbWHkkzGd3EIA%2FzqgZatjaH7%2BTz8%2B4%2B86l88%2BkE3zG7l9L29Jlzi1DBDzRr6rwhGrwuBiheeX9s8qPM"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin https://ypupfy.com cache-control public, max-age=14400 x-zone eu cf-ray 854432a648b64185-LHR alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	45 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `942975400f4dba33ae453b5d2da7cb55a58f3cbcdd5182fd11bca092542968a5` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	2 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e87849dd13972aa35e307b9589b873f6c5a126d9773f846aa758b28aa9ac4fc3` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers Content-Type image/jpeg
GET H2	200	bot-captcha-1 Show response irv.ypupfy.com/	91 KB 62 KB	58ms 38ms	Document text/html	31.220.27.98 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://irv.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=6 Requested by Host: fiu.ypupfy.com URL: https://fiu.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.25.0 / Resource Hash `4fe5454151f34bc41555773a9e680fa1bfd36f4f97bf08b0ffa6700785d85787` Request headers Referer https://fiu.ypupfy.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 accept-language en-GB,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 12 Feb 2024 10:37:42 GMT server nginx/1.25.0 vary Accept-Encoding x-zone eu4
GET DATA	200 OK	truncated /	45 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `942975400f4dba33ae453b5d2da7cb55a58f3cbcdd5182fd11bca092542968a5` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	2 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e87849dd13972aa35e307b9589b873f6c5a126d9773f846aa758b28aa9ac4fc3` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers Content-Type image/jpeg
GET H3	200	sdk.js Show response himgta.com/v1/	13 KB 5 KB	277ms 277ms	Script application/javascript	2606:4700:3034::6815:42b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://himgta.com/v1/sdk.js?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6MiwicG0iOjJ9eyJ&d=ypupfy.com&tpl=30&pbd=iOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsImNsaWNrX2lkIjoid3R0cmkyMDc3bnA4Ymk0dmk5Mm9maTA4Iiwic2kyIjoiYXBpeDA0LXJlZnVuZHMtdGF4LmluZm8iLCJpIjoiNiJ9eyJwaWQ Requested by Host: irv.ypupfy.com URL: https://irv.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=6 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:42b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `68900e43f7ccfd81986f970aa64e40b9f013fab91c700cbd287fbb173bbda9f6` Request headers accept-language en-GB,en;q=0.9 Referer https://irv.ypupfy.com/ User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers date Mon, 12 Feb 2024 10:37:43 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"DpjpVJdiF+182sUo3FsA8KU3C7k" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9XMNPw76zNmbhhJuk7YhLWeux9%2FEkqzFhJnxwW9rHcyHQRk0XWG3GjChcmXHHc3gPvxzLnwqN4qmh7JtdT1s8kDSDq9vVG8MPacNCFJPDOf3hObpmu0psilMPUjpJtv8uxnObwi%2BBHie"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin https://ypupfy.com cache-control public, max-age=14400 x-zone eu cf-ray 854432a9ace94185-LHR alt-svc h3=":443"; ma=86400
GET H2	200	bot-captcha-1 Show response nj6.ypupfy.com/	91 KB 62 KB	59ms 37ms	Document text/html	31.220.27.98 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://nj6.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=7 Requested by Host: irv.ypupfy.com URL: https://irv.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.25.0 / Resource Hash `9da317000b032e70581f3719d134dc1587d1e159c7a7605319972c1814e34be4` Request headers Referer https://irv.ypupfy.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 accept-language en-GB,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 12 Feb 2024 10:37:43 GMT server nginx/1.25.0 vary Accept-Encoding x-zone eu4
GET H3	200	sdk.js Show response himgta.com/v1/	13 KB 5 KB	55ms 55ms	Script application/javascript	2606:4700:3034::6815:42b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://himgta.com/v1/sdk.js?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6MiwicG0iOjJ9eyJ&d=ypupfy.com&tpl=30&pbd=iOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsImNsaWNrX2lkIjoid3R0cmkyMDc3bnA4Ymk0dmk5Mm9maTA4Iiwic2kyIjoiYXBpeDA0LXJlZnVuZHMtdGF4LmluZm8iLCJpIjoiNyJ9eyJwaWQ Requested by Host: nj6.ypupfy.com URL: https://nj6.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=7 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:42b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `035ca56fe7d1c98dee4316b7b13c8c5c2902029da8cf8fc7ca89bd8a6b797493` Request headers accept-language en-GB,en;q=0.9 Referer https://nj6.ypupfy.com/ User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers date Mon, 12 Feb 2024 10:37:43 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"NEqTPlf4S8uVvlECiJCHtdRgquQ" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROm%2FyANvXYg3W7aYGhjk14mg5Ha5aMFW55%2Foimy7lgrNc8KXRFbWQE3LGb4sFU7lKF%2B42caB5WYb127eUl32%2Fq%2Bm%2BRBMU7P56tFWkKQD7lZxB7Rs22XakD7PsmqveLjr5AvdIdGPBVuI"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin https://ypupfy.com cache-control public, max-age=14400 x-zone eu cf-ray 854432aace284185-LHR alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	45 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `942975400f4dba33ae453b5d2da7cb55a58f3cbcdd5182fd11bca092542968a5` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	2 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e87849dd13972aa35e307b9589b873f6c5a126d9773f846aa758b28aa9ac4fc3` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers Content-Type image/jpeg
GET H2	200	Primary Request bot-captcha-1 Show response tvq.ypupfy.com/	91 KB 62 KB	59ms 37ms	Document text/html	31.220.27.98 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://tvq.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=8 Requested by Host: nj6.ypupfy.com URL: https://nj6.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.25.0 / Resource Hash `14cb9b8d7eb82a2d19d1f2dd1163dc12237014dfcc644490225091de01aab5ff` Request headers Referer https://nj6.ypupfy.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 accept-language en-GB,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 12 Feb 2024 10:37:43 GMT server nginx/1.25.0 vary Accept-Encoding x-zone eu3
GET DATA	200 OK	truncated /	45 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `942975400f4dba33ae453b5d2da7cb55a58f3cbcdd5182fd11bca092542968a5` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	2 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `e87849dd13972aa35e307b9589b873f6c5a126d9773f846aa758b28aa9ac4fc3` Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers Content-Type image/jpeg
GET H3	200	sdk.js Show response himgta.com/v1/	13 KB 5 KB	62ms 62ms	Script application/javascript	2606:4700:3034::6815:42b7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://himgta.com/v1/sdk.js?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6MiwicG0iOjJ9eyJ&d=ypupfy.com&tpl=30&pbd=iOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsImNsaWNrX2lkIjoid3R0cmkyMDc3bnA4Ymk0dmk5Mm9maTA4Iiwic2kyIjoiYXBpeDA0LXJlZnVuZHMtdGF4LmluZm8iLCJpIjoiOCJ9eyJwaWQ Requested by Host: tvq.ypupfy.com URL: https://tvq.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=8 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:42b7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1898b18ebf6687aba6ddc11e00f42d77200b718852bed80a7565fd0310ab9c8e` Request headers accept-language en-GB,en;q=0.9 Referer https://tvq.ypupfy.com/ User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 Response headers date Mon, 12 Feb 2024 10:37:43 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"uVZoGlt9/8GMsGkYi0FaeNUj6x8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMwTgrXoq7V7lg%2BjPvjuh8c0a81o6C2M2xymWY%2BWYfjkWwm2k9DSIRacXCPnLHx9ixH8St%2FcxGea17Z3bvdbwdNzf1TQsXs7oSkAHk0muhmDCBkagIRVPVFJtM%2BR%2B2Ws2HbZuaPnzdu8"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 access-control-allow-origin https://ypupfy.com cache-control public, max-age=14400 x-zone eu cf-ray 854432abf8014185-LHR alt-svc h3=":443"; ma=86400
GET H2	200	bot-captcha-1 rmh.ypupfy.com/	0 0	55ms 37ms	Document text/html	31.220.27.98 ADVANCEDHOSTERS-AS
General Check archive.org Show headers Download Go to Full URL https://rmh.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=9 Requested by Host: tvq.ypupfy.com URL: https://tvq.ypupfy.com/bot-captcha-1?h=waWQiOjEwMDA2NDYsInNpZCI6MTMyNjQ2Mywid2lkIjo1Mzc2MTgsInNyYyI6Mn0=eyJ&click_id=wttri2077np8bi4vi92ofi08&si2=apix04-refunds-tax.info&i=8 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 31.220.27.98 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL), Reverse DNS Software nginx/1.25.0 / Resource Hash Request headers Referer https://tvq.ypupfy.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36 accept-language en-GB,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Mon, 12 Feb 2024 10:37:43 GMT server nginx/1.25.0 vary Accept-Encoding x-zone eu4

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| edPushSDK

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sedodna.com/	1969-12-31 23:59:59	Name: x3332491 Value: 338451599
filter.sedodna.com/	1969-12-31 23:59:59	Name: c-1582540361 Value: -338451599
filter.sedodna.com/	1969-12-31 23:59:59	Name: jc Value: 937
.track.wwwcheckyourstats.com/	1970-01-20 18:23:40	Name: 1071beb2-deab-4611-8e0e-7912b5991da0-v4 Value: tMornlx2xoWb3C-aVd_VdnAxE5DbIp0rqNG2XrbwB_E
.track.wwwcheckyourstats.com/	1970-01-21 03:07:50	Name: cc-v4 Value: XT3DMEFeVrsY1kB0kS7g14dRwvWV889hZSv0Vg6%2FDXbzqs03BCwsWCHn6V%2BfYaztZdppw47No7w6kRqO9Rsii61LxZptAWruiM7XFWe1cQBImF8Exv7gTHiivtyH5wMIRlKLgZmYIhXFbZ8VZ%2FT4bw%3D%3D
.ypupfy.com/	1970-01-20 18:23:40	Name: truniq Value: 1
.ypupfy.com/	1970-01-20 18:32:19	Name: ufp2 Value: 06a2374044fda0527782ed497a0d1e529e12477f
.ypupfy.com/	1970-01-21 03:07:50	Name: prompt Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4773.katurnan.xyz
filter.sedodna.com
fiu.ypupfy.com
himgta.com
img.sedoparking.com
irv.ypupfy.com
jmx.ypupfy.com
lba.ypupfy.com
mdakky.com
nj6.ypupfy.com
refunds-tax.info
rmh.ypupfy.com
sa7.ypupfy.com
track.wewearegogogo.com
track.wwwcheckyourstats.com
tvq.ypupfy.com
vpb.ypupfy.com
xml.sedodna.com
ypupfy.com
139.177.202.97
173.239.53.32
18.156.16.63
205.234.175.175
2606:4700:3034::6815:42b7
2a02:b4a:1:7::9167:1
31.220.27.98
91.195.240.123
02e933f7e0f0e73e96f96e61b5b3c0ea8404fb2d5f58734f646509f84e2eabc0
035ca56fe7d1c98dee4316b7b13c8c5c2902029da8cf8fc7ca89bd8a6b797493
14cb9b8d7eb82a2d19d1f2dd1163dc12237014dfcc644490225091de01aab5ff
1898b18ebf6687aba6ddc11e00f42d77200b718852bed80a7565fd0310ab9c8e
26342629efb38a64e59fb982130f075526ca6b82b7d57a1602d37eb6d0e3245a
29fc040c5b5c3cfc2f9612d262abe7fdcb55cd4d6c4d3d938587a5b896e980e3
2b4696f70379e3b8581fb02b2afc2f4aaabe07662834e04f8196633285ac2ff8
34337382d7063dc5e59dcdcf6d43c49a0a4c5e501ebfb291ac5357aa3c9ba6b8
4fe5454151f34bc41555773a9e680fa1bfd36f4f97bf08b0ffa6700785d85787
5a2b79a1e65a6f7e26eea4e234b63a320d1a482d3b1e5183c722059267a695b6
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
68900e43f7ccfd81986f970aa64e40b9f013fab91c700cbd287fbb173bbda9f6
8972eb2bf29c3e559ef13584e0e3842f093686d6c7114fb2cd7b1cf53061400b
8ac9f3799b221a4a810960acdc2122b6e27ef867a80a46dda2aa0a5b0642b19a
942975400f4dba33ae453b5d2da7cb55a58f3cbcdd5182fd11bca092542968a5
956470d2d77cadf57e8e79836b5dbc7500e86113fafb0517f7b964be33e46df8
9da317000b032e70581f3719d134dc1587d1e159c7a7605319972c1814e34be4
a103e8aa7ec89eb90aff0f43721d719e88e7ea2a5ec7dde55f82a812cee3a902
b6d3f57251f3efbf969d83fed235f1e959f72f067db5924bf305ac286d573f78
bb2aa0a22918fb1e249df47a333d436e0f91f3570579040a142249db41628430
c331c1773bdc4afd30a59b85d3c0c98a32e87b107036a8784a5c661c7d77aa1d
d1c9549db675df295777fce00ad1da7189893642714f744eda7d6eb0cb40c899
d82c31d346e1d258a8e2629f276a32cbe5bb915b826a45e0a82d19881287afdf
e87849dd13972aa35e307b9589b873f6c5a126d9773f846aa758b28aa9ac4fc3
f9fe69df31448098ba731f081248b27e211b04d740eba217dbeae365a87fe74c

tvq.ypupfy.com Open in urlscan Pro 31.220.27.98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

28 Requests

82 %HTTPS

25 %IPv6

9 Domains

19 Subdomains

9 IPs

3 Countries

631 kBTransfer

1389 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 19 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tvq.ypupfy.com Open in urlscan Pro
31.220.27.98 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

82 %
HTTPS

25 %
IPv6

9
Domains

19
Subdomains

9
IPs

3
Countries

631 kB
Transfer

1389 kB
Size

8
Cookies

28 HTTP transactions
19 data transactions