sy0.tax Open in urlscan Pro
107.148.54.31 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://sy0.tax/
Effective URL:
https://sy0.tax/app.php?tg=
Submission: On September 08 via api (September 8th 2023, 9:07:28 am UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 16 HTTP transactions. The main IP is 107.148.54.31, located in United States and belongs to PEG-HK, US. The main domain is sy0.tax.
TLS certificate: Issued by R3 on September 6th 2023. Valid for: 3 months.

This is the only time sy0.tax was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
3	107.148.54.31 107.148.54.31		398478 (PEG-HK) (PEG-HK)
1	59.110.190.43 59.110.190.43		37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
11	52.222.239.26 52.222.239.26		16509 (AMAZON-02) (AMAZON-02)
1	107.148.51.230 107.148.51.230		398478 (PEG-HK) (PEG-HK)
16	5

3 107.148.54.31 (United States)

ASN398478 (PEG-HK, US)

sy0.tax	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 59.110.190.43 (Beijing, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

989989.oss-cn-beijing.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.222.239.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-239-26.fra56.r.cloudfront.net

4ytwebs.s3-accelerate.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.148.51.230 (United States)

ASN398478 (PEG-HK, US)
PTR: hsstmg17.yarkua.com

4yt04.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	amazonaws.com 4ytwebs.s3-accelerate.amazonaws.com	330 KB
3	sy0.tax sy0.tax	7 KB
1	4yt04.com 4yt04.com	225 B
1	aliyuncs.com 989989.oss-cn-beijing.aliyuncs.com
16	4

	Domain	Requested by
11	4ytwebs.s3-accelerate.amazonaws.com	sy0.tax
3	sy0.tax	sy0.tax
1	4yt04.com	4ytwebs.s3-accelerate.amazonaws.com
1	989989.oss-cn-beijing.aliyuncs.com	sy0.tax
16	4

This site contains links to these domains. Also see Links.

Domain
4yt04.com

Subject Issuer	Validity	Valid
sy0.rip R3	`2023-09-06` - `2023-12-05`	3 months	crt.sh
*.oss-cn-beijing.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G3	`2023-07-07` - `2024-03-18`	8 months	crt.sh
*.s3-accelerate.amazonaws.com Amazon RSA 2048 M01	`2023-07-17` - `2024-03-17`	8 months	crt.sh
4yt.app R3	`2023-08-30` - `2023-11-28`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://sy0.tax/app.php?tg=
Frame ID: 2670850C0010DF326D3AB44DDED5EFDF
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

四月天APP下载

Page URL History Show full URLs

https://sy0.tax/ Page URL
https://sy0.tax/app.php?tg= Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

fingerprint(\d)?(?:\.min)?\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

338 kB
Transfer

350 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://4yt04.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://sy0.tax/ Page URL
https://sy0.tax/app.php?tg= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
sy0.tax/ 7 KB
3 KB 920ms
287ms Document
text/html 107.148.54.31
PEG-HK

General

Check archive.org

Show headers Download Go to

Full URL

https://sy0.tax/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

107.148.54.31 , United States, ASN398478 (PEG-HK, US),

Reverse DNS

Software

nginx /

Resource Hash

d1f70a0400d394bf3252f3055166587607387c11dc88a9aec928467c9f21656e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 08 Sep 2023 09:07:20 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 jquery.base64.js Show response
sy0.tax/js/ 3 KB
1 KB 282ms
281ms Script
application/javascript 107.148.54.31
PEG-HK

General

Check archive.org

Show headers Download Go to

Full URL

https://sy0.tax/js/jquery.base64.js

Requested by

Host: sy0.tax
URL: https://sy0.tax/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

107.148.54.31 , United States, ASN398478 (PEG-HK, US),

Reverse DNS

Software

nginx /

Resource Hash

b536cbadf594e8466203a532e8711270276ae76c5c5e468a6f3dabd273db0332

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sy0.tax/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 09:07:20 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 04 Sep 2023 11:20:05 GMT
server: nginx
etag: W/"64f5bd65-b69"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Fri, 08 Sep 2023 21:07:20 GMT

GET
H/1.1 403
Forbidden jquery.min.js
989989.oss-cn-beijing.aliyuncs.com/wx/js/ 0
0 785ms
265ms Script
application/xml 59.110.190.43
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://989989.oss-cn-beijing.aliyuncs.com/wx/js/jquery.min.js
Requested by: Host: sy0.tax
URL: https://sy0.tax/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.43 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://sy0.tax/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

GET
H2 200 Primary Request app.php Show response
sy0.tax/ 6 KB
2 KB 286ms
286ms Document
text/html 107.148.54.31
PEG-HK

General

Check archive.org

Show headers Download Go to

Full URL

https://sy0.tax/app.php?tg=

Requested by

Host: sy0.tax
URL: https://sy0.tax/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

107.148.54.31 , United States, ASN398478 (PEG-HK, US),

Reverse DNS

Software

nginx /

Resource Hash

7267fcb06f56b6c9e9ff14072e23040631e6da6088f3f4b622cb07ee0b6bd239

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://sy0.tax/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 08 Sep 2023 09:07:21 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H/1.1 200
OK jquery-2.2.4.min.js Show response
4ytwebs.s3-accelerate.amazonaws.com/downs/js/ 84 KB
84 KB 813ms
720ms Script
application/javascript 52.222.239.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://4ytwebs.s3-accelerate.amazonaws.com/downs/js/jquery-2.2.4.min.js
Requested by: Host: sy0.tax
URL: https://sy0.tax/app.php?tg=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.239.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-239-26.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sy0.tax/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 09:07:23 GMT
Via: 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-amz-request-id: 29RH3JMEWB1SGSJG
X-Amz-Cf-Pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 85578
x-amz-id-2: 4xA3Yu/qCQ2NkQ8nlv3INAcQIpYBgTWS7R6+T4lOPsTVIoSDPLMKGHuFdXSK9aFmFxY6fIR0QPM=
Last-Modified: Mon, 04 Sep 2023 21:57:29 GMT
Server: AmazonS3
ETag: "2f6b11a7e914718e0290410e85366fe9"
Content-Type: application/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: 1mqlGp9I3ODdM6R9x-2INOnbnWvHxVXCrFtaaSbwRknzg9HSECxWMQ==
x-amz-meta-s3b-last-modified: 20230904T112005Z

GET
H/1.1 200
OK logo.png
4ytwebs.s3-accelerate.amazonaws.com/downs/img/ 4 KB
4 KB 792ms
699ms Image
image/png 52.222.239.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4ytwebs.s3-accelerate.amazonaws.com/downs/img/logo.png
Requested by: Host: sy0.tax
URL: https://sy0.tax/app.php?tg=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.239.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-239-26.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 542f11ea3b826aac14e35f0630836d0eddd6e1bf21eec353d01d90d7c08e9125

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sy0.tax/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 09:07:23 GMT
Via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
x-amz-request-id: 29RGG54B6HRQQVSH
X-Amz-Cf-Pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 542f11ea3b826aac14e35f0630836d0eddd6e1bf21eec353d01d90d7c08e9125
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 3792
x-amz-id-2: 3aPr0um0O/GyccWaoNynsWPJSNQnBBrentI2D073eyaYrmjmoO5RJH7+kOyFJ5xPIgN/c7sfH+c=
Last-Modified: Mon, 04 Sep 2023 21:57:34 GMT
Server: AmazonS3
ETag: "611adbb19f760690cf4983bff5d08d89"
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: o0hzeKGsZPvAy0VCHskbXAE_D3czjHVEAnVoY90MOtVQ6r1oOqdGwA==
x-amz-meta-s3b-last-modified: 20230902T115544Z

GET
H/1.1 200
OK txt_right.png
4ytwebs.s3-accelerate.amazonaws.com/downs/img/ 9 KB
10 KB 682ms
224ms Image
image/png 52.222.239.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4ytwebs.s3-accelerate.amazonaws.com/downs/img/txt_right.png
Requested by: Host: sy0.tax
URL: https://sy0.tax/app.php?tg=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.239.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-239-26.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 82c6ef0e5d13b11a6ba844a127b877265675d7a23e001ab0f39c30cdced2ab4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sy0.tax/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 09:07:24 GMT
Via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-amz-request-id: KEW4DDTYWGWD2DA2
X-Amz-Cf-Pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 82c6ef0e5d13b11a6ba844a127b877265675d7a23e001ab0f39c30cdced2ab4b
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 9399
x-amz-id-2: XC1ON6Cv70EAF0t98nk5Hfk98GGP92T7sX47RGXeJecpQ/rg3kYaG3vX1pOfVkWONvPtwAwI47Q=
Last-Modified: Mon, 04 Sep 2023 21:57:34 GMT
Server: AmazonS3
ETag: "8bc2dc8c4ccbb2e76ec2fa8c574aeb62"
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: _uWkvEF1zpqu3YQrPGbeZtspv87jyccLJiQ6lWaRgooNOHZyQx7HDQ==
x-amz-meta-s3b-last-modified: 20230902T115544Z

GET
H/1.1 200
OK txt_left.png
4ytwebs.s3-accelerate.amazonaws.com/downs/img/ 6 KB
7 KB 774ms
693ms Image
image/png 52.222.239.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4ytwebs.s3-accelerate.amazonaws.com/downs/img/txt_left.png
Requested by: Host: sy0.tax
URL: https://sy0.tax/app.php?tg=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.239.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-239-26.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd57e9c9d04c80f54bb2327ee82817e970a51e9ed62181898973b6db0a379aac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sy0.tax/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 09:07:24 GMT
Via: 1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
x-amz-request-id: KEW6K7TNY9P2MVRD
X-Amz-Cf-Pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: dd57e9c9d04c80f54bb2327ee82817e970a51e9ed62181898973b6db0a379aac
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 6653
x-amz-id-2: Fb4kgZRJr+eAHsUGd/Ow/0p38029gnHLoyUaxUOO/5PCyvqD+RF4U9qQuBYiNtaunTyN7SHpens=
Last-Modified: Mon, 04 Sep 2023 21:57:34 GMT
Server: AmazonS3
ETag: "c1e4fe9be9e793fd62bd3722957552bc"
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: unP25cjfDhm217vD3cOhtHHKxrqlcVkjo7SSyBk3PjMXoo7U-CUIzg==
x-amz-meta-s3b-last-modified: 20230902T115544Z

GET
H/1.1 200
OK btn_down2.png
4ytwebs.s3-accelerate.amazonaws.com/downs/img/ 5 KB
5 KB 795ms
718ms Image
image/png 52.222.239.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4ytwebs.s3-accelerate.amazonaws.com/downs/img/btn_down2.png
Requested by: Host: sy0.tax
URL: https://sy0.tax/app.php?tg=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.239.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-239-26.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae23e86958221c0736bbec77f855f34f448000e30e0867151589c48dcd426caf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sy0.tax/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 09:07:24 GMT
Via: 1.1 a823be133adad65df6d3bf471a742792.cloudfront.net (CloudFront)
x-amz-request-id: KEWES13723NG2AWF
X-Amz-Cf-Pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: ae23e86958221c0736bbec77f855f34f448000e30e0867151589c48dcd426caf
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 4821
x-amz-id-2: qKIJwbgfwf2aSshZCkyPqMrZVDBclCfYO7PdmCxNmcfnoh0NHQgBij3pCNKTQwhlJS73+PllmJ4=
Last-Modified: Mon, 04 Sep 2023 21:57:34 GMT
Server: AmazonS3
ETag: "d2f02bba503965685fdad7d9f990b249"
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: 8B4Tv7IyjJC3kDVHs2L4Kzwb2da_gLYdFj0J669jp8C4-9y588QAXQ==
x-amz-meta-s3b-last-modified: 20230904T171430Z

GET
H/1.1 200
OK fingerprint2.min.js Show response
4ytwebs.s3-accelerate.amazonaws.com/downs/js/ 29 KB
29 KB 697ms
697ms Script
application/javascript 52.222.239.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://4ytwebs.s3-accelerate.amazonaws.com/downs/js/fingerprint2.min.js
Requested by: Host: sy0.tax
URL: https://sy0.tax/app.php?tg=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.239.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-239-26.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b74c53b83275539f5180de251e4746b8626971a9d6929def61a8fe4bc2ad29a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sy0.tax/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 09:07:24 GMT
Via: 1.1 387adc951beb5181d840dfb5d1f09488.cloudfront.net (CloudFront)
x-amz-request-id: KEWEY1ZKJ026C9QF
X-Amz-Cf-Pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: b74c53b83275539f5180de251e4746b8626971a9d6929def61a8fe4bc2ad29a0
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 29248
x-amz-id-2: ZoB8Dvp3TLkLM795tRfQjX+eoEKlRRTF1Jk0AWxmCDoS7PXEyes9QvevHznuNnjE7WoaAzGoI8w=
Last-Modified: Mon, 04 Sep 2023 21:57:29 GMT
Server: AmazonS3
ETag: "d6a31f759302530640783cd6d5f0830f"
Content-Type: application/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: w13Lbo0opMtSd36p-tmfQA1M1kVTjNgXKWL9P7Hws93TcPRm7aO8EA==
x-amz-meta-s3b-last-modified: 20230731T082828Z

GET
H/1.1 200
OK download.js Show response
4ytwebs.s3-accelerate.amazonaws.com/downs/js/ 15 KB
16 KB 216ms
215ms Script
application/javascript 52.222.239.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://4ytwebs.s3-accelerate.amazonaws.com/downs/js/download.js
Requested by: Host: sy0.tax
URL: https://sy0.tax/app.php?tg=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.239.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-239-26.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da5e0c847067d550409747d03f92a2cdf5fc3682f6f447e53f4213c2cb0ee62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sy0.tax/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 09:07:24 GMT
Via: 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-amz-request-id: KEW5QN0R5BJF8EG9
X-Amz-Cf-Pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: da5e0c847067d550409747d03f92a2cdf5fc3682f6f447e53f4213c2cb0ee62f
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 15287
x-amz-id-2: 3+Q71xwVzxeS46VHzsdD2SrH+/WE0kJTIMTpt6aN+iI1xCGpBdFqih6XIaGDfqLBIyTtUPq9SBM=
Last-Modified: Mon, 04 Sep 2023 21:57:29 GMT
Server: AmazonS3
ETag: "63b19380ffa9f571c94f6dbb432bac2b"
Content-Type: application/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: AE6tYUyrp1VFu9SgyUROR28QUkdP_03L0Wcv8Wgg4dl4O-80r7J0ww==
x-amz-meta-s3b-last-modified: 20230731T082828Z

GET
H/1.1 200
OK swiper.min.js Show response
4ytwebs.s3-accelerate.amazonaws.com/downs/js/ 94 KB
95 KB 332ms
250ms Script
application/javascript 52.222.239.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://4ytwebs.s3-accelerate.amazonaws.com/downs/js/swiper.min.js
Requested by: Host: sy0.tax
URL: https://sy0.tax/app.php?tg=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.239.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-239-26.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3a74ade399aad09f216a28b22b223bc817e7f5d21d4e0e0017fff92ef5d89e64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sy0.tax/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 09:07:24 GMT
Via: 1.1 88f858f045c3909fad9cebbada511aee.cloudfront.net (CloudFront)
x-amz-request-id: KEW1M4MX974HDG0V
X-Amz-Cf-Pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 3a74ade399aad09f216a28b22b223bc817e7f5d21d4e0e0017fff92ef5d89e64
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 96071
x-amz-id-2: jS3Qhlz7vnaK472h/Lmhw24YgzisSrx2Fts2XeYpxLLYdcXqyQTdByG97e9zctXYnoCB7zQlwZY=
Last-Modified: Mon, 04 Sep 2023 21:57:30 GMT
Server: AmazonS3
ETag: "b96515ae167c2ea78d21331e85bce74d"
Content-Type: application/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: qJIuAs_P82XhP90Jea7jBI7z4PIJuphqh63_kLSfkep7YgTvGFBoBA==
x-amz-meta-s3b-last-modified: 20230731T082828Z

GET
H/1.1 200
OK clipboard.min.js Show response
4ytwebs.s3-accelerate.amazonaws.com/downs/js/ 10 KB
11 KB 432ms
218ms Script
application/javascript 52.222.239.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://4ytwebs.s3-accelerate.amazonaws.com/downs/js/clipboard.min.js
Requested by: Host: sy0.tax
URL: https://sy0.tax/app.php?tg=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.239.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-239-26.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c751a74fa44ae281a9385bf6b7cdfdd7158b0c8630c04d58fbf24d74fc795bfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sy0.tax/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 09:07:24 GMT
Via: 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-amz-request-id: KEW5MT7N057K603S
X-Amz-Cf-Pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: c751a74fa44ae281a9385bf6b7cdfdd7158b0c8630c04d58fbf24d74fc795bfc
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 10645
x-amz-id-2: gWdokp4JPY+f86k5Ay+a1s93U2Q9EOuiuhmXn1ZUPNIYMDotm9it7tXXLYmB9BXN1V1qic+mTsc=
Last-Modified: Mon, 04 Sep 2023 21:57:29 GMT
Server: AmazonS3
ETag: "3218bc81706cd13a826378af2f00dc3a"
Content-Type: application/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: ZuC0HU61YRmQFu24M5oZJa0IerPRnFiKDLLN5PiYzULjooy8niQkfw==
x-amz-meta-s3b-last-modified: 20230731T082828Z

GET
H/1.1 200
OK jquery-qrcode.min.js Show response
4ytwebs.s3-accelerate.amazonaws.com/downs/js/ 25 KB
26 KB 656ms
220ms Script
application/javascript 52.222.239.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://4ytwebs.s3-accelerate.amazonaws.com/downs/js/jquery-qrcode.min.js
Requested by: Host: sy0.tax
URL: https://sy0.tax/app.php?tg=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.239.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-239-26.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 347531a9fd819d86af38da3f2bf2ad9e3df5f7ad9a5c783498ee37ea58212b26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sy0.tax/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 09:07:24 GMT
Via: 1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
x-amz-request-id: KEW6TYDSPM6D36W0
X-Amz-Cf-Pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 347531a9fd819d86af38da3f2bf2ad9e3df5f7ad9a5c783498ee37ea58212b26
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 25466
x-amz-id-2: 6y1lTuVLRNTLVsyQkIpJV03mklDai+5fnIhLSev6yTItcib49jWgKGXo6UNRgPAetTy6w+kW3no=
Last-Modified: Mon, 04 Sep 2023 21:57:30 GMT
Server: AmazonS3
ETag: "9112713c8bc8c7974ccb3c2d1fb55088"
Content-Type: application/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: iRixJEfGoyGgAzJdDr6v_U38YsnASiFgqNl3FukvT47Muh48FMDm6w==
x-amz-meta-s3b-last-modified: 20230731T082828Z

GET
H/1.1 200
OK bg1.png
4ytwebs.s3-accelerate.amazonaws.com/downs/img/ 42 KB
43 KB 308ms
232ms Image
image/png 52.222.239.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4ytwebs.s3-accelerate.amazonaws.com/downs/img/bg1.png
Requested by: Host: sy0.tax
URL: https://sy0.tax/app.php?tg=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.239.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-239-26.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e64afacd54404830dbf314bc2384b6208fdd1b1311024944797bece810862e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sy0.tax/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Date: Fri, 08 Sep 2023 09:07:24 GMT
Via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
x-amz-request-id: KEWE327NQA3QX0HE
X-Amz-Cf-Pop: FRA56-P4
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 3e64afacd54404830dbf314bc2384b6208fdd1b1311024944797bece810862e7
X-Cache: Miss from cloudfront
Connection: keep-alive
Content-Length: 43141
x-amz-id-2: OQWxhtW30sIU+TR3Tw6sUImAD5JGuW6IFEBehAX0GaLlfNGVOhSA6gUQbXSzyQ9IPAuBcuDi7hg=
Last-Modified: Mon, 04 Sep 2023 21:57:30 GMT
Server: AmazonS3
ETag: "352405d81931e3c9032dc6f32d9708f5"
Content-Type: image/png
Accept-Ranges: bytes
X-Amz-Cf-Id: _Fz0--5C6PdhSVuQhtSpeKyKjwMHPRGflxiGDhcjHncITMwWmNJ-BA==
x-amz-meta-s3b-last-modified: 20230902T115544Z

GET
DATA 200
OK truncated
/ 12 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b411eeb305c35d277a0664ae271d1ef441e634ff209f317cc5436f7fd56da09b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 op.html Show response
4yt04.com/index.php/ 2 B
225 B 833ms
267ms XHR
text/html 107.148.51.230
PEG-HK

General

Check archive.org

Show headers Download Go to

Full URL

https://4yt04.com/index.php/op.html?code=

Requested by

Host: 4ytwebs.s3-accelerate.amazonaws.com
URL: https://4ytwebs.s3-accelerate.amazonaws.com/downs/js/jquery-2.2.4.min.js

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

107.148.51.230 , United States, ASN398478 (PEG-HK, US),

Reverse DNS

hsstmg17.yarkua.com

Software

nginx /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Referer: https://sy0.tax/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 09:07:24 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: *

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery number| ix object| timer function| Play function| fungeturl function| Fingerprint2 object| stepNum string| ua string| unfold string| packUp string| copyTip string| openBrower string| unit string| more string| statePre string| stateDown string| stateIns string| s string| openDes string| faileTip string| only string| payState string| lang string| uaOther boolean| isWx boolean| isQQ boolean| isQQInstalled function| setStepClass function| bindInstallBtnEvent function| startStep function| describeFileStep function| downloadStep function| androidDownload function| getUrlParam function| swiperFn function| invitationCode function| payGetURL function| payFn function| payPoll function| Swiper function| ClipboardJS function| jquery-qrcode function| qrcode

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://sy0.tax/(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://989989.oss-cn-beijing.aliyuncs.com/wx/js/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://sy0.tax/(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://989989.oss-cn-beijing.aliyuncs.com/wx/js/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://989989.oss-cn-beijing.aliyuncs.com/wx/js/jquery.min.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4yt04.com
4ytwebs.s3-accelerate.amazonaws.com
989989.oss-cn-beijing.aliyuncs.com
sy0.tax
107.148.51.230
107.148.54.31
52.222.239.26
59.110.190.43
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
347531a9fd819d86af38da3f2bf2ad9e3df5f7ad9a5c783498ee37ea58212b26
3a74ade399aad09f216a28b22b223bc817e7f5d21d4e0e0017fff92ef5d89e64
3e64afacd54404830dbf314bc2384b6208fdd1b1311024944797bece810862e7
542f11ea3b826aac14e35f0630836d0eddd6e1bf21eec353d01d90d7c08e9125
7267fcb06f56b6c9e9ff14072e23040631e6da6088f3f4b622cb07ee0b6bd239
82c6ef0e5d13b11a6ba844a127b877265675d7a23e001ab0f39c30cdced2ab4b
ae23e86958221c0736bbec77f855f34f448000e30e0867151589c48dcd426caf
b411eeb305c35d277a0664ae271d1ef441e634ff209f317cc5436f7fd56da09b
b536cbadf594e8466203a532e8711270276ae76c5c5e468a6f3dabd273db0332
b74c53b83275539f5180de251e4746b8626971a9d6929def61a8fe4bc2ad29a0
c751a74fa44ae281a9385bf6b7cdfdd7158b0c8630c04d58fbf24d74fc795bfc
d1f70a0400d394bf3252f3055166587607387c11dc88a9aec928467c9f21656e
da5e0c847067d550409747d03f92a2cdf5fc3682f6f447e53f4213c2cb0ee62f
dd57e9c9d04c80f54bb2327ee82817e970a51e9ed62181898973b6db0a379aac