0.bluetopperer.online Open in urlscan Pro
104.248.199.158  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://ez.co.il/tax-returns/ Page URL
2. https://local.specialadves.com/1QtY8z Page URL
3. https://brend.specialadves.com/away.php?id=223&sid=5267&pid=1643 Page URL
4. https://bluetopperer.online/go/gqyggylcgu5dkmryga?sub1=onlinewatch&sub2=gather Page URL
5. https://0.bluetopperer.online/index.php?p=gqyggylcgu5dkmryga&sub1=onlinewatch&sub2=gather Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	/ Show response ez.co.il/tax-returns/	70 KB 18 KB	1005ms 530ms	Document text/html	80.179.230.185 PARTNER-AS
General Check archive.org Show headers Download Go to Full URL https://ez.co.il/tax-returns/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.179.230.185 , Israel, ASN12400 (PARTNER-AS, IL), Reverse DNS ez.spd.co.il Software Apache/6.6.6 / Resource Hash 4894e09c6749819c16920757dfd096377951bf289f71a18266c2c30dc66d9400 Request headers Accept-Language de-DE,de;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Cache-Control max-age=0 Connection Upgrade, Keep-Alive Content-Encoding gzip Content-Length 18006 Content-Type text/html; charset=UTF-8 Date Wed, 30 Mar 2022 16:51:57 GMT Expires Wed, 30 Mar 2022 16:51:57 GMT Keep-Alive timeout=2, max=100 Link <https://ez.co.il/wp-json/>; rel="https://api.w.org/", <https://ez.co.il/?p=137>; rel=shortlink Server Apache/6.6.6 Upgrade h2,h2c Vary Accept-Encoding,User-Agent
GET H/1.1	200 OK	noise.js javasripts.classicpartnerships.com/	499 B 656 B	1428ms 1104ms	Script text/plain	111.90.143.157 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://javasripts.classicpartnerships.com/noise.js?v=1.9.9 Requested by Host: ez.co.il URL: https://ez.co.il/tax-returns/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 111.90.143.157 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS server1.kamon.la Software nginx / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://ez.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Thu, 31 Mar 2022 00:52:02 GMT Server nginx Connection keep-alive Content-Length 499 Content-Type text/plain; charset=utf-8
GET H/1.1	200 OK	rtl.css ez.co.il/wp-content/themes/Newspaper-child/	9 KB 3 KB	91ms 91ms	Stylesheet text/css	80.179.230.185 PARTNER-AS
General Check archive.org Show headers Download Go to Full URL https://ez.co.il/wp-content/themes/Newspaper-child/rtl.css?ver=4.9.20 Requested by Host: ez.co.il URL: https://ez.co.il/tax-returns/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.179.230.185 , Israel, ASN12400 (PARTNER-AS, IL), Reverse DNS ez.spd.co.il Software Apache/6.6.6 / Resource Hash 244177a05d971d935d3cc3269c8a4c7856d33a87c082ac8fb49214874b9e5f0c Request headers Accept-Language de-DE,de;q=0.9 Referer https://ez.co.il/tax-returns/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Wed, 30 Mar 2022 16:51:58 GMT Content-Encoding gzip Last-Modified Fri, 02 Jul 2021 06:26:53 GMT Server Apache/6.6.6 Vary Accept-Encoding,User-Agent Upgrade h2,h2c Cache-Control max-age=31536000, public Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type text/css; charset=utf-8 Keep-Alive timeout=2, max=100 Content-Length 2572 Expires Thu, 30 Mar 2023 16:51:58 GMT
GET H/1.1	200 OK	settings.css ez.co.il/wp-content/plugins/revslider/rs-plugin/css/	54 KB 9 KB	120ms 90ms	Stylesheet text/css	80.179.230.185 PARTNER-AS
General Check archive.org Show headers Download Go to Full URL https://ez.co.il/wp-content/plugins/revslider/rs-plugin/css/settings.css?ver=4.6.93 Requested by Host: ez.co.il URL: https://ez.co.il/tax-returns/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.179.230.185 , Israel, ASN12400 (PARTNER-AS, IL), Reverse DNS ez.spd.co.il Software Apache/6.6.6 / Resource Hash 8cf272f71df4c1da72cc6cac3e29e1099160a69a96825a6491783b41ed68e217 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ez.co.il/tax-returns/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Wed, 30 Mar 2022 16:51:58 GMT Content-Encoding gzip Last-Modified Tue, 29 Mar 2016 22:20:24 GMT Server Apache/6.6.6 Vary Accept-Encoding,User-Agent Content-Type text/css; charset=utf-8 Cache-Control max-age=31536000, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=99 Content-Length 9093 Expires Thu, 30 Mar 2023 16:51:58 GMT
GET H/1.1	200 OK	style.css ez.co.il/wp-content/themes/Newspaper/	1 MB 115 KB	199ms 108ms	Stylesheet text/css	80.179.230.185 PARTNER-AS
General Check archive.org Show headers Download Go to Full URL https://ez.co.il/wp-content/themes/Newspaper/style.css?ver=4.9.20 Requested by Host: ez.co.il URL: https://ez.co.il/tax-returns/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.179.230.185 , Israel, ASN12400 (PARTNER-AS, IL), Reverse DNS ez.spd.co.il Software Apache/6.6.6 / Resource Hash 679d379ab4492a3734f43920a55ecf78b4fa1d403dd2ffcbe1c4a7d3d9baecae Request headers Accept-Language de-DE,de;q=0.9 Referer https://ez.co.il/tax-returns/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Wed, 30 Mar 2022 16:51:58 GMT Content-Encoding gzip Last-Modified Thu, 29 Jun 2017 12:49:32 GMT Server Apache/6.6.6 Vary Accept-Encoding,User-Agent Content-Type text/css; charset=utf-8 Cache-Control max-age=31536000, public Transfer-Encoding chunked Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=99 Expires Thu, 30 Mar 2023 16:51:58 GMT
GET H/1.1	200 OK	td_live_css_frontend.css ez.co.il/wp-content/plugins/td-composer/css-live/assets/css/	3 KB 1 KB	213ms 90ms	Stylesheet text/css	80.179.230.185 PARTNER-AS
General Check archive.org Show headers Download Go to Full URL https://ez.co.il/wp-content/plugins/td-composer/css-live/assets/css/td_live_css_frontend.css?ver=4.9.20 Requested by Host: ez.co.il URL: https://ez.co.il/tax-returns/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.179.230.185 , Israel, ASN12400 (PARTNER-AS, IL), Reverse DNS ez.spd.co.il Software Apache/6.6.6 / Resource Hash 0d0dfc70ab3db84058dd4b90dbe958364689df7635d4be1b00a12aebcf3dd7ef Request headers Accept-Language de-DE,de;q=0.9 Referer https://ez.co.il/tax-returns/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Wed, 30 Mar 2022 16:51:58 GMT Content-Encoding gzip Last-Modified Sun, 16 Jul 2017 15:25:00 GMT Server Apache/6.6.6 Vary Accept-Encoding,User-Agent Content-Type text/css; charset=utf-8 Cache-Control max-age=31536000, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=98 Content-Length 887 Expires Thu, 30 Mar 2023 16:51:58 GMT
GET H2	200	css fonts.googleapis.com/	29 KB 2 KB	138ms 50ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans%3A300italic%2C400%2C400italic%2C600%2C600italic%2C700%7CRoboto%3A300%2C400%2C400italic%2C500%2C500italic%2C700%2C900&ver=8.0 Requested by Host: ez.co.il URL: https://ez.co.il/tax-returns/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c5ce197df2a08c859ba6eb38f2faa49e181fd63fd28d7a6ba5bb9dda035bea26 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ez.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 30 Mar 2022 16:30:47 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Wed, 30 Mar 2022 16:51:58 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 30 Mar 2022 16:51:58 GMT
GET H/1.1	200 OK	js_composer.min.css ez.co.il/wp-content/plugins/js_composer/assets/css/	451 KB 44 KB	275ms 109ms	Stylesheet text/css	80.179.230.185 PARTNER-AS
General Check archive.org Show headers Download Go to Full URL https://ez.co.il/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.4.7 Requested by Host: ez.co.il URL: https://ez.co.il/tax-returns/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.179.230.185 , Israel, ASN12400 (PARTNER-AS, IL), Reverse DNS ez.spd.co.il Software Apache/6.6.6 / Resource Hash f46bb0aafc668b4a997c8f2bf2b9612722575d5123d728ee15924ae9b2b9e1b1 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ez.co.il/tax-returns/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Wed, 30 Mar 2022 16:51:58 GMT Content-Encoding gzip Last-Modified Mon, 30 Apr 2018 14:33:48 GMT Server Apache/6.6.6 Vary Accept-Encoding,User-Agent Upgrade h2,h2c Cache-Control max-age=31536000, public Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type text/css; charset=utf-8 Keep-Alive timeout=2, max=100 Content-Length 44917 Expires Thu, 30 Mar 2023 16:51:58 GMT
GET H/1.1	200 OK	style.css ez.co.il/wp-content/themes/Newspaper-child/	9 KB 3 KB	261ms 93ms	Stylesheet text/css	80.179.230.185 PARTNER-AS
General Check archive.org Show headers Download Go to Full URL https://ez.co.il/wp-content/themes/Newspaper-child/style.css?ver=8.0 Requested by Host: ez.co.il URL: https://ez.co.il/tax-returns/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.179.230.185 , Israel, ASN12400 (PARTNER-AS, IL), Reverse DNS ez.spd.co.il Software Apache/6.6.6 / Resource Hash 64709cccd4c57da61b4c0b9ea8095d045ee2c179736f211090e95b4a29f0c334 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ez.co.il/tax-returns/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Wed, 30 Mar 2022 16:51:58 GMT Content-Encoding gzip Last-Modified Wed, 28 Apr 2021 10:19:18 GMT Server Apache/6.6.6 Vary Accept-Encoding,User-Agent Upgrade h2,h2c Cache-Control max-age=31536000, public Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type text/css; charset=utf-8 Keep-Alive timeout=2, max=100 Content-Length 2261 Expires Thu, 30 Mar 2023 16:51:58 GMT
GET H/1.1	200 OK	jquery.js Show response ez.co.il/wp-includes/js/jquery/	95 KB 33 KB	270ms 100ms	Script application/javascript	80.179.230.185 PARTNER-AS
General Check archive.org Show headers Download Go to Full URL https://ez.co.il/wp-includes/js/jquery/jquery.js?ver=1.12.4 Requested by Host: ez.co.il URL: https://ez.co.il/tax-returns/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.179.230.185 , Israel, ASN12400 (PARTNER-AS, IL), Reverse DNS ez.spd.co.il Software Apache/6.6.6 / Resource Hash cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ez.co.il/tax-returns/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Wed, 30 Mar 2022 16:51:58 GMT Content-Encoding gzip Last-Modified Thu, 05 Sep 2019 01:27:25 GMT Server Apache/6.6.6 Vary Accept-Encoding,User-Agent Upgrade h2,h2c Cache-Control max-age=31536000, public Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type application/javascript; charset=utf-8 Keep-Alive timeout=2, max=100 Content-Length 33776 Expires Thu, 30 Mar 2023 16:51:58 GMT
GET H/1.1	200 OK	jquery-migrate.min.js Show response ez.co.il/wp-includes/js/jquery/	10 KB 4 KB	305ms 91ms	Script application/javascript	80.179.230.185 PARTNER-AS
General Check archive.org Show headers Download Go to Full URL https://ez.co.il/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 Requested by Host: ez.co.il URL: https://ez.co.il/tax-returns/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.179.230.185 , Israel, ASN12400 (PARTNER-AS, IL), Reverse DNS ez.spd.co.il Software Apache/6.6.6 / Resource Hash 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Request headers Accept-Language de-DE,de;q=0.9 Referer https://ez.co.il/tax-returns/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Wed, 30 Mar 2022 16:51:58 GMT Content-Encoding gzip Last-Modified Wed, 28 Jun 2017 15:37:00 GMT Server Apache/6.6.6 Vary Accept-Encoding,User-Agent Content-Type application/javascript; charset=utf-8 Cache-Control max-age=31536000, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=97 Content-Length 4014 Expires Thu, 30 Mar 2023 16:51:58 GMT
GET H/1.1	200 OK	jquery.themepunch.tools.min.js Show response ez.co.il/wp-content/plugins/revslider/rs-plugin/js/	98 KB 34 KB	365ms 102ms	Script application/javascript	80.179.230.185 PARTNER-AS
General Check archive.org Show headers Download Go to Full URL https://ez.co.il/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.tools.min.js?ver=4.6.93 Requested by Host: ez.co.il URL: https://ez.co.il/tax-returns/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.179.230.185 , Israel, ASN12400 (PARTNER-AS, IL), Reverse DNS ez.spd.co.il Software Apache/6.6.6 / Resource Hash bc4167870364383537b76a35af54fcb3146a0a9757e1ab89571ee1a32d43ea43 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ez.co.il/tax-returns/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Wed, 30 Mar 2022 16:51:58 GMT Content-Encoding gzip Last-Modified Tue, 29 Mar 2016 22:20:45 GMT Server Apache/6.6.6 Vary Accept-Encoding,User-Agent Content-Type application/javascript; charset=utf-8 Cache-Control max-age=31536000, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=99 Content-Length 34312 Expires Thu, 30 Mar 2023 16:51:58 GMT
GET H/1.1	200 OK	jquery.themepunch.revolution.min.js Show response ez.co.il/wp-content/plugins/revslider/rs-plugin/js/	107 KB 26 KB	365ms 98ms	Script application/javascript	80.179.230.185 PARTNER-AS
General Check archive.org Show headers Download Go to Full URL https://ez.co.il/wp-content/plugins/revslider/rs-plugin/js/jquery.themepunch.revolution.min.js?ver=4.6.93 Requested by Host: ez.co.il URL: https://ez.co.il/tax-returns/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.179.230.185 , Israel, ASN12400 (PARTNER-AS, IL), Reverse DNS ez.spd.co.il Software Apache/6.6.6 / Resource Hash 7e5efee0efab67664f43a04820573d1631e792052aeeedb3163b6d0579ec3e34 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ez.co.il/tax-returns/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Wed, 30 Mar 2022 16:51:58 GMT Content-Encoding gzip Last-Modified Tue, 29 Mar 2016 22:20:40 GMT Server Apache/6.6.6 Vary Accept-Encoding,User-Agent Content-Type application/javascript; charset=utf-8 Cache-Control max-age=31536000, public Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=99 Content-Length 26458 Expires Thu, 30 Mar 2023 16:51:58 GMT
GET H/1.1	200 OK	rtl.css ez.co.il/wp-content/themes/Newspaper-child/	9 KB 3 KB	264ms 96ms	Stylesheet text/css	80.179.230.185 PARTNER-AS
General Check archive.org Show headers Download Go to Full URL https://ez.co.il/wp-content/themes/Newspaper-child/rtl.css Requested by Host: ez.co.il URL: https://ez.co.il/tax-returns/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 80.179.230.185 , Israel, ASN12400 (PARTNER-AS, IL), Reverse DNS ez.spd.co.il Software Apache/6.6.6 / Resource Hash 244177a05d971d935d3cc3269c8a4c7856d33a87c082ac8fb49214874b9e5f0c Request headers Accept-Language de-DE,de;q=0.9 Referer https://ez.co.il/tax-returns/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Wed, 30 Mar 2022 16:51:58 GMT Content-Encoding gzip Last-Modified Fri, 02 Jul 2021 06:26:53 GMT Server Apache/6.6.6 Vary Accept-Encoding,User-Agent Upgrade h2,h2c Cache-Control max-age=31536000, public Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type text/css; charset=utf-8 Keep-Alive timeout=2, max=100 Content-Length 2572 Expires Thu, 30 Mar 2023 16:51:58 GMT
GET		adsbygoogle.js pagead2.googlesyndication.com/pagead/js/	0 0
GET		/ secure.gravatar.com/avatar/	0 0
GET		logo1-1.png ez.co.il/wp-content/uploads/2016/02/	0 0
GET		Tax-Refund-EZ-696x412.jpg ez.co.il/wp-content/uploads/2016/02/	0 0
GET H/1.1	200 OK	step.js Show response walk.classicpartnerships.com/	499 B 656 B	808ms 155ms	Script text/plain	111.90.143.157 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://walk.classicpartnerships.com/step.js Requested by Host: ez.co.il URL: https://ez.co.il/tax-returns/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 111.90.143.157 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS server1.kamon.la Software nginx / Resource Hash 96481e2f18408b727eecf133520b71bf09559bd597e6ee386d50908faa1da190 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ez.co.il/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Date Thu, 31 Mar 2022 00:52:02 GMT Server nginx Connection keep-alive Content-Length 499 Content-Type text/plain; charset=utf-8
GET		aff_i ezmedia.go2cloud.org/	0 0
GET		pixel rtb.mfadsrvr.com/	0 0
GET		aff_i ezmedia.go2cloud.org/	0 0
GET		logo1-1.png www.ez.co.il/wp-content/uploads/2016/02/	0 0
GET		style.css ez.co.il/wp-content/plugins/widget-countdown/includes/style/	0 0
GET		dashicons.min.css ez.co.il/wp-includes/css/	0 0
GET		thickbox.css ez.co.il/wp-includes/js/thickbox/	0 0
GET		tagdiv_theme.js ez.co.il/wp-content/themes/Newspaper/js/	0 0
GET		comment-reply.min.js ez.co.il/wp-includes/js/	0 0
GET		front_end_js.js ez.co.il/wp-content/plugins/widget-countdown/includes/javascript/	0 0
GET		thickbox.js ez.co.il/wp-includes/js/thickbox/	0 0
GET		1QtY8z local.specialadves.com/	0 0
GET H/1.1	200 OK	1QtY8z local.specialadves.com/	719 B 1 KB	1044ms 712ms	Document text/html	111.90.143.157 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://local.specialadves.com/1QtY8z Requested by Host: javasripts.classicpartnerships.com URL: https://javasripts.classicpartnerships.com/noise.js?v=1.9.9 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 111.90.143.157 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS server1.kamon.la Software nginx / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://ez.co.il/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Access-Control-Allow-Origin * Cache-Control no-cache, no-store, must-revalidate,post-check=0,pre-check=0 Connection keep-alive Content-Length 719 Content-Type text/html; charset=UTF-8 Date Thu, 31 Mar 2022 00:52:04 GMT Expires 0 Last-Modified Wed, 30 Mar 2022 16:52:00 GMT Pragma no-cache Server nginx Vary Accept-Encoding
GET H/1.1	200 OK	away.php brend.specialadves.com/	856 B 616 B	1312ms 154ms	Document text/html	111.90.143.157 SHINJIRU-MY-AS-AP...
General Check archive.org Show headers Download Go to Full URL https://brend.specialadves.com/away.php?id=223&sid=5267&pid=1643 Requested by Host: local.specialadves.com URL: https://local.specialadves.com/1QtY8z Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 111.90.143.157 Kuala Lumpur, Malaysia, ASN45839 (SHINJIRU-MY-AS-AP Shinjiru Technology Sdn Bhd, MY), Reverse DNS server1.kamon.la Software nginx / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://local.specialadves.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Connection keep-alive Content-Encoding gzip Content-Length 413 Content-Type text/html; charset=UTF-8 Date Thu, 31 Mar 2022 00:52:05 GMT Server nginx Vary Accept-Encoding
GET		gqyggylcgu5dkmryga bluetopperer.online/go/	0 0
GET H2	200	gqyggylcgu5dkmryga Show response bluetopperer.online/go/	18 KB 18 KB	401ms 21ms	Document text/html	104.248.199.158 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://bluetopperer.online/go/gqyggylcgu5dkmryga?sub1=onlinewatch&sub2=gather Requested by Host: brend.specialadves.com URL: https://brend.specialadves.com/away.php?id=223&sid=5267&pid=1643 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.248.199.158 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 538aa6a442bea8d0d7a2f1429da73c8ab8405c13d6b2325b6afdadb649f5004e Security Headers Name Value Content-Security-Policy img-src https: data:; upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://brend.specialadves.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers access-control-allow-origin * content-security-policy img-src https: data:; upgrade-insecure-requests content-type text/html; charset=UTF-8 date Wed, 30 Mar 2022 16:52:02 GMT server nginx strict-transport-security max-age=31536000
GET		b71698fd2.js bluetopperer.online/	0 0
GET H2	200	Primary Request index.php Show response 0.bluetopperer.online/	50 KB 51 KB	32ms 24ms	Document text/html	104.248.199.158 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://0.bluetopperer.online/index.php?p=gqyggylcgu5dkmryga&sub1=onlinewatch&sub2=gather Requested by Host: ez.co.il URL: https://ez.co.il/tax-returns/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.248.199.158 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash 46c4ee388e774289eb8b4385575cf26175b8dab4ec174c580b36d548c4fb8a9e Security Headers Name Value Content-Security-Policy img-src https: data:; upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://bluetopperer.online/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers access-control-allow-origin * content-security-policy img-src https: data:; upgrade-insecure-requests content-type text/html; charset=UTF-8 date Wed, 30 Mar 2022 16:52:02 GMT server nginx strict-transport-security max-age=31536000
GET		b71698fd2.js 0.bluetopperer.online/	0 0
GET DATA	200 OK	truncated /	24 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6cbf5ff9c2945171c3f93c38e9c67d4b98fb5354a3c95cf4910259780c1fb9b0 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a72fd7760f623c9fd5fee0bd98df809a347471902fc479bcdae38681c1a071d1 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	3 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ca7a07233506b5529a951fd2c4580757f5606d874b8a2b0a153d14a418b201ef Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers Content-Type image/png
GET H2	200	/ Show response di1.biz/	0 264 B	81ms 27ms	Document text/html	143.198.248.63 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://di1.biz/?auf=hbqwenjtg45dcnrqgixtkmrygaxtqlzsmvstim3fmmyc6mruf4ytmnbygy2tsmjsgi&p=b&sub1=onlinewatch&sub2=gather&sub3=&sub4=&cpc=0&cpm=0 Requested by Host: ez.co.il URL: https://ez.co.il/tax-returns/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 143.198.248.63 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy img-src https: data:; upgrade-insecure-requests Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://0.bluetopperer.online/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36 Response headers access-control-allow-origin * content-security-policy img-src https: data:; upgrade-insecure-requests content-type text/html; charset=UTF-8 date Wed, 30 Mar 2022 16:52:02 GMT server nginx strict-transport-security max-age=31536000

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Domain

secure.gravatar.com

URL

https://secure.gravatar.com/avatar/?s=80&d=mm&r=g

Domain

ez.co.il

URL

https://ez.co.il/wp-content/uploads/2016/02/logo1-1.png

Domain

ez.co.il

URL

https://ez.co.il/wp-content/uploads/2016/02/Tax-Refund-EZ-696x412.jpg

Domain

ezmedia.go2cloud.org

URL

https://ezmedia.go2cloud.org/aff_i?offer_id=6&aff_id=2&aff_sub=

Domain

rtb.mfadsrvr.com

URL

https://rtb.mfadsrvr.com/pixel?id=494378&type=img

Domain

ezmedia.go2cloud.org

URL

https://ezmedia.go2cloud.org/aff_i?offer_id=6&aff_id=15

Domain

www.ez.co.il

URL

https://www.ez.co.il/wp-content/uploads/2016/02/logo1-1.png

Domain

ez.co.il

URL

https://ez.co.il/wp-content/plugins/widget-countdown/includes/style/style.css?ver=4.9.20

Domain

ez.co.il

URL

https://ez.co.il/wp-includes/css/dashicons.min.css?ver=4.9.20

Domain

ez.co.il

URL

https://ez.co.il/wp-includes/js/thickbox/thickbox.css?ver=4.9.20

Domain

ez.co.il

URL

https://ez.co.il/wp-content/themes/Newspaper/js/tagdiv_theme.js?ver=8.0

Domain

ez.co.il

URL

https://ez.co.il/wp-includes/js/comment-reply.min.js?ver=4.9.20

Domain

ez.co.il

URL

https://ez.co.il/wp-content/plugins/widget-countdown/includes/javascript/front_end_js.js?ver=4.9.20

Domain

ez.co.il

URL

https://ez.co.il/wp-includes/js/thickbox/thickbox.js?ver=3.1-20121105

Domain

local.specialadves.com

URL

https://local.specialadves.com/1QtY8z

Domain

bluetopperer.online

URL

https://bluetopperer.online/go/gqyggylcgu5dkmryga?sub1=onlinewatch&sub2=gather

Domain

bluetopperer.online

URL

https://bluetopperer.online/b71698fd2.js

Domain

0.bluetopperer.online

URL

https://0.bluetopperer.online/b71698fd2.js

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			local.specialadves.com/	1970-01-20 02:42:17	Name: _subid Value: dce8g762448ab085391
			local.specialadves.com/	1970-02-08 03:56:44	Name: af1c2 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0XCI6MTY0ODY1OTEyMH0sXCJjYW1wYWlnbnNcIjp7XCIxXCI6MTY0ODY1OTEyMH0sXCJ0aW1lXCI6MTY0ODY1OTEyMH0ifQ.2elAYa2xYnNyUaM6vzb3fiOjLPxQeTlttY-BcXvNyaE
			.bluetopperer.online/	1970-01-20 02:40:51	Name: uuid Value: d941761e-9c59-413e-8c59-064cf7277a24
			.0.bluetopperer.online/	1970-01-20 02:40:51	Name: uuid Value: d941761e-9c59-413e-8c59-064cf7277a24
			di1.biz/	1970-01-20 02:40:51	Name: uuid Value: 400a1818-1dad-4b02-9f9f-6ce73ccacdd4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.bluetopperer.online
bluetopperer.online
brend.specialadves.com
di1.biz
ez.co.il
ezmedia.go2cloud.org
fonts.googleapis.com
javasripts.classicpartnerships.com
local.specialadves.com
pagead2.googlesyndication.com
rtb.mfadsrvr.com
secure.gravatar.com
walk.classicpartnerships.com
www.ez.co.il
0.bluetopperer.online
bluetopperer.online
ez.co.il
ezmedia.go2cloud.org
local.specialadves.com
pagead2.googlesyndication.com
rtb.mfadsrvr.com
secure.gravatar.com
www.ez.co.il
104.248.199.158
111.90.143.157
143.198.248.63
2a00:1450:4001:811::200a
80.179.230.185
0d0dfc70ab3db84058dd4b90dbe958364689df7635d4be1b00a12aebcf3dd7ef
244177a05d971d935d3cc3269c8a4c7856d33a87c082ac8fb49214874b9e5f0c
46c4ee388e774289eb8b4385575cf26175b8dab4ec174c580b36d548c4fb8a9e
4894e09c6749819c16920757dfd096377951bf289f71a18266c2c30dc66d9400
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
538aa6a442bea8d0d7a2f1429da73c8ab8405c13d6b2325b6afdadb649f5004e
64709cccd4c57da61b4c0b9ea8095d045ee2c179736f211090e95b4a29f0c334
679d379ab4492a3734f43920a55ecf78b4fa1d403dd2ffcbe1c4a7d3d9baecae
6cbf5ff9c2945171c3f93c38e9c67d4b98fb5354a3c95cf4910259780c1fb9b0
7e5efee0efab67664f43a04820573d1631e792052aeeedb3163b6d0579ec3e34
8cf272f71df4c1da72cc6cac3e29e1099160a69a96825a6491783b41ed68e217
96481e2f18408b727eecf133520b71bf09559bd597e6ee386d50908faa1da190
a72fd7760f623c9fd5fee0bd98df809a347471902fc479bcdae38681c1a071d1
bc4167870364383537b76a35af54fcb3146a0a9757e1ab89571ee1a32d43ea43
c5ce197df2a08c859ba6eb38f2faa49e181fd63fd28d7a6ba5bb9dda035bea26
ca7a07233506b5529a951fd2c4580757f5606d874b8a2b0a153d14a418b201ef
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f46bb0aafc668b4a997c8f2bf2b9612722575d5123d728ee15924ae9b2b9e1b1