www.expressfly.co.il Open in urlscan Pro
35.157.62.102 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.expressfly.co.il/
Effective URL:
https://www.expressfly.co.il/pagelogin
Submission: On June 24 via manual (June 24th 2020, 8:17:52 pm UTC) from IL

Summary HTTP 86 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 23 domains to perform 86 HTTP transactions. The main IP is 35.157.62.102, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.expressfly.co.il.
TLS certificate: Issued by Amazon on June 19th 2020. Valid for: a year.

This is the only time www.expressfly.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 4	35.157.62.102 35.157.62.102	16509 (AMAZON-02) (AMAZON-02)
12	2600:9000:20e... 2600:9000:20eb:9800:12:57c7:c780:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2600:9000:218... 2600:9000:2182:8200:15:d3fe:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:84e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE)
9	52.219.72.72 52.219.72.72	16509 (AMAZON-02) (AMAZON-02)
7	2600:9000:218... 2600:9000:2182:4600:1d:49ee:1b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1 2	23.111.9.38 23.111.9.38	33438 (HIGHWINDS2) (HIGHWINDS2)
1	143.204.94.117 143.204.94.117	16509 (AMAZON-02) (AMAZON-02)
3	52.217.39.110 52.217.39.110	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:20:... 2606:4700:20::681a:214	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	13.226.156.38 13.226.156.38	16509 (AMAZON-02) (AMAZON-02)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2 7	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	104.26.11.16 104.26.11.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
5	52.44.102.22 52.44.102.22	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
1	143.204.101.121 143.204.101.121	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
1	34.198.66.178 34.198.66.178	14618 (AMAZON-AES) (AMAZON-AES)
1	13.226.154.38 13.226.154.38	16509 (AMAZON-02) (AMAZON-02)
1	74.125.206.155 74.125.206.155	15169 (GOOGLE) (GOOGLE)
86	30

4 35.157.62.102 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-62-102.eu-central-1.compute.amazonaws.com

www.expressfly.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:9000:20eb:9800:12:57c7:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)

dyzyahse2i42m.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2182:8200:15:d3fe:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

d22mqwd3ypwcpb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.219.72.72 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3.eu-central-1.amazonaws.com

s3.eu-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2182:4600:1d:49ee:1b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

d16tr0byigrcd.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
smartair-image.travelyo-cdn.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.9.38 (Phoenix, United States) 1 redirects

ASN33438 (HIGHWINDS2, US)

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.94.117 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-117.fra50.r.cloudfront.net

62084356.adoric-om.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.217.39.110 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:214 (United States)

ASN13335 (CLOUDFLARENET, US)

js.nagich.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.226.156.38 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-38.dus51.r.cloudfront.net

d10lpsik1i8c69.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.11.16 (United States)

ASN13335 (CLOUDFLARENET, US)

settings.luckyorange.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.44.102.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-102-22.compute-1.amazonaws.com

app.adoric-om.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.121 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-121.fra50.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:7a0b:: (United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.198.66.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-66-178.compute-1.amazonaws.com

raac33.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.154.38 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-154-38.dus51.r.cloudfront.net

static.adoric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.206.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	cloudfront.net dyzyahse2i42m.cloudfront.net d22mqwd3ypwcpb.cloudfront.net d16tr0byigrcd.cloudfront.net d10lpsik1i8c69.cloudfront.net d2wy8f7a9ursnm.cloudfront.net	1 MB
12	amazonaws.com s3.eu-central-1.amazonaws.com s3.amazonaws.com	130 KB
7	google-analytics.com 2 redirects www.google-analytics.com	47 KB
6	adoric-om.com 62084356.adoric-om.com app.adoric-om.com	43 KB
4	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net bid.g.doubleclick.net	1 KB
4	expressfly.co.il 2 redirects www.expressfly.co.il	26 KB
3	nagich.co.il js.nagich.co.il	45 KB
3	google.com www.google.com	722 B
2	facebook.net connect.facebook.net	72 KB
2	mouseflow.com 1 redirects cdn.mouseflow.com	813 B
2	googletagmanager.com www.googletagmanager.com	61 KB
2	cloudflare.com cdnjs.cloudflare.com	20 KB
1	adoric.com static.adoric.com	175 KB
1	raac33.net raac33.net	760 B
1	bugsnag.com sessions.bugsnag.com	140 B
1	facebook.com www.facebook.com	377 B
1	google.de www.google.de	107 B
1	luckyorange.net settings.luckyorange.net	1 KB
1	googleadservices.com www.googleadservices.com	12 KB
1	gstatic.com www.gstatic.com	127 KB
1	travelyo-cdn.site smartair-image.travelyo-cdn.site	2 KB
1	googleapis.com ajax.googleapis.com	13 KB
0	travelyo-local.com Failed www.travelyo-local.com Failed
86	23

	Domain	Requested by
12	dyzyahse2i42m.cloudfront.net	www.expressfly.co.il
9	s3.eu-central-1.amazonaws.com	www.expressfly.co.il
7	www.google-analytics.com	2 redirects www.googletagmanager.com www.google-analytics.com www.expressfly.co.il
6	d10lpsik1i8c69.cloudfront.net	www.expressfly.co.il d10lpsik1i8c69.cloudfront.net
6	d16tr0byigrcd.cloudfront.net	www.expressfly.co.il
6	d22mqwd3ypwcpb.cloudfront.net	www.expressfly.co.il
5	app.adoric-om.com	cdnjs.cloudflare.com 62084356.adoric-om.com
4	www.expressfly.co.il	2 redirects www.expressfly.co.il
3	js.nagich.co.il	www.expressfly.co.il cdnjs.cloudflare.com
3	s3.amazonaws.com	www.expressfly.co.il 62084356.adoric-om.com
3	www.google.com	www.expressfly.co.il www.gstatic.com
2	stats.g.doubleclick.net	www.expressfly.co.il
2	connect.facebook.net	www.expressfly.co.il connect.facebook.net
2	cdn.mouseflow.com	1 redirects www.expressfly.co.il
2	www.googletagmanager.com	www.expressfly.co.il
2	cdnjs.cloudflare.com	www.expressfly.co.il
1	bid.g.doubleclick.net	www.googleadservices.com
1	static.adoric.com	www.expressfly.co.il
1	raac33.net	www.expressfly.co.il
1	sessions.bugsnag.com	cdnjs.cloudflare.com
1	d2wy8f7a9ursnm.cloudfront.net	s3.amazonaws.com
1	www.facebook.com	www.expressfly.co.il
1	www.google.de	www.expressfly.co.il
1	googleads.g.doubleclick.net	www.googleadservices.com
1	settings.luckyorange.net	cdnjs.cloudflare.com
1	www.googleadservices.com	www.googletagmanager.com
1	62084356.adoric-om.com	www.expressfly.co.il
1	www.gstatic.com	www.google.com
1	smartair-image.travelyo-cdn.site	www.expressfly.co.il
1	ajax.googleapis.com	www.expressfly.co.il
0	www.travelyo-local.com Failed	www.expressfly.co.il
86	31

This site contains links to these domains. Also see Links.

Domain
clicktime.symantec.com
he.americanexpress.co.il
s3.eu-central-1.amazonaws.com
www.facebook.com
instagram.com
www.youtube.com
bit.ly
www.travelyo.com

Subject Issuer	Validity	Valid
www.expressfly.co.il Amazon	`2020-06-19` - `2021-07-21`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.s3.eu-central-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-10`	a year	crt.sh
smartair-image.travelyo-cdn.site Amazon	`2020-02-12` - `2021-03-12`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.mouseflow.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-12` - `2022-09-14`	2 years	crt.sh
adoric.com Amazon	`2020-04-15` - `2021-05-15`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-02`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-06` - `2020-10-09`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-18` - `2021-05-18`	a year	crt.sh
raac33.net Amazon	`2019-08-04` - `2020-09-04`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.expressfly.co.il/pagelogin
Frame ID: 58C5F3E245CDFC45A39EFEBBD1017EEC
Requests: 81 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeNGJoUAAAAAArz3UHKH-jIemuFrlRip59u9vjt&co=aHR0cHM6Ly93d3cuZXhwcmVzc2ZseS5jby5pbDo0NDM.&hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&size=invisible&cb=c7x3yquoe883
Frame ID: F07A686183D5AC4F5196D52FBB65ACAC
Requests: 1 HTTP requests in this frame

Frame: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=fdf89d8
Frame ID: 8D9A3A8F51846A5731DD1D6ADE16CC53
Requests: 3 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: 91628D273EAE99A4CFB20D58D0D46342
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.expressfly.co.il/ HTTP 302
https://www.expressfly.co.il/pagelogin Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\/bugsnag.*\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery-ui.*\.js/i

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery-ui.*\.js/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

86
Requests

97 %
HTTPS

55 %
IPv6

23
Domains

31
Subdomains

30
IPs

4
Countries

2013 kB
Transfer

4144 kB
Size

19
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://clicktime.symantec.com/3SjdRoMDC6WyuU7mZ5T8Vtx6H2?u=https%3A%2F%2Fhe.americanexpress.co.il%2F%3Futm_source%3DExpressFlyWebSite%26utm_medium%3DBanner%26utm_campaign%3DExpressFly

Search URL Search Domain Scan URL

URL: https://he.americanexpress.co.il/cards-clubs/?utm_source=ExtraFlyWebSite&utm_medium=Banner&utm_campaign=CardsClubs
Title: להצטרפות

Search URL Search Domain Scan URL

URL: https://s3.eu-central-1.amazonaws.com/img.smartair.co.il/custom/Amex/Terms/%D7%AA%D7%A0%D7%90%D7%99%D7%9D+%D7%9B%D7%9C%D7%9C%D7%99%D7%9D+%D7%9C%D7%9E%D7%99%D7%9E%D7%95%D7%A9+%D7%94%D7%98%D7%91%D7%94+%D7%91%D7%90%D7%9E%D7%A6%D7%A2%D7%95%D7%AA+%D7%A0%D7%A7%D7%95%D7%93%D7%95%D7%AA+MR.pdf
Title: התנאים הכלליים

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Smartair/1630541850526049

Search URL Search Domain Scan URL

URL: https://instagram.com/smartair.co.il/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UChN_ssLdkFFehOfz660Qnaw

Search URL Search Domain Scan URL

URL: http://bit.ly/2JDBbYL
Title: תקנון Membership Rewards

Search URL Search Domain Scan URL

URL: https://he.americanexpress.co.il/personalarea/login/?returnUrl=https%3A%2F%2Fhe.americanexpress.co.il%2Fpersonalarea%2Fpoints-balance%2F&utm_source=ExpressFlyWebSite&utm_medium=Banner&utm_campaign=Exp
Title: כמה נקודות יש לי?

Search URL Search Domain Scan URL

URL: https://he.americanexpress.co.il/contact-us/benefit-form/-1/International-Partners/?utm_source=WebSiteExpressFly&utm_medium=Banner&utm_campaign=InternationalPartners
Title: לפניות בנושא נקודות והעברת נקודות

Search URL Search Domain Scan URL

URL: http://www.travelyo.com/?utm_source=smartairHP&utm_medium=smartair&utm_campaign=smartair

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.expressfly.co.il/ HTTP 302
https://www.expressfly.co.il/pagelogin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://www.expressfly.co.il/backend/user/credentials?_t=1593029853673 HTTP 302
https://www.expressfly.co.il/pagelogin?r=%2Fbackend%2Fuser%2Fcredentials%3F_t%3D1593029853673

Request Chain 43

https://cdn.mouseflow.com/projects/10ec278a-a76b-4636-a4d1-72f5e8c71760.js HTTP 301
https://cdn.mouseflow.com/projects/10ec278a-a76b-4636-a4d1-72f5e8c71760_eu.js

Request Chain 65

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=2121584520&t=pageview&_s=1&dl=https%3A%2F%2Fwww.expressfly.co.il%2Fpagelogin&ul=en-us&de=UTF-8&dt=Expressfly%20%D7%90%D7%9E%D7%A8%D7%99%D7%A7%D7%9F%20%D7%90%D7%A7%D7%A1%D7%A4%D7%A8%D7%A1%20%7C%20%D7%94%D7%9E%D7%A8%D7%AA%20%D7%A0%D7%A7%D7%95%D7%93%D7%95%D7%AA%20%D7%98%D7%99%D7%A1%D7%94%20%D7%91%D7%A9%D7%99%D7%AA%D7%95%D7%A3%20Smartair&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEALQ~&jid=566820305&gjid=134712714&cid=1987677745.1593029854&tid=UA-136090027-2&_gid=1286569624.1593029854&_r=1&gtm=2wg6h1NTNFQXM&cd1=1987677745.1593029854&z=204945225 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-136090027-2&cid=1987677745.1593029854&jid=566820305&_gid=1286569624.1593029854&gjid=134712714&_v=j83&z=204945225

Request Chain 74

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=2121584520&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.expressfly.co.il%2Fpagelogin&ul=en-us&de=UTF-8&dt=Expressfly%20%D7%90%D7%9E%D7%A8%D7%99%D7%A7%D7%9F%20%D7%90%D7%A7%D7%A1%D7%A4%D7%A8%D7%A1%20%7C%20%D7%94%D7%9E%D7%A8%D7%AA%20%D7%A0%D7%A7%D7%95%D7%93%D7%95%D7%AA%20%D7%98%D7%99%D7%A1%D7%94%20%D7%91%D7%A9%D7%99%D7%AA%D7%95%D7%A3%20Smartair&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Adoric%20-%20PayWithAMEX&ea=Visitor&el=Adoric%20-%20Variation%20%231&_u=aHDAAEALQ~&jid=569453292&gjid=1240660800&cid=1987677745.1593029854&tid=UA-136090027-2&_gid=1286569624.1593029854&_r=1&z=27339645 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-136090027-2&cid=1987677745.1593029854&jid=569453292&_gid=1286569624.1593029854&gjid=1240660800&_v=j83&z=27339645

86 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request pagelogin Show response
www.expressfly.co.il/
Redirect Chain

https://www.expressfly.co.il/
https://www.expressfly.co.il/pagelogin

49 KB
13 KB

31ms
30ms

Document
text/html

35.157.62.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.62.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-62-102.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 / PHP/5.6.40
Resource Hash: d211f5626458eb85c9f3ec22921a9952644514432b69a2c6c89210eee03f03d0

Request headers

:method: GET
:authority: www.expressfly.co.il
:scheme: https
:path: /pagelogin
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 24 Jun 2020 20:17:33 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.16.1
vary: Accept-Encoding
x-powered-by: PHP/5.6.40
cache-control: public, s-maxage=601
x-content-digest: ena119f07e634c3baac1f84f8fc9a040760d21f90c303940d4243763b43ee2680b
age: 17
temp: true
content-encoding: gzip

Redirect headers

status: 302
date: Wed, 24 Jun 2020 20:17:33 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.16.1
x-powered-by: PHP/5.6.40
cache-control: no-cache
location: /pagelogin
temp: true

GET
H2 200 base.js Show response
dyzyahse2i42m.cloudfront.net/41.4/js/compiled/frontend/templates/airtlv/ 481 KB
128 KB 120ms
73ms Script
text/javascript 2600:9000:20eb:9800:12:57c7:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyzyahse2i42m.cloudfront.net/41.4/js/compiled/frontend/templates/airtlv/base.js?v=__V__341.4--18x.05prod.31
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:9800:12:57c7:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6dbbe261c9b65dd743d3523b761f1b9a514dfddb3c86aa64cbe81bd93383bd5

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:34 GMT
content-encoding: gzip
last-modified: Mon, 22 Jun 2020 15:39:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
status: 200
x-amz-cf-id: LGU3E5d78e_q2uzCU8Zg0ms8n61_RfCIV6ElmQCZbGo3Hylmn66b1w==
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)

GET
H2 200 datepicker-il.js Show response
dyzyahse2i42m.cloudfront.net/41.4/js/compiled/frontend/templates/airtlv/il/ 1 KB
944 B 78ms
31ms Script
text/javascript 2600:9000:20eb:9800:12:57c7:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyzyahse2i42m.cloudfront.net/41.4/js/compiled/frontend/templates/airtlv/il/datepicker-il.js?v=__V__341.4--18x.05prod.31
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:9800:12:57c7:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80fee9995fe9bac4db522886cf5f49f9fc3b0484fc39841b1cba2cc38514b3b5

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:34 GMT
content-encoding: gzip
last-modified: Mon, 22 Jun 2020 15:38:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
status: 200
x-amz-cf-id: uQiCRbTcjQgKSPU9WhwGdKc9lx49E322uofWZ18-yoGaA_qihHDYrw==
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)

GET
H2 200 slider-il.js Show response
dyzyahse2i42m.cloudfront.net/41.4/js/compiled/frontend/templates/airtlv/il/ 13 KB
3 KB 79ms
32ms Script
text/javascript 2600:9000:20eb:9800:12:57c7:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyzyahse2i42m.cloudfront.net/41.4/js/compiled/frontend/templates/airtlv/il/slider-il.js?v=__V__341.4--18x.05prod.31
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:9800:12:57c7:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 423d4226e128f8a63317999bcc48fd391e24c3cba1828c039d88b5e25afa3b95

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:34 GMT
content-encoding: gzip
last-modified: Mon, 22 Jun 2020 15:38:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
status: 200
x-amz-cf-id: dDTxYtwLW7FmeAfth0cMLoybSLTD3oQ8QqrBUq4cQlTp2yQBQFQ0sA==
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)

GET
H2 200 base.css
d22mqwd3ypwcpb.cloudfront.net/amex/41.4/css/compiled/frontend/templates/airtlv/ 28 KB
6 KB 167ms
111ms Stylesheet
text/css 2600:9000:2182:8200:15:d3fe:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d22mqwd3ypwcpb.cloudfront.net/amex/41.4/css/compiled/frontend/templates/airtlv/base.css?v=__V__204841.4--18x.05prod.31
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:8200:15:d3fe:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd391f52f36106dca28c43cd9867130d6d69e27841bbe74298a315d37b717e0f

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:34 GMT
content-encoding: gzip
last-modified: Sun, 21 Jun 2020 06:05:23 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
status: 200
x-amz-cf-id: f4FHogYTV6FB0bPnyRj_8ITITu90qjvkiKaMgTOpvz8PfX_aZ89yYg==
via: 1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront)

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 708 B
571 B 25ms
23ms Script
text/javascript 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LeNGJoUAAAAAArz3UHKH-jIemuFrlRip59u9vjt

Requested by

Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6a267c8611069e58d55f84aac4a973f9a573c852f1af53679af0865c0fc518df

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 476
x-xss-protection: 1; mode=block
expires: Wed, 24 Jun 2020 20:17:33 GMT

GET
H2 200 jquery.cookie.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 3 KB
1 KB 19ms
17ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.js

Requested by

Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 11966374
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 03899399270000d6b9f0a28200000001
served-in-seconds: 0.000
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:20:12 GMT
server: cloudflare
etag: W/"5afd494c-c31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5a8922083c4fd6b9-FRA
expires: Mon, 14 Jun 2021 20:17:33 GMT

GET
H2 200 login-amex-b2b.js Show response
dyzyahse2i42m.cloudfront.net/41.4/js/compiled/frontend/templates/airtlv/ 16 KB
4 KB 87ms
40ms Script
text/javascript 2600:9000:20eb:9800:12:57c7:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyzyahse2i42m.cloudfront.net/41.4/js/compiled/frontend/templates/airtlv/login-amex-b2b.js?v=__V__341.4--18x.05prod.31
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:9800:12:57c7:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7b6f5b1b66d6d17e6d442d76efb0b486080a8228ad6b5071486ebccafa5eda00

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:34 GMT
content-encoding: gzip
last-modified: Mon, 22 Jun 2020 15:39:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
status: 200
x-amz-cf-id: e1fAqSIhS10QJC6SdWj_fncsOyZtEDXvYMst_S2OTYVUJpbpJiHGcw==
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)

GET
H2 200 login-b2b-hebrew.css
d22mqwd3ypwcpb.cloudfront.net/amex/41.4/css/compiled/frontend/templates/airtlv/ 326 KB
60 KB 199ms
143ms Stylesheet
text/css 2600:9000:2182:8200:15:d3fe:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d22mqwd3ypwcpb.cloudfront.net/amex/41.4/css/compiled/frontend/templates/airtlv/login-b2b-hebrew.css?v=__V__204841.4--18x.05prod.31
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:8200:15:d3fe:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 473992dee2aa9acf4e9a2e47ff709e28dc81a15f840bed2126eec423c52ff1d8

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:34 GMT
content-encoding: gzip
last-modified: Sun, 21 Jun 2020 06:05:07 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
status: 200
x-amz-cf-id: sCpfMI2Kk-01FcFPXAwSH7q5xPNtcqfg44bmT4s65d_SJ9phqyXR5g==
via: 1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront)

GET
H2 200 il.css
d22mqwd3ypwcpb.cloudfront.net/amex/41.4/css/compiled/frontend/templates/airtlv/ 114 KB
18 KB 69ms
13ms Stylesheet
text/css 2600:9000:2182:8200:15:d3fe:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d22mqwd3ypwcpb.cloudfront.net/amex/41.4/css/compiled/frontend/templates/airtlv/il.css?v=__V__204841.4--18x.05prod.31
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:8200:15:d3fe:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c9dde74836f2588b40e1fb6c53323d7cc00fe9157a5651a26c5c4f2678980324

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 16:06:18 GMT
content-encoding: gzip
last-modified: Sun, 21 Jun 2020 06:05:25 GMT
server: AmazonS3
age: 15076
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: p-iepmgKbGn91R7eZizXIdxjHTOcUw7in8VbDFhH6UdpUQjnatcRqQ==
via: 1.1 51054083366f59cdc509361d23d873eb.cloudfront.net (CloudFront)

GET
H2 200 jquery-ui-i18n.min.js Show response
ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/i18n/ 55 KB
13 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jqueryui/1.11.1/i18n/jquery-ui-i18n.min.js

Requested by

Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a0551a52e2be30b1992da4142ffe9b3918525e1c5cac4c9340e1267fa5e84d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Jun 2020 08:49:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1164461
status: 200
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13063
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Jun 2021 08:49:52 GMT

GET
H/1.1 200
OK styleamex.css
s3.eu-central-1.amazonaws.com/img.smartair.co.il/custom/Amex/CSS/ 1003 B
1 KB 126ms
39ms Stylesheet
text/css 52.219.72.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.eu-central-1.amazonaws.com/img.smartair.co.il/custom/Amex/CSS/styleamex.css
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.72.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 61edee0f11a8ecf58fcd14f1b5339be279b7c45f31603dd7e2411dcb4b2a2925

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Jun 2020 20:17:34 GMT
Last-Modified: Wed, 10 Jun 2020 08:00:17 GMT
Server: AmazonS3
x-amz-request-id: 06E151593D6A8A32
ETag: "5a70559506e0a16d8e3b0766c2738e75"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1003
x-amz-id-2: alPpLSwCpsK6hau/k4tmXO/f7pZ7olbjVoSc+3Dn1NCcFx2S1zS3lW7Zbs7SZe+nCJE1GOwWnhY=

GET error.js
www.travelyo-local.com/ 0
0

GET
H2 200 tab_flight.png
d16tr0byigrcd.cloudfront.net/amex/images/ 3 KB
3 KB 74ms
20ms Image
image/png 2600:9000:2182:4600:1d:49ee:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16tr0byigrcd.cloudfront.net/amex/images/tab_flight.png
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:4600:1d:49ee:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 15c140c10c008dfd72d762465ef1bc6d6691af399c380217fd56d0e05c86a7fd

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 22:28:17 GMT
content-encoding: gzip
last-modified: Thu, 16 May 2019 14:09:40 GMT
server: AmazonS3
age: 78557
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/plain
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-id: IQQTa1gKRNF_RJn1iEvWHmtU9WVx0ZLaBtHiZ7mQlma6CPjFc8l3tA==
via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)

GET
H/1.1 200
OK Amex-negative_logo-194x70-new.png
s3.eu-central-1.amazonaws.com/img.smartair.co.il/custom/Amex/ 5 KB
5 KB 36ms
32ms Image
image/png 52.219.72.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.eu-central-1.amazonaws.com/img.smartair.co.il/custom/Amex/Amex-negative_logo-194x70-new.png
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.72.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b06a7cba9d53741631d1e1d5cc42c7fbfe3dbd97dfc7e3e96391b04b64f37e63

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Jun 2020 20:17:34 GMT
Last-Modified: Sun, 14 Apr 2019 13:10:51 GMT
Server: AmazonS3
x-amz-request-id: 5F08EDEC8105DA2A
ETag: "1767948c265eb407cbdb65d78623685e"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5235
x-amz-id-2: pBH7qHL5YJ+6LpwD9TKphPKVnQPLK0nGWGb2CH5qDrJQ0/Usk4xWDfli7qhzOxRqjk7cYprNGzY=

GET
H/1.1 200
OK AMEX_EnvIcon1.png
s3.eu-central-1.amazonaws.com/img.smartair.co.il/custom/Amex/ 823 B
1 KB 70ms
34ms Image
image/png 52.219.72.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.eu-central-1.amazonaws.com/img.smartair.co.il/custom/Amex/AMEX_EnvIcon1.png
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.72.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a6627c943836976a00d2a7d04cc098b66c84db4034b5f433ec5462c7a50fff61

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Jun 2020 20:17:34 GMT
Last-Modified: Tue, 24 Sep 2019 15:38:03 GMT
Server: AmazonS3
x-amz-request-id: 92A6C8E78832ADF6
ETag: "110cf118ebba3c56ec3332c1f41eedd3"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 823
x-amz-id-2: qkiKgZ+keV9URi6R5YmatfeWDhqz+EdUtbqRDI5LvhWWTz9n3hpvx5a3quaoQUfsQAP2EeoOyLg=

GET
H/1.1 200
OK social-media-icons_07.png
s3.eu-central-1.amazonaws.com/img.smartair.co.il/custom/Footer/White+footer+2019/ 499 B
855 B 98ms
34ms Image
image/png 52.219.72.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.eu-central-1.amazonaws.com/img.smartair.co.il/custom/Footer/White+footer+2019/social-media-icons_07.png
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.72.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: c41d8c2f93e9394b2fa0b4260cf5e5dd1e0d3bb84fdf64093a4aa22527d7c733

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Jun 2020 20:17:34 GMT
Last-Modified: Thu, 28 Mar 2019 14:48:15 GMT
Server: AmazonS3
x-amz-request-id: 5CC3CDF629709723
ETag: "430ce321ecae687a2155edf1584b2f1c"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 499
x-amz-id-2: SAIaD1gLfbR10hDL04XywNJpUsMqWQPcGcTImjHNaYUANvkbE7guX/bN+uzGax7MfagnehTIq7Q=

GET
H/1.1 200
OK social-media-icons_05.png
s3.eu-central-1.amazonaws.com/img.smartair.co.il/custom/Footer/White+footer+2019/ 862 B
1 KB 95ms
26ms Image
image/png 52.219.72.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.eu-central-1.amazonaws.com/img.smartair.co.il/custom/Footer/White+footer+2019/social-media-icons_05.png
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.72.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 73b1f239e8ccd5014651ddbbb607c18d5eba19f7a71219a0d552df7926cc2726

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Jun 2020 20:17:34 GMT
Last-Modified: Thu, 28 Mar 2019 14:48:15 GMT
Server: AmazonS3
x-amz-request-id: 212E98DED27D999D
ETag: "4c534ed212b24b4e15750ab9ddc7d077"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 862
x-amz-id-2: lnOpAIaRuJh9O0b9NWu1+3LJkngExQa3aPOVJYvsCdk3BDEBrMQko/0hqjbUy9tt9Uwb7faY4uE=

GET
H/1.1 200
OK social-media-icons_03.png
s3.eu-central-1.amazonaws.com/img.smartair.co.il/custom/Footer/White+footer+2019/ 623 B
979 B 107ms
36ms Image
image/png 52.219.72.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.eu-central-1.amazonaws.com/img.smartair.co.il/custom/Footer/White+footer+2019/social-media-icons_03.png
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.72.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 272dd88b63d0e2b6163a8c4927bd3b235183025387c0c0f6554f503ae3ad6866

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Jun 2020 20:17:34 GMT
Last-Modified: Thu, 28 Mar 2019 14:48:14 GMT
Server: AmazonS3
x-amz-request-id: 94FD8014C5107667
ETag: "35670f65c2e22e9388d50dccb37c462a"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 623
x-amz-id-2: ejik8H4if7WI9KPygMbdHmj9pboMgyWxJ1vq+5oqOhWaiaCqSo221EUZrjmP3my1fdY7owwyN30=

GET
H2 200 footer-logo-travelyo.png
smartair-image.travelyo-cdn.site/custom/Footer/ 2 KB
2 KB 81ms
19ms Image
image/png 2600:9000:2182:4600:1d:49ee:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://smartair-image.travelyo-cdn.site/custom/Footer/footer-logo-travelyo.png
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:4600:1d:49ee:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f1e12d95c04b8efa1b5be1f3ecb6eb81ae23b7213ba2064d31b134fde40026dc

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Jun 2020 21:41:04 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
last-modified: Wed, 12 Feb 2020 08:36:20 GMT
server: AmazonS3
age: 945390
etag: "f8f8f095212e459d45fea63b5f7d4b08"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
x-amz-meta-img-processed: true
cache-control: public, max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 2057
x-amz-cf-id: xyL6z2XnftB7Y8aoDOpYpnCbsmAd-DKylla5qrJD9OWIgpS0FVj2-Q==

GET
H/1.1 200
OK FOOTER-new-amex_02.png
s3.eu-central-1.amazonaws.com/img.smartair.co.il/custom/Amex/ 15 KB
15 KB 108ms
36ms Image
image/png 52.219.72.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.eu-central-1.amazonaws.com/img.smartair.co.il/custom/Amex/FOOTER-new-amex_02.png
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.72.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f2dea0446240578c21fabfaebe5642762c3afa556d1cec965abb43555c26d40d

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Jun 2020 20:17:34 GMT
Last-Modified: Sun, 10 Feb 2019 15:13:00 GMT
Server: AmazonS3
x-amz-request-id: 975E0ED66486EEC9
ETag: "453020de8b9a83f23eec096b32ef3c97"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 15059
x-amz-id-2: dmq3de9vMW40IwLk1TYc36QKAQFFwzgqXgIUxQWPWw29KDw26WhWC4CIZ9mmFR5v+FZ1xE0cj+g=

GET
H2 200 common.he.js Show response
dyzyahse2i42m.cloudfront.net/js-translation/ 13 KB
13 KB 57ms
56ms Script
application/octet-stream 2600:9000:20eb:9800:12:57c7:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyzyahse2i42m.cloudfront.net/js-translation/common.he.js?v=__trans__41.4prod.31
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:9800:12:57c7:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06fbfb0c3fa7fa070b415113c4fe3bb69a55b814bc3935208c9b624a502e7701

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:34 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jun 2020 09:04:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "b96cc20988d7e96507914ae5b412664e"
x-cache: Miss from cloudfront
content-type: application/octet-stream
status: 200
x-amz-meta-content-type: text/javascript
accept-ranges: bytes
content-length: 13272
x-amz-cf-id: zIoq1ueAr62ZFIvM1vN5JOSIuImTnK4bS5CcQ1dKL466cMYOfsPbJQ==

GET
H2 200 error_frontend.he.js Show response
dyzyahse2i42m.cloudfront.net/js-translation/ 7 KB
7 KB 9ms
8ms Script
application/octet-stream 2600:9000:20eb:9800:12:57c7:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyzyahse2i42m.cloudfront.net/js-translation/error_frontend.he.js?v=__trans__41.4prod.31
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:9800:12:57c7:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e4297c949441da67f8dc65d7b79e3848f000de28df06504e4f35da8b485eddc

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 12:44:47 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jun 2020 09:04:17 GMT
server: AmazonS3
age: 27167
etag: "acae64fb14e15e1916cea35ff594e3fa"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-meta-content-type: text/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 7072
x-amz-cf-id: M8R-So6-ipXduZ5AVB7ChHLkxELwgu7xVkCQS2eyueIHIvqs8qgU1Q==

GET
H2 200 layout.he.js Show response
dyzyahse2i42m.cloudfront.net/js-translation/ 5 KB
6 KB 15ms
9ms Script
application/octet-stream 2600:9000:20eb:9800:12:57c7:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyzyahse2i42m.cloudfront.net/js-translation/layout.he.js?v=__trans__41.4prod.31
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:9800:12:57c7:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8602ba8d9aa2374e24b0252993ca496d5cb8cc4089007c29e3aa005d48be28c9

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 09:47:24 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jun 2020 09:04:15 GMT
server: AmazonS3
age: 37810
etag: "de0c9064f7dd21f2d089eab301e85f69"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-meta-content-type: text/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 5317
x-amz-cf-id: 9E5Iojgws_uOYP1_-tPyEaQIkPoqMjfo5F7YYYbEMbj21zUHYjGoFQ==

GET
H2 200 blocks.he.js Show response
dyzyahse2i42m.cloudfront.net/js-translation/ 2 KB
3 KB 15ms
9ms Script
application/octet-stream 2600:9000:20eb:9800:12:57c7:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyzyahse2i42m.cloudfront.net/js-translation/blocks.he.js?v=__trans__41.4prod.31
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:9800:12:57c7:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f80022ea56e2fa7af2d5a5bfbe54b585646d442135c4fe86f9f43a6c3b010034

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 13:41:07 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jun 2020 09:04:13 GMT
server: AmazonS3
age: 23787
etag: "156950bb535471fee3096670ab6b3c5c"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-meta-content-type: text/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 2419
x-amz-cf-id: aC6HzTvJ_EoX0QZGN9IKbUIx3XXo6YIj6TOeh43Jv9zIhaKxvqF7uA==

GET
H2 200 flightResult.he.js Show response
dyzyahse2i42m.cloudfront.net/js-translation/ 75 KB
75 KB 19ms
14ms Script
application/octet-stream 2600:9000:20eb:9800:12:57c7:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyzyahse2i42m.cloudfront.net/js-translation/flightResult.he.js?v=__trans__41.4prod.31
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:9800:12:57c7:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4ae13c4f1ed90f380272217c5f2612e51e3902467dc6e537bb3d1bc25b6aa0d

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 13:41:07 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jun 2020 09:04:14 GMT
server: AmazonS3
age: 23787
etag: "00934c0757b21eb6956325d864b1a45e"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-meta-content-type: text/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 76716
x-amz-cf-id: RQuLKn4FgJoeHudiFxstStehQDf-wgnvX1aQBnsMvBbCOFHwQ2tNfQ==

GET
H2 200 search_engine.he.js Show response
dyzyahse2i42m.cloudfront.net/js-translation/ 11 KB
11 KB 19ms
14ms Script
application/octet-stream 2600:9000:20eb:9800:12:57c7:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyzyahse2i42m.cloudfront.net/js-translation/search_engine.he.js?v=__trans__41.4prod.31
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:9800:12:57c7:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 29bef4cd3a952c74276f9ee1218113436bad72a7b910eebeea767ef59a19fc8d

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 13:41:07 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jun 2020 09:04:16 GMT
server: AmazonS3
age: 23787
etag: "0382acf60b2e6db9f808db9a501bbab5"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-meta-content-type: text/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 10952
x-amz-cf-id: nI7JSRahHJHgum2Os-32jMgxHEpizoAKklXMFzbPUn92BxYdBkNHuQ==

GET
H2 200 package_result.he.js Show response
dyzyahse2i42m.cloudfront.net/js-translation/ 19 KB
19 KB 20ms
15ms Script
application/octet-stream 2600:9000:20eb:9800:12:57c7:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyzyahse2i42m.cloudfront.net/js-translation/package_result.he.js?v=__trans__41.4prod.31
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:9800:12:57c7:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f5f56de5c3ab9abf5b7c473cbd3488024351a66bc1f5629aa344bfab599868d

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 12:44:47 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jun 2020 09:04:15 GMT
server: AmazonS3
age: 27167
etag: "9d2e6112533ef3029c91f271fdf36e59"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-meta-content-type: text/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 19124
x-amz-cf-id: YCytMopGpbzQW5pjHePBIDG1LDBkpSsN5KnHNzN0pc_58G8OLOCzUA==

GET
H2 200 packdyn.he.js Show response
dyzyahse2i42m.cloudfront.net/js-translation/ 15 KB
15 KB 20ms
15ms Script
application/octet-stream 2600:9000:20eb:9800:12:57c7:c780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyzyahse2i42m.cloudfront.net/js-translation/packdyn.he.js?v=__trans__41.4prod.31
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:9800:12:57c7:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ad2724f05fe24f435769cdd3bd3e0a85ef1b82f1beb4c051a7fa875b98887a45

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 13:41:07 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
last-modified: Mon, 15 Jun 2020 09:04:15 GMT
server: AmazonS3
age: 23787
etag: "4dbf2581b0cb8bc9a547b13c4719d210"
x-cache: Hit from cloudfront
content-type: application/octet-stream
status: 200
x-amz-meta-content-type: text/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 15295
x-amz-cf-id: i8bM1WMrKay37W6VvixWB2iEyf7yJUo5HbFpjH2FVmszfQukmcUWSg==

GET
H2

200

pagelogin Show response
www.expressfly.co.il/
Redirect Chain

https://www.expressfly.co.il/backend/user/credentials?_t=1593029853673
https://www.expressfly.co.il/pagelogin?r=%2Fbackend%2Fuser%2Fcredentials%3F_t%3D1593029853673

49 KB
13 KB

313ms
313ms

XHR
text/html

35.157.62.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.expressfly.co.il/pagelogin?r=%2Fbackend%2Fuser%2Fcredentials%3F_t%3D1593029853673
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.62.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-62-102.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.1 / PHP/5.6.40
Resource Hash: b02f6fed78a9fd2939fd2c1cf933425fefcf67cb60a4dee9dd6be805ad519d4c

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:34 GMT
content-encoding: gzip
x-content-digest: en68817989d5d94eb273399f3d7476347734623961729d4f07279a4b84801ee29a
server: nginx/1.16.1
age: 1
x-powered-by: PHP/5.6.40
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
status: 200
temp: true
cache-control: public, s-maxage=601

Redirect headers

date: Wed, 24 Jun 2020 20:17:33 GMT
server: nginx/1.16.1
x-powered-by: PHP/5.6.40
status: 302
content-type: text/html; charset=UTF-8
location: /pagelogin?r=%2Fbackend%2Fuser%2Fcredentials%3F_t%3D1593029853673
temp: true
cache-control: no-cache

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/NMoy4HgGiLr5NAQaEQa2ho8X/ 323 KB
127 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NMoy4HgGiLr5NAQaEQa2ho8X/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LeNGJoUAAAAAArz3UHKH-jIemuFrlRip59u9vjt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1533bc39e2dd8ede3893909d6f42760e0598d075951447afe88158e57b0961a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 16:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Jun 2020 20:56:25 GMT
server: sffe
age: 99479
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129939
x-xss-protection: 0
expires: Wed, 23 Jun 2021 16:39:34 GMT

GET
H2 200 rollbar.min.js Show response
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/ 61 KB
18 KB 23ms
21ms Script
application/javascript 2606:4700::6810:84e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js

Requested by

Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.expressfly.co.il/pagelogin
Origin: https://www.expressfly.co.il

Response headers

date: Wed, 24 Jun 2020 20:17:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 20524079
content-security-policy-report-only: default-src https: data: wss: 'unsafe-eval' 'unsafe-inline'; report-uri https://cdnjs.cloudflare.com/cdn-cgi/beacon/csp?req_id=5a892209cb4fd729
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0389939a190000d7293221c200000001
served-in-seconds: 0.002
timing-allow-origin: *
last-modified: Fri, 14 Sep 2018 18:00:51 GMT
server: cloudflare
etag: W/"5b9bf753-f4a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5a892209cb4fd729-FRA
expires: Mon, 14 Jun 2021 20:17:33 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 90 KB
33 KB 22ms
20ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NTNFQXM

Requested by

Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

12ea1aa1beb84ff4ba2dd9ed7614844ec5c02812dfc1fdd5c68f513befc3d24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:33 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33242
x-xss-protection: 0
last-modified: Wed, 24 Jun 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Jun 2020 20:17:33 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 88 KB
28 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5ZH5ZBN

Requested by

Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

010d81e907beaec1b9078a7d8f8384b94e1195fc4cac6cab0433ce27ed172773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:33 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28960
x-xss-protection: 0
last-modified: Wed, 24 Jun 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Jun 2020 20:17:33 GMT

GET
H2 200 menu-top-separator.png
d16tr0byigrcd.cloudfront.net/amex/images/ 1 KB
1 KB 62ms
45ms Image
image/png 2600:9000:2182:4600:1d:49ee:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16tr0byigrcd.cloudfront.net/amex/images/menu-top-separator.png
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:4600:1d:49ee:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b531f5aa7c3e534676d2601364efb7fed756fb109123311bf1a8cba1cfe49673

Request headers

Referer: https://d22mqwd3ypwcpb.cloudfront.net/amex/41.4/css/compiled/frontend/templates/airtlv/il.css?v=__V__204841.4--18x.05prod.31
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 04:54:13 GMT
content-encoding: gzip
last-modified: Sat, 15 Dec 2018 13:14:35 GMT
server: AmazonS3
age: 55401
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/plain
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: -eXdKyG0tNK69EbQZlLQcdkjY58IATslg5rtJ13EhrnnaRtrYcCQlA==
via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)

GET
H2 200 logo_free_size.png
d16tr0byigrcd.cloudfront.net/amex/images/ 5 KB
5 KB 61ms
58ms Image
image/png 2600:9000:2182:4600:1d:49ee:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16tr0byigrcd.cloudfront.net/amex/images/logo_free_size.png
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:4600:1d:49ee:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b06a7cba9d53741631d1e1d5cc42c7fbfe3dbd97dfc7e3e96391b04b64f37e63

Request headers

Referer: https://d22mqwd3ypwcpb.cloudfront.net/amex/41.4/css/compiled/frontend/templates/airtlv/login-b2b-hebrew.css?v=__V__204841.4--18x.05prod.31
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 14:26:56 GMT
content-encoding: gzip
last-modified: Sun, 14 Apr 2019 13:12:08 GMT
server: AmazonS3
age: 21038
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/plain
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-id: W0OqaDhX99g-CRaOyb6sFEb1OagRPOB9v46VAHL0LWVUFO8qjztIkw==
via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)

GET
H2 200 slideshow1.jpg
d16tr0byigrcd.cloudfront.net/amex/images/ 589 KB
588 KB 22ms
19ms Image
image/jpeg 2600:9000:2182:4600:1d:49ee:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16tr0byigrcd.cloudfront.net/amex/images/slideshow1.jpg
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:4600:1d:49ee:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12690d668e4bd1f36aed0579305ab0288e49439792d5ea0b9030c9dce97693e4

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 07:42:57 GMT
content-encoding: gzip
last-modified: Wed, 13 Mar 2019 11:14:17 GMT
server: AmazonS3
age: 45277
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/plain
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-id: 5Pr_FMKs48P-MLNknNJP_AbKNBMYGexWjN-hbApzWvJhTfAbV0afkg==
via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)

GET
H2 200 logo-footer.png
d16tr0byigrcd.cloudfront.net/amex/images/ 19 KB
12 KB 55ms
54ms Image
image/jpeg 2600:9000:2182:4600:1d:49ee:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d16tr0byigrcd.cloudfront.net/amex/images/logo-footer.png
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:4600:1d:49ee:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 644733ed63d02291193cd419d5390d0bf1213cb510e0209936eed4abe61b4e73

Request headers

Referer: https://d22mqwd3ypwcpb.cloudfront.net/amex/41.4/css/compiled/frontend/templates/airtlv/login-b2b-hebrew.css?v=__V__204841.4--18x.05prod.31
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 12:59:24 GMT
content-encoding: gzip
last-modified: Thu, 11 Apr 2019 12:12:07 GMT
server: AmazonS3
age: 26290
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/plain
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-id: a2CwRJ6nKhfivjBzGmRNdFuKQXJtGBkzmCbEs6BK15D-rrsgyNNBSQ==
via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)

GET
H/1.1 200
OK strip-1140x101.png
s3.eu-central-1.amazonaws.com/img.smartair.co.il/custom/Footer/White+footer+2019/ 599 B
955 B 52ms
41ms Image
image/png 52.219.72.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.eu-central-1.amazonaws.com/img.smartair.co.il/custom/Footer/White+footer+2019/strip-1140x101.png
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.72.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: bbd82d81a1f9c995726726118ef9db2ec6485b0858011301fb73fd710977f86c

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Jun 2020 20:17:34 GMT
Last-Modified: Sun, 31 Mar 2019 13:27:50 GMT
Server: AmazonS3
x-amz-request-id: A7B636AFE8D4413A
ETag: "5c0c888cf5e5782a1b4868a958625b7d"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 599
x-amz-id-2: dPuGbvE5E1C+FLjo/urgOG0B6OaFXMFoytof608HbJXMMAyBs5TgUSLkwdbFAqrXykeBbwU06gU=

GET
H2 200 opensanshebrew-regular-webfont.ttf
d22mqwd3ypwcpb.cloudfront.net/bundles/travelyotemplate/templates/airtlv/fonts/he/Open_Sans_Hebrew_Fixed/ 22 KB
23 KB 35ms
13ms Font
binary/octet-stream 2600:9000:2182:8200:15:d3fe:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d22mqwd3ypwcpb.cloudfront.net/bundles/travelyotemplate/templates/airtlv/fonts/he/Open_Sans_Hebrew_Fixed/opensanshebrew-regular-webfont.ttf
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:8200:15:d3fe:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f0851c05ce3383d4a5571622c078e14ebc6c23bbfe217cd06ea377220c34e50

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://d22mqwd3ypwcpb.cloudfront.net/amex/41.4/css/compiled/frontend/templates/airtlv/login-b2b-hebrew.css?v=__V__204841.4--18x.05prod.31
Origin: https://www.expressfly.co.il

Response headers

date: Wed, 24 Jun 2020 16:06:35 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
age: 15059
x-cache: Hit from cloudfront
status: 200
content-length: 22792
last-modified: Tue, 19 Nov 2019 14:50:34 GMT
server: AmazonS3
etag: "9e20aadc92b7571702dfbc1b6b1e4260"
vary: Origin
access-control-allow-methods: PUT, POST, DELETE, GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-cf-id: 0WU3-AOiv5_3g2gTeBsj9d4F-m-FHmnwbCON7Z7I2lxCfSHpLL0AjA==

GET
H2 200 glyphicons-halflings-regular.woff
d22mqwd3ypwcpb.cloudfront.net/bundles/travelyotemplate/libraries/bootstrap-3.2.0/fonts/ 23 KB
23 KB 89ms
67ms Font
application/x-font-woff 2600:9000:2182:8200:15:d3fe:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d22mqwd3ypwcpb.cloudfront.net/bundles/travelyotemplate/libraries/bootstrap-3.2.0/fonts/glyphicons-halflings-regular.woff
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:8200:15:d3fe:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://d22mqwd3ypwcpb.cloudfront.net/amex/41.4/css/compiled/frontend/templates/airtlv/login-b2b-hebrew.css?v=__V__204841.4--18x.05prod.31
Origin: https://www.expressfly.co.il

Response headers

date: Wed, 24 Jun 2020 20:17:34 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
status: 200
content-length: 23320
last-modified: Sun, 06 Sep 2015 20:27:18 GMT
server: AmazonS3
etag: "68ed1dac06bf0409c18ae7bc62889170"
vary: Origin
access-control-allow-methods: PUT, POST, DELETE, GET
content-type: application/x-font-woff
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: max-age=2592000,public
accept-ranges: bytes
x-amz-cf-id: vauD3c1nN4oJsAnH0scQ_kqLapFmkWH6vBL1LgW91fW1TziUy2niYQ==
expires: Thu, 31 Dec 2015 23:00:00 GMT

GET
H2 200 opensanshebrew-bold-webfont.ttf
d22mqwd3ypwcpb.cloudfront.net/bundles/travelyotemplate/templates/airtlv/fonts/he/Open_Sans_Hebrew_Fixed/ 23 KB
23 KB 111ms
90ms Font
binary/octet-stream 2600:9000:2182:8200:15:d3fe:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d22mqwd3ypwcpb.cloudfront.net/bundles/travelyotemplate/templates/airtlv/fonts/he/Open_Sans_Hebrew_Fixed/opensanshebrew-bold-webfont.ttf
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:8200:15:d3fe:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1457d2b2119fa338dd6a007349c69d07ab35d1ef98cf9c04a50c867a86724fa7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://d22mqwd3ypwcpb.cloudfront.net/amex/41.4/css/compiled/frontend/templates/airtlv/login-b2b-hebrew.css?v=__V__204841.4--18x.05prod.31
Origin: https://www.expressfly.co.il

Response headers

date: Wed, 24 Jun 2020 20:17:34 GMT
via: 1.1 cfe78f21e6a560afb18f3b92eb4e9605.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
status: 200
content-length: 23124
last-modified: Tue, 19 Nov 2019 14:50:34 GMT
server: AmazonS3
etag: "96281dd4dc06691a4c85ad65649a1c24"
vary: Origin
access-control-allow-methods: PUT, POST, DELETE, GET
content-type: binary/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: C1OXmWiHvnAEdCcc96JEx-1gptVRONVgVn7miRYe9NBJ7UO4BoGEsA==

GET
H2 200 fontawesome-webfont.woff2
d16tr0byigrcd.cloudfront.net/amex/images/ 75 KB
76 KB 52ms
21ms Font
images/woff2 2600:9000:2182:4600:1d:49ee:1b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d16tr0byigrcd.cloudfront.net/amex/images/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:4600:1d:49ee:1b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://d22mqwd3ypwcpb.cloudfront.net/amex/41.4/css/compiled/frontend/templates/airtlv/login-b2b-hebrew.css?v=__V__204841.4--18x.05prod.31
Origin: https://www.expressfly.co.il

Response headers

date: Wed, 24 Jun 2020 13:40:21 GMT
via: 1.1 2e790b4fedc0451605346ca92a7755a8.cloudfront.net (CloudFront)
vary: Origin
age: 23833
x-cache: Hit from cloudfront
status: 200
content-length: 77160
last-modified: Tue, 22 Oct 2019 22:28:03 GMT
server: AmazonS3
etag: "af7ae505a9eed503f8b8e6982036873e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: images/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-id: _QKB-qKMCIezeZtHHV56oCRPjuXr1A0xMpBUqJBtlHfslJTKR67_lw==

GET
H/1.1 200
OK american-express-194x70.png
s3.eu-central-1.amazonaws.com/img.smartair.co.il/custom/Amex/ 3 KB
4 KB 31ms
30ms Image
image/png 52.219.72.72
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.eu-central-1.amazonaws.com/img.smartair.co.il/custom/Amex/american-express-194x70.png
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.72.72 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: s3.eu-central-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6e5af01309dc04d343834de16dc1f427f647f8cb3196c7f1ab9fb826fc26cf3e

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Jun 2020 20:17:34 GMT
Last-Modified: Wed, 06 Mar 2019 15:23:53 GMT
Server: AmazonS3
x-amz-request-id: 05C2EE5F0A159698
ETag: "a199371c0573ba01ca719950d6ae0c68"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3423
x-amz-id-2: TX0jzEk8k3UzEZpk7KtkfGvWDPRgx29kA+YL7u/+Gk5T2LOrVCkKDTZxq/MaN4jddfaGErEXveo=

GET
H2

200

10ec278a-a76b-4636-a4d1-72f5e8c71760_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/10ec278a-a76b-4636-a4d1-72f5e8c71760.js
https://cdn.mouseflow.com/projects/10ec278a-a76b-4636-a4d1-72f5e8c71760_eu.js

764 B
661 B

53ms
53ms

Script
application/javascript

23.111.9.38
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/10ec278a-a76b-4636-a4d1-72f5e8c71760_eu.js
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.38 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f943eacfc483576eb7ca68a1fc5a4251614669e60ff2de262c16a2fd5ca9ce12

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:34 GMT
content-encoding: gzip
last-modified: Sat, 20 Jun 2020 07:35:08 GMT
server: NetDNA-cache/2.2
etag: W/"82839a52d546d61:0"
status: 200
x-cache: MISS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400

Redirect headers

status: 301
date: Wed, 24 Jun 2020 20:17:33 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
content-length: 178
location: https://cdn.mouseflow.com/projects/10ec278a-a76b-4636-a4d1-72f5e8c71760_eu.js
content-type: text/html

GET
H2 200 adoric.js Show response
62084356.adoric-om.com/ 122 KB
34 KB 242ms
131ms Script
text/javascript 143.204.94.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://62084356.adoric-om.com/adoric.js

Requested by

Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.94.117 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-94-117.fra50.r.cloudfront.net

Software

nginx /

Resource Hash

6270ca6532d17e3a996f0fecdec424d482e6b36e104a60a533c465b53434fa28

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
access-control-allow-origin: *
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1e97a-TbEaD8IX488e77wqn1nD7YUm7Dc"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/javascript; charset=utf-8
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control: max-age=900
access-control-allow-credentials: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials
x-amz-cf-id: hu-ZDvLCc10IRPYo-YU1ktJosg-yBz1kf6Pai8VfjoGrSrcDX0DseQ==

GET
H/1.1 200
OK abandonaid-expressfly.co.il.js Show response
s3.amazonaws.com/aascript/expressfly.co.il/ 81 KB
81 KB 478ms
132ms Script
application/javascript 52.217.39.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/aascript/expressfly.co.il/abandonaid-expressfly.co.il.js
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.39.110 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a56d3d026e8a0540b5f9c249040132ceddec21390650e9ac7dc2a4be6c0e477b

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Jun 2020 20:17:35 GMT
Last-Modified: Fri, 02 Aug 2019 08:32:24 GMT
Server: AmazonS3
x-amz-request-id: D43AE39EDFA5C728
ETag: "d296e873049964a366020d7820c3b024"
Content-Type: application/javascript
x-amz-version-id: H8bRyJXnYzdVDaV6jA9qaDzRqTaa5K1o
Accept-Ranges: bytes
Content-Length: 82849
x-amz-id-2: uOTSYUay02eOYD595COIpPpxLqyuX0TcHrvQPQsFFMeOkvPsLAT++KqgThdkHHAp9XMLYjPMB/g=

GET
H2 200 accessibility.js Show response
js.nagich.co.il/core/1.0.2/ 122 KB
42 KB 41ms
21ms Script
application/javascript 2606:4700:20::681a:214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.nagich.co.il/core/1.0.2/accessibility.js
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1ee0f0ea49f57fdeb7857f9fa204849a838e34b46187c8348bfbc00271b71835

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.expressfly.co.il/pagelogin
Origin: https://www.expressfly.co.il

Response headers

date: Wed, 24 Jun 2020 20:17:33 GMT
content-encoding: br
cf-cache-status: HIT
age: 371519
x-powered-by: ASP.NET
status: 200
cf-request-id: 0389939a9c0000c272d58ff200000001
last-modified: Wed, 24 Apr 2019 13:16:56 GMT
server: cloudflare
etag: W/"dc0cefd9ffad41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 5a89220a9eddc272-FRA

GET
H2 200 w.js Show response
d10lpsik1i8c69.cloudfront.net/ 5 KB
3 KB 103ms
38ms Script
application/javascript 13.226.156.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-38.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efae8a06e2c2688ba0844bf43025c26e2b49b781674d6a7cd0d63c27493620b6

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 19:37:36 GMT
content-encoding: gzip
last-modified: Thu, 11 Jun 2020 13:53:22 GMT
server: AmazonS3
age: 2423
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=3600
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: Z4PkhVYJimsAyUOL3s9-7RXEa38cA9nTmq19m6QZx8G5FDggnFgVOQ==
via: 1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame F07A 0
0 32ms
31ms Document
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeNGJoUAAAAAArz3UHKH-jIemuFrlRip59u9vjt&co=aHR0cHM6Ly93d3cuZXhwcmVzc2ZseS5jby5pbDo0NDM.&hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&size=invisible&cb=c7x3yquoe883

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/NMoy4HgGiLr5NAQaEQa2ho8X/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GlMYYuk4eoDQy3t7AqUwIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LeNGJoUAAAAAArz3UHKH-jIemuFrlRip59u9vjt&co=aHR0cHM6Ly93d3cuZXhwcmVzc2ZseS5jby5pbDo0NDM.&hl=en&v=NMoy4HgGiLr5NAQaEQa2ho8X&size=invisible&cb=c7x3yquoe883
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.expressfly.co.il/pagelogin
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.expressfly.co.il/pagelogin

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 24 Jun 2020 20:17:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-GlMYYuk4eoDQy3t7AqUwIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9805
server: GSE
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
12 KB 90ms
40ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTNFQXM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

3f14ff0f57b27f1e0459c59a78e0a7fd1fad98f564db51661098075063ce9696

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11037
x-xss-protection: 0
server: cafe
etag: 3141712289946324312
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 24 Jun 2020 20:17:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTNFQXM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 4874
date: Wed, 24 Jun 2020 18:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Wed, 24 Jun 2020 20:56:19 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 133 KB
34 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

73d764e56e8727bfd3de86dbe1c52f5105b4d6d0c41dbf91565e719e7cd74aed

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34036
x-xss-protection: 0
pragma: public
x-fb-debug: os0tUs23EkQl3Pqi+j6f7pQlyxBoAELGTBOsE5lz+wXUEPO1UMVu8Z3ZWx+QSI9gnEZVZ2aHZ9gcT04orLan1w==
x-fb-trip-id: 1781455057
x-frame-options: DENY
date: Wed, 24 Jun 2020 20:17:33 GMT, Wed, 24 Jun 2020 20:17:33 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
settings.luckyorange.net/ 2 KB
1 KB 259ms
196ms Fetch
application/json 104.26.11.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://settings.luckyorange.net/?u=https%3A%2F%2Fwww.expressfly.co.il%2Fpagelogin&s=220206

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.11.16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41b748d9b8699821b42cd77209b18546e968afa4d19ef72893976e9bafdb9743

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:34 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.expressfly.co.il
access-control-allow-credentials: true
cf-ray: 5a89220c0f48c765-AMS
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Keep-Alive,X-Requested-With,If-Modified-Since
cf-request-id: 0389939b820000c765c3a63200000001

GET
H2 200 default.css Show response
js.nagich.co.il//style/ 11 KB
3 KB 15ms
14ms XHR
text/css 2606:4700:20::681a:214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.nagich.co.il//style/default.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: afcd0a001bc5519b8ba24710d014dd7150d7838ceab0aa97f9342e959ab7b821

Request headers

Accept: */*
Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:34 GMT
content-encoding: br
cf-cache-status: HIT
age: 123518
x-powered-by: ASP.NET
status: 200
cf-request-id: 0389939b740000c272d590c200000001
last-modified: Tue, 02 Jun 2020 10:08:19 GMT
server: cloudflare
etag: W/"802b52bdc538d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 5a89220be9dcc272-FRA

GET
H2 200 btncolor.css Show response
js.nagich.co.il//style/ 103 B
221 B 22ms
21ms XHR
text/css 2606:4700:20::681a:214
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.nagich.co.il//style/btncolor.css
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:214 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 442db94f47e657604fde817ff431f353d5ae4994e08a59496ce8fed479362119

Request headers

Accept: */*
Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:34 GMT
content-encoding: br
cf-cache-status: HIT
age: 315124
x-powered-by: ASP.NET
status: 200
cf-request-id: 0389939b760000c272d590d200000001
last-modified: Mon, 11 Feb 2019 10:07:59 GMT
server: cloudflare
etag: W/"e97d81aaf1c1d41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
access-control-allow-credentials: true
cf-ray: 5a89220bf9e7c272-FRA

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 69 KB
27 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-NFDHGRM&t=gtm&cid=1987677745.1593029854

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

92b36b46ebc3925bcb7fac21f3b3b1e8c0a6b7e0e2af44ae8cbd67f3ecef2a14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:34 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27987
x-xss-protection: 0
last-modified: Wed, 24 Jun 2020 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 24 Jun 2020 20:17:34 GMT

GET
H2 200 573880302733081 Show response
connect.facebook.net/signals/config/ 150 KB
38 KB 52ms
51ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/573880302733081?v=2.9.21&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

367e6138a65234c66d9ac28dee8f8450d387b54c26d087c3b7e126afa79d7990

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 9TOs/DCXU1ZOMn30rmb+OZe6H6CRHVOneoe+5qrCrQvrbQI4xUqwW9Nh7F0xCgoXAetQqE422QOo6HXAqTWY1w==
x-fb-trip-id: 1781455057
x-frame-options: DENY
date: Wed, 24 Jun 2020 20:17:34 GMT, Wed, 24 Jun 2020 20:17:34 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/951484888/ 3 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/951484888/?random=1593029854159&cv=9&fst=1593029854159&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6h1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.expressfly.co.il%2Fpagelogin&tiba=Expressfly%20%D7%90%D7%9E%D7%A8%D7%99%D7%A7%D7%9F%20%D7%90%D7%A7%D7%A1%D7%A4%D7%A8%D7%A1%20%7C%20%D7%94%D7%9E%D7%A8%D7%AA%20%D7%A0%D7%A7%D7%95%D7%93%D7%95%D7%AA%20%D7%98%D7%99%D7%A1%D7%94%20%D7%91%D7%A9%D7%99%D7%AA%D7%95%D7%A3%20Smartair&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c085c7486d2e28dccf0a8cf5512ad8a4b4f458c8f4a1b2bc7638b26081b965f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jun 2020 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1080
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK adoric.v2.min.css
s3.amazonaws.com/adoric-static/ 162 KB
12 KB 379ms
134ms Stylesheet
text/css 52.217.39.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/adoric-static/adoric.v2.min.css
Requested by: Host: 62084356.adoric-om.com
URL: https://62084356.adoric-om.com/adoric.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.39.110 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fb7e82e38f222cf3a530ed8ebe4ebafb65e7e14ca135cf9bd8eb33f843f3a86d

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Jun 2020 20:17:35 GMT
Content-Encoding: gzip
Last-Modified: Mon, 21 Oct 2019 09:44:34 GMT
Server: AmazonS3
x-amz-request-id: 3F11905629E01E4C
ETag: "a3e0d04f73f768c61d9d1fd7d8c5d7ea"
Content-Type: text/css
Cache-Control: max-age=900
Accept-Ranges: bytes
Content-Length: 12270
x-amz-id-2: 4RQCfp82UMg2j2d+ZKDY+AdtblfXOseoO3PTvYa6VZgjWcPWGdqZkNQ8x+67XXHKGkvmIRzX1S8=

GET
H2 200 / Show response
app.adoric-om.com/v1/campaigns/ 8 KB
2 KB 387ms
150ms XHR
application/json 52.44.102.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.adoric-om.com/v1/campaigns/?user=1b644604f2ac6f476dfa80ea54ffb193&language=en&countryCode=0&browser=notIdentified&os=mac&href=https%3A%2F%2Fwww.expressfly.co.il%2Fpagelogin&device=desktop&currentShowsPerSession=0&partDay=E&newVisit=true&tz=-120&cIds=%5B%5D

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.102.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-102-22.compute-1.amazonaws.com

Software

nginx /

Resource Hash

fd1b6e6facb6ad1746b148d5c02504c3991bec6ede85a27a8e95658fe1970b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"1ec1-v471EggmJn+fzXT3ciC/Kv34PCY"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials

GET
H2 200 /
www.google.com/pagead/1p-user-list/951484888/ 42 B
151 B 20ms
19ms Image
image/gif 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/951484888/?random=1593029854159&cv=9&fst=1593028800000&num=1&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6h1&sendb=1&frm=0&url=https%3A%2F%2Fwww.expressfly.co.il%2Fpagelogin&tiba=Expressfly%20%D7%90%D7%9E%D7%A8%D7%99%D7%A7%D7%9F%20%D7%90%D7%A7%D7%A1%D7%A4%D7%A8%D7%A1%20%7C%20%D7%94%D7%9E%D7%A8%D7%AA%20%D7%A0%D7%A7%D7%95%D7%93%D7%95%D7%AA%20%D7%98%D7%99%D7%A1%D7%94%20%D7%91%D7%A9%D7%99%D7%AA%D7%95%D7%A3%20Smartair&async=1&fmt=3&is_vtc=1&random=3658895618&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jun 2020 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/951484888/ 42 B
107 B 26ms
25ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/951484888/?random=1593029854159&cv=9&fst=1593028800000&num=1&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg6h1&sendb=1&frm=0&url=https%3A%2F%2Fwww.expressfly.co.il%2Fpagelogin&tiba=Expressfly%20%D7%90%D7%9E%D7%A8%D7%99%D7%A7%D7%9F%20%D7%90%D7%A7%D7%A1%D7%A4%D7%A8%D7%A1%20%7C%20%D7%94%D7%9E%D7%A8%D7%AA%20%D7%A0%D7%A7%D7%95%D7%93%D7%95%D7%AA%20%D7%98%D7%99%D7%A1%D7%94%20%D7%91%D7%A9%D7%99%D7%AA%D7%95%D7%A3%20Smartair&async=1&fmt=3&is_vtc=1&random=3658895618&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 24 Jun 2020 20:17:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
377 B 18ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=573880302733081&ev=PageView&dl=https%3A%2F%2Fwww.expressfly.co.il%2Fpagelogin&rl=&if=false&ts=1593029854279&sw=1600&sh=1200&v=2.9.21&r=stable&ec=0&o=28&fbp=fb.2.1593029854277.636644637&it=1593029854111&coo=false&rqm=GET

Requested by

Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:34 GMT, Wed, 24 Jun 2020 20:17:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 24 Jun 2020 20:17:34 GMT

GET
H2 200 clickstream.js Show response
d10lpsik1i8c69.cloudfront.net/js/ Frame 8D9A 286 KB
92 KB 479ms
404ms Script
application/javascript 13.226.156.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=fdf89d8
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/w.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-38.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 48319b8fc3f8116efd14ba55509e26e8f3a8331bd3346c3c311d586a3a52a849

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
Origin: https://www.expressfly.co.il

Response headers

date: Wed, 24 Jun 2020 20:17:35 GMT
content-encoding: gzip
last-modified: Thu, 11 Jun 2020 13:53:21 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
status: 200
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31536000
x-cache: Miss from cloudfront
x-amz-cf-id: jwc1HMi1ZvT_7n8uu3uHksFXHFTKQsM9HCtOz4Ei3ESX1-4mpXUu9Q==
via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 19:55:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1308
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Wed, 24 Jun 2020 20:55:46 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=2121584520&t=pageview&_s=1&dl=https%3A%2F%2Fwww.expressfly.co.il%2Fpagelogin&ul=en-us&de=UTF-8&dt=Expressfly%20%D7%90%D7%9E%D7%A8%D7%99%D7%A7...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-136090027-2&cid=1987677745.1593029854&jid=566820305&_gid=1286569624.1593029854&gjid=134712714&_v=j83&z=204945225

35 B
99 B

16ms
16ms

Image
image/gif

2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-136090027-2&cid=1987677745.1593029854&jid=566820305&_gid=1286569624.1593029854&gjid=134712714&_v=j83&z=204945225

Requested by

Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 24 Jun 2020 20:17:34 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Jun 2020 20:17:34 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-136090027-2&cid=1987677745.1593029854&jid=566820305&_gid=1286569624.1593029854&gjid=134712714&_v=j83&z=204945225
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK bugsnag.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/v6/ 40 KB
13 KB 87ms
23ms Script
application/javascript 143.204.101.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Requested by: Host: s3.amazonaws.com
URL: https://s3.amazonaws.com/aascript/expressfly.co.il/abandonaid-expressfly.co.il.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.121 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-121.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 26 Mar 2020 21:59:17 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 05 Feb 2020 15:23:02 GMT
Server: AmazonS3
Age: 7769895
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
Cache-Control: public, max-age=315360000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: Cytcrg4Yis0uv52Ux43xhTHLePg3yb2YkMvIXff-cbSWufxusDjpcA==

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
140 B 146ms
145ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://www.expressfly.co.il/pagelogin
Bugsnag-Sent-At: 2020-06-24T20:17:34.616Z
Bugsnag-Api-Key: ffa9fcd8d9436202408fc27d930fdfeb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 24 Jun 2020 20:17:34 GMT
via: 1.1 google
status: 202
content-type: application/json
access-control-allow-origin: *
bugsnag-session-uuid: dac2f94e-650c-4433-8625-87f75535d215
alt-svc: clear
content-length: 21

GET
H/1.1 200
OK abandonaid.php
raac33.net/abandonaid/ 43 B
760 B 483ms
135ms Image
text/html 34.198.66.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://raac33.net/abandonaid/abandonaid.php?action_name=Expressfly%20%D7%90%D7%9E%D7%A8%D7%99%D7%A7%D7%9F%20%D7%90%D7%A7%D7%A1%D7%A4%D7%A8%D7%A1%20%7C%20%D7%94%D7%9E%D7%A8%D7%AA%20%D7%A0%D7%A7%D7%95%D7%93%D7%95%D7%AA%20%D7%98%D7%99%D7%A1%D7%94%20%D7%91%D7%A9%D7%99%D7%AA%D7%95%D7%A3%20Smartair&idsite=3234&rec=1&r=073540&h=22&m=17&s=34&url=https%3A%2F%2Fwww.expressfly.co.il%2Fpagelogin&_id=1269e8c359f785fe&_idts=1593029855&_idvc=1&_idn=1&_refts=0&_viewts=1593029855&res=1600x1200&cookie=1
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.198.66.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-198-66-178.compute-1.amazonaws.com
Software: Apache/2.2.22 (Ubuntu) / PHP/5.3.10-1ubuntu3.26
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Jun 2020 20:17:35 GMT
Content-Encoding: gzip
Server: Apache/2.2.22 (Ubuntu)
X-Powered-By: PHP/5.3.10-1ubuntu3.26
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-control: no-cache="set-cookie"
Connection: keep-alive
Content-Length: 50

GET
H2 200 goals Show response
app.adoric-om.com/v1/analytics/ 36 B
566 B 123ms
122ms XHR
application/json 52.44.102.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.adoric-om.com/v1/analytics/goals?country=CH&language=en&userId=5abcadca6b8ada94004d4785&planType=freeMonthly&planId=5abf9f3fb0073ab900148bb2&domainId=5d402f46897afb00105c31e4&isVisible=true&referrer=direct&pathname=%2Fpagelogin&hostname=www.expressfly.co.il&newVisitor=true&userAgent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&platform=Linux%20x86_64&os=mac&browser=notIdentified&device=desktop&withAdoric=true&controlGroup=true&showedLbs=%7B%7D&clientId=kbtsued6suqq1x3ri6q&liftId=&sawLightbox=&goals=%5B%7B%22id%22%3A%225abcadca6b8ada94004d4785%22%2C%22domainVisit%22%3Atrue%2C%22new%22%3Atrue%7D%5D&location=https%3A%2F%2Fwww.expressfly.co.il%2Fpagelogin

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.102.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-102-22.compute-1.amazonaws.com

Software

nginx /

Resource Hash

acf31f46bf2c7e3628a51fcb55cdb7073a9ddce529425a8e7fe4c7215ac83177

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"24-fN14pmKMiDGp3T4YO2YC+1rR18s"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials

GET
H2 200 / Show response
app.adoric-om.com/v1/versions/html/ 22 KB
5 KB 122ms
122ms XHR
application/json 52.44.102.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.adoric-om.com/v1/versions/html/?ids=5d9c2fd67d8e7c0011856513%2C5da304207f34cf00180a0310%2C5d402f7056b86b0017e17e7e&pIds=

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.102.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-102-22.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b5957045d099ef5f210636d1c7c0edf51937746034d9c363bdb2e00a0ef73c1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"59f7-4jxQO6TNxEvKfK1Ozq5Iz+TR8l4"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials

GET
H/1.1 200
OK open-sans-hebrew-gf.css
s3.amazonaws.com/adoric-fonts/ 5 KB
5 KB 241ms
240ms Stylesheet
text/css 52.217.39.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/adoric-fonts/open-sans-hebrew-gf.css
Requested by: Host: 62084356.adoric-om.com
URL: https://62084356.adoric-om.com/adoric.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.39.110 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7d8ec817f29aaee1a163f736b29df89635bbaa748e465ec55dba2f0eafb0258c

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Jun 2020 20:17:35 GMT
Last-Modified: Thu, 19 Apr 2018 11:36:35 GMT
Server: AmazonS3
x-amz-request-id: 18B4728EECBCD022
ETag: "e041bafe1cefa957c3e1da26a1658bce"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 5110
x-amz-id-2: G4KPmlpE8IEy9PokWTZpfeuH+IsBdxSmJM0YZ8L/UnAreVLzjQOtdxvHf6N3EO3kgTq4IoejGRM=

GET
H2 200 fonts
app.adoric-om.com/brand/ 516 B
712 B 359ms
123ms Stylesheet
text/css 52.44.102.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.adoric-om.com/brand/fonts?id=5abcadca6b8ada94004d4785

Requested by

Host: 62084356.adoric-om.com
URL: https://62084356.adoric-om.com/adoric.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.102.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-102-22.compute-1.amazonaws.com

Software

nginx /

Resource Hash

38fd1bfe0ec594b8a8e2f5f463c78398fb4c969f3f66d90ae3caea39deb68bf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"204-zXCVVdRqjfwVgxwqTdUdn1AxpwE"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials

GET
H/1.1 200
OK Chrome_Message_AMEX.gif
static.adoric.com/1570964556846_gdwmk1nian9/ 174 KB
175 KB 594ms
450ms Image
application/octet-stream 13.226.154.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adoric.com/1570964556846_gdwmk1nian9/Chrome_Message_AMEX.gif
Requested by: Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.154.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-154-38.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b9c84a9fa900f04d59f2d20ff2f707c9b263cef6fc28f6b18bdef5da054e914

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 24 Jun 2020 20:17:36 GMT
Via: 1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)
Last-Modified: Sun, 13 Oct 2019 11:02:42 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "18b6722644a705cd6b5171797ac180da"
x-amz-meta-cache-control: max-age=31536000
X-Cache: Miss from cloudfront
x-amz-version-id: ZAuDgz7UQDKhSLI7Sk5svqaGrohF1i6M
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/octet-stream
Content-Length: 178314
X-Amz-Cf-Id: b98yzmCop0Gv1aPVzC5BuOEvpLlbxsS9n2SnwQdEYMIjHHAjYHyR9g==

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=2121584520&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.expressfly.co.il%2Fpagelogin&ul=en-us&de=UTF-8&dt=Expressfly%20%D7%90%D7%9E%D7%A8%D7%99%D7%...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-136090027-2&cid=1987677745.1593029854&jid=569453292&_gid=1286569624.1593029854&gjid=1240660800&_v=j83&z=27339645

35 B
99 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-136090027-2&cid=1987677745.1593029854&jid=569453292&_gid=1286569624.1593029854&gjid=1240660800&_v=j83&z=27339645

Requested by

Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 24 Jun 2020 20:17:34 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 24 Jun 2020 20:17:34 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-136090027-2&cid=1987677745.1593029854&jid=569453292&_gid=1286569624.1593029854&gjid=1240660800&_v=j83&z=27339645
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
106 B 6ms
6ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&a=2121584520&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.expressfly.co.il%2Fpagelogin&ul=en-us&de=UTF-8&dt=Expressfly%20%D7%90%D7%9E%D7%A8%D7%99%D7%A7%D7%9F%20%D7%90%D7%A7%D7%A1%D7%A4%D7%A8%D7%A1%20%7C%20%D7%94%D7%9E%D7%A8%D7%AA%20%D7%A0%D7%A7%D7%95%D7%93%D7%95%D7%AA%20%D7%98%D7%99%D7%A1%D7%94%20%D7%91%D7%A9%D7%99%D7%AA%D7%95%D7%A3%20Smartair&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Adoric%20-%20News%20-%20Footer%20%20Copy%207%2F30%2F2019&ea=Visitor&el=Adoric%20-%20Variation%20%231&_u=aHDAAEALQ~&jid=&gjid=&cid=1987677745.1593029854&tid=UA-136090027-2&_gid=1286569624.1593029854&z=1164225755

Requested by

Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jun 2020 22:14:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1288966
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 showed Show response
app.adoric-om.com/v1/statistics/ 48 B
579 B 124ms
124ms XHR
application/json 52.44.102.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://app.adoric-om.com/v1/statistics/showed?lightboxId=5da304207f34cf00180a0310&campaignId=5da304207f34cf00180a0313&domainId=5d402f46897afb00105c31e4&planId=5abf9f3fb0073ab900148bb2&planType=freeMonthly&userId=5abcadca6b8ada94004d4785&newPeople=true&control=&clientId=kbtsued6suqq1x3ri6q&robotStatisticId=null&robotId=null&steps=

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.44.102.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-44-102-22.compute-1.amazonaws.com

Software

nginx /

Resource Hash

42082180abf9ab29a6b9c7055ee0f56e6f32267a69d3fb3f4482c2aa756369fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 20:17:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
status: 200
vary: Accept-Encoding
x-xss-protection: 1; mode=block
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"30-I5o9YqBwYM+hATM7wHHgatdwXu8"
x-download-options: noopen
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Credentials

GET
H2 200 collect
www.google-analytics.com/ 35 B
106 B 6ms
5ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j83&a=2121584520&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.expressfly.co.il%2Fpagelogin&ul=en-us&de=UTF-8&dt=Expressfly%20%D7%90%D7%9E%D7%A8%D7%99%D7%A7%D7%9F%20%D7%90%D7%A7%D7%A1%D7%A4%D7%A8%D7%A1%20%7C%20%D7%94%D7%9E%D7%A8%D7%AA%20%D7%A0%D7%A7%D7%95%D7%93%D7%95%D7%AA%20%D7%98%D7%99%D7%A1%D7%94%20%D7%91%D7%A9%D7%99%D7%AA%D7%95%D7%A3%20Smartair&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Adoric%20-%20AMEX_Chrome%20NEW&ea=Impression&el=Adoric%20-%20Variation%20%231&_u=aHDAAEALQ~&jid=&gjid=&cid=1987677745.1593029854&tid=UA-136090027-2&_gid=1286569624.1593029854&z=696387518

Requested by

Host: www.expressfly.co.il
URL: https://www.expressfly.co.il/pagelogin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jun 2020 22:14:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1288967
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel
bid.g.doubleclick.net/xbbe/ Frame 9162 0
0 105ms
39ms Document
text/html 74.125.206.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: bid.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=KAE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.expressfly.co.il/pagelogin
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.expressfly.co.il/pagelogin

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 24 Jun 2020 20:17:35 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUk7KmksQQH2mF9X3u-C9fYpBoPhhhcZCZ3Ztz6XNc9W7RFdUeu1Rc-wfCT0; expires=Fri, 24-Jun-2022 20:17:35 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 24 Jun 2020 20:17:35 GMT
cache-control: private

GET
H2 200 blink_green.png
d10lpsik1i8c69.cloudfront.net/graphics/ 1 KB
2 KB 30ms
29ms Image
image/png 13.226.156.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/blink_green.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-38.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 22:52:43 GMT
via: 1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jun 2020 13:53:21 GMT
server: AmazonS3
age: 77092
etag: "2e4ff7ec8bf18d247ee942621e0f9d65"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 1283
x-amz-cf-id: D2FYLB_1MkfPM5eK_ThEZ0aaRiFTJjg1A0fnd5TKOmNY9ntejqADFA==

GET
H2 200 logo-light.png
d10lpsik1i8c69.cloudfront.net/graphics/ 1 KB
1 KB 45ms
44ms Image
image/png 13.226.156.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/logo-light.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-38.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 22:52:44 GMT
via: 1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jun 2020 13:53:22 GMT
server: AmazonS3
age: 77093
etag: "35ce74c31e3ef54462a234340af702d7"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 1143
x-amz-cf-id: y8-_BvBdWqWvn--JhnP278RD9BiFwp4EznEwwdIcJ7qRmEcqg6WjLA==

GET
H2 200 sound-on-white.png
d10lpsik1i8c69.cloudfront.net/graphics/ 277 B
619 B 30ms
30ms Image
image/png 13.226.156.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d10lpsik1i8c69.cloudfront.net/graphics/sound-on-white.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-38.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 23 Jun 2020 23:03:31 GMT
via: 1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jun 2020 13:53:21 GMT
server: AmazonS3
age: 76445
etag: "76f1993de0fd323f67cece8d8e63bfa2"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 277
x-amz-cf-id: 2TPZGbRmKBG2TcHIGGUFcOXvlrnWHr3XVyY24WODQMg5oOXa8BL1xg==

GET
H2 200 reset.css
d10lpsik1i8c69.cloudfront.net/css/ 2 KB
1 KB 29ms
29ms Stylesheet
text/css 13.226.156.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d10lpsik1i8c69.cloudfront.net/css/reset.css
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=fdf89d8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.156.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-38.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245

Request headers

Referer: https://www.expressfly.co.il/pagelogin
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Jun 2020 13:53:32 GMT
content-encoding: gzip
last-modified: Thu, 11 Jun 2020 13:53:21 GMT
server: AmazonS3
age: 1146244
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: pQ9qaTkb1XqDEASrnwERkX4VvDgTYoqr07ufYKy9HOeXYrJjqnF98A==
via: 1.1 2395e6175733260a159a0b484ed8febd.cloudfront.net (CloudFront)

GET
BLOB 200
OK 84c1c7b8-814e-4ec9-8b72-ca455c157a5b
https://www.expressfly.co.il/ Frame 8D9A 0
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.expressfly.co.il/84c1c7b8-814e-4ec9-8b72-ca455c157a5b
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=fdf89d8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 0

GET
BLOB 200
OK a67affcf-dda9-454a-82be-d36176c9d450
https://www.expressfly.co.il/ Frame 8D9A 30 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.expressfly.co.il/a67affcf-dda9-454a-82be-d36176c9d450
Requested by: Host: d10lpsik1i8c69.cloudfront.net
URL: https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=fdf89d8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 83c9688107b373823973bcf48dd284bfbca6d5c23153b86bbd8512cec1404a3d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length: 31224

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.travelyo-local.com
URL: https://www.travelyo-local.com/error.js

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.expressfly.co.il/	1970-01-19 14:49:41	Name: __lotl Value: https%3A%2F%2Fwww.expressfly.co.il%2Fpagelogin
.expressfly.co.il/	1970-01-19 19:16:05	Name: _lo_v Value: 1
.expressfly.co.il/	1970-01-20 04:01:41	Name: _lo_uid Value: 220206-1593029854140-cbd9b2b8841818fb
www.expressfly.co.il/	1969-12-31 23:59:59	Name: adoric_popup Value: true
.expressfly.co.il/	1970-01-19 10:30:29	Name: _gat Value: 1
www.expressfly.co.il/	1970-01-19 10:30:35	Name: adoric_goals Value: %5B%225abcadca6b8ada94004d4785%22%5D
www.expressfly.co.il/	1970-01-20 04:01:41	Name: _pk_id.3234.ae57 Value: 1269e8c359f785fe.1593029855.1.1593029855.1593029855.
www.expressfly.co.il/	1970-01-19 10:30:35	Name: adoric_user Value: 1
.expressfly.co.il/	1970-01-19 10:30:29	Name: _gat_gtm Value: 1
www.expressfly.co.il/	1969-12-31 23:59:59	Name: adoric_uniq_day_id Value: 5ef3b4de598e5a001749318b
.expressfly.co.il/	1970-01-19 12:40:05	Name: _fbp Value: fb.2.1593029854277.636644637
www.expressfly.co.il/	1970-01-19 19:14:39	Name: uid Value: 5ef3b4de010b7
.expressfly.co.il/	1970-01-20 04:01:41	Name: _ga Value: GA1.3.1987677745.1593029854
www.expressfly.co.il/	1970-01-19 11:12:18	Name: device_view Value: full
.expressfly.co.il/	1970-01-19 10:30:30	Name: _lorid Value: 220206-1593029854140-7c342467031ef3f6
www.expressfly.co.il/	1970-01-19 10:30:31	Name: _pk_ses.3234.ae57 Value: *
.www.expressfly.co.il/	1970-01-19 10:31:56	Name: session_prod_expressfly_co_il Value: 5sb6k8hk5h59ltts1pk256l5a3
.expressfly.co.il/	1970-01-19 10:31:56	Name: _gid Value: GA1.3.1286569624.1593029854
.expressfly.co.il/	1970-01-19 12:40:05	Name: _gcl_au Value: 1.1.371751792.1593029854

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2) Message: %c[IND]%c You are running %cChrome%c browser, version: %c83 color: DarkRed; background: LightYellow; font-weight: bold; color: DarkGreen; background: LightYellow; color: Coral; background: LightYellow; font-weight: bold; color: DarkGreen; background: LightYellow; color: Coral; background: LightYellow; font-weight: bold;
console-api	log	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2) Message: %c[IND]%c version: %c1.0.2%c; $IND version: %c2.2.4 color: DarkRed; background: LightYellow; font-weight: bold; color: DarkGreen; background: LightYellow; color: Coral; background: LightYellow; font-weight: bold; color: DarkGreen; background: LightYellow; color: Coral; background: LightYellow; font-weight: bold;
console-api	debug	URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js(Line 2) Message: [bugsnag] Loaded!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

62084356.adoric-om.com
ajax.googleapis.com
app.adoric-om.com
bid.g.doubleclick.net
cdn.mouseflow.com
cdnjs.cloudflare.com
connect.facebook.net
d10lpsik1i8c69.cloudfront.net
d16tr0byigrcd.cloudfront.net
d22mqwd3ypwcpb.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
dyzyahse2i42m.cloudfront.net
googleads.g.doubleclick.net
js.nagich.co.il
raac33.net
s3.amazonaws.com
s3.eu-central-1.amazonaws.com
sessions.bugsnag.com
settings.luckyorange.net
smartair-image.travelyo-cdn.site
static.adoric.com
stats.g.doubleclick.net
www.expressfly.co.il
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.travelyo-local.com
www.travelyo-local.com
104.26.11.16
13.226.154.38
13.226.156.38
143.204.101.121
143.204.94.117
216.58.212.130
23.111.9.38
2600:1901:0:7a0b::
2600:9000:20eb:9800:12:57c7:c780:93a1
2600:9000:2182:4600:1d:49ee:1b40:93a1
2600:9000:2182:8200:15:d3fe:53c0:93a1
2606:4700:20::681a:214
2606:4700::6810:84e5
2a00:1450:4001:801::2002
2a00:1450:4001:802::2008
2a00:1450:4001:802::200e
2a00:1450:4001:809::2003
2a00:1450:4001:81a::2004
2a00:1450:4001:81c::2003
2a00:1450:4001:825::200a
2a00:1450:400c:c04::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.198.66.178
35.157.62.102
52.217.39.110
52.219.72.72
52.44.102.22
74.125.206.155
010d81e907beaec1b9078a7d8f8384b94e1195fc4cac6cab0433ce27ed172773
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06fbfb0c3fa7fa070b415113c4fe3bb69a55b814bc3935208c9b624a502e7701
0a0551a52e2be30b1992da4142ffe9b3918525e1c5cac4c9340e1267fa5e84d4
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12690d668e4bd1f36aed0579305ab0288e49439792d5ea0b9030c9dce97693e4
12ea1aa1beb84ff4ba2dd9ed7614844ec5c02812dfc1fdd5c68f513befc3d24d
1457d2b2119fa338dd6a007349c69d07ab35d1ef98cf9c04a50c867a86724fa7
15c140c10c008dfd72d762465ef1bc6d6691af399c380217fd56d0e05c86a7fd
1ee0f0ea49f57fdeb7857f9fa204849a838e34b46187c8348bfbc00271b71835
272dd88b63d0e2b6163a8c4927bd3b235183025387c0c0f6554f503ae3ad6866
29bef4cd3a952c74276f9ee1218113436bad72a7b910eebeea767ef59a19fc8d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
367e6138a65234c66d9ac28dee8f8450d387b54c26d087c3b7e126afa79d7990
38fd1bfe0ec594b8a8e2f5f463c78398fb4c969f3f66d90ae3caea39deb68bf3
3f14ff0f57b27f1e0459c59a78e0a7fd1fad98f564db51661098075063ce9696
401f533697cfb484598d2da76b5f4708bbca985a1fab42dbcfaa0741374d3245
41b748d9b8699821b42cd77209b18546e968afa4d19ef72893976e9bafdb9743
42082180abf9ab29a6b9c7055ee0f56e6f32267a69d3fb3f4482c2aa756369fb
423d4226e128f8a63317999bcc48fd391e24c3cba1828c039d88b5e25afa3b95
442db94f47e657604fde817ff431f353d5ae4994e08a59496ce8fed479362119
473992dee2aa9acf4e9a2e47ff709e28dc81a15f840bed2126eec423c52ff1d8
48319b8fc3f8116efd14ba55509e26e8f3a8331bd3346c3c311d586a3a52a849
4b9c84a9fa900f04d59f2d20ff2f707c9b263cef6fc28f6b18bdef5da054e914
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61
4f0851c05ce3383d4a5571622c078e14ebc6c23bbfe217cd06ea377220c34e50
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5e4297c949441da67f8dc65d7b79e3848f000de28df06504e4f35da8b485eddc
61edee0f11a8ecf58fcd14f1b5339be279b7c45f31603dd7e2411dcb4b2a2925
6270ca6532d17e3a996f0fecdec424d482e6b36e104a60a533c465b53434fa28
644733ed63d02291193cd419d5390d0bf1213cb510e0209936eed4abe61b4e73
6a267c8611069e58d55f84aac4a973f9a573c852f1af53679af0865c0fc518df
6e5af01309dc04d343834de16dc1f427f647f8cb3196c7f1ab9fb826fc26cf3e
6f5f56de5c3ab9abf5b7c473cbd3488024351a66bc1f5629aa344bfab599868d
73b1f239e8ccd5014651ddbbb607c18d5eba19f7a71219a0d552df7926cc2726
73d764e56e8727bfd3de86dbe1c52f5105b4d6d0c41dbf91565e719e7cd74aed
7b6f5b1b66d6d17e6d442d76efb0b486080a8228ad6b5071486ebccafa5eda00
7c085c7486d2e28dccf0a8cf5512ad8a4b4f458c8f4a1b2bc7638b26081b965f
7d8ec817f29aaee1a163f736b29df89635bbaa748e465ec55dba2f0eafb0258c
80fee9995fe9bac4db522886cf5f49f9fc3b0484fc39841b1cba2cc38514b3b5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83c9688107b373823973bcf48dd284bfbca6d5c23153b86bbd8512cec1404a3d
8602ba8d9aa2374e24b0252993ca496d5cb8cc4089007c29e3aa005d48be28c9
8c34bc7bc1985e63394c3c2afff88cdcfc06e501320432dd23eaff83ea6754eb
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
92b36b46ebc3925bcb7fac21f3b3b1e8c0a6b7e0e2af44ae8cbd67f3ecef2a14
9746bbc8be1eacd912bb90f2226b3f9141b15938f7b0281825c74999c0040c9b
a4ae13c4f1ed90f380272217c5f2612e51e3902467dc6e537bb3d1bc25b6aa0d
a56d3d026e8a0540b5f9c249040132ceddec21390650e9ac7dc2a4be6c0e477b
a6627c943836976a00d2a7d04cc098b66c84db4034b5f433ec5462c7a50fff61
acf31f46bf2c7e3628a51fcb55cdb7073a9ddce529425a8e7fe4c7215ac83177
ad2724f05fe24f435769cdd3bd3e0a85ef1b82f1beb4c051a7fa875b98887a45
afcd0a001bc5519b8ba24710d014dd7150d7838ceab0aa97f9342e959ab7b821
b02f6fed78a9fd2939fd2c1cf933425fefcf67cb60a4dee9dd6be805ad519d4c
b06a7cba9d53741631d1e1d5cc42c7fbfe3dbd97dfc7e3e96391b04b64f37e63
b531f5aa7c3e534676d2601364efb7fed756fb109123311bf1a8cba1cfe49673
b5957045d099ef5f210636d1c7c0edf51937746034d9c363bdb2e00a0ef73c1b
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8
bbd82d81a1f9c995726726118ef9db2ec6485b0858011301fb73fd710977f86c
bd391f52f36106dca28c43cd9867130d6d69e27841bbe74298a315d37b717e0f
c1533bc39e2dd8ede3893909d6f42760e0598d075951447afe88158e57b0961a
c41d8c2f93e9394b2fa0b4260cf5e5dd1e0d3bb84fdf64093a4aa22527d7c733
c9dde74836f2588b40e1fb6c53323d7cc00fe9157a5651a26c5c4f2678980324
d211f5626458eb85c9f3ec22921a9952644514432b69a2c6c89210eee03f03d0
d6dbbe261c9b65dd743d3523b761f1b9a514dfddb3c86aa64cbe81bd93383bd5
da0c1bc51d4ebfa2570f3e7546d9d3ccfb3f9d3c1199b1ca49869510aa79392a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efae8a06e2c2688ba0844bf43025c26e2b49b781674d6a7cd0d63c27493620b6
f1e12d95c04b8efa1b5be1f3ecb6eb81ae23b7213ba2064d31b134fde40026dc
f2dea0446240578c21fabfaebe5642762c3afa556d1cec965abb43555c26d40d
f80022ea56e2fa7af2d5a5bfbe54b585646d442135c4fe86f9f43a6c3b010034
f943eacfc483576eb7ca68a1fc5a4251614669e60ff2de262c16a2fd5ca9ce12
fb7e82e38f222cf3a530ed8ebe4ebafb65e7e14ca135cf9bd8eb33f843f3a86d
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
fd1b6e6facb6ad1746b148d5c02504c3991bec6ede85a27a8e95658fe1970b4d
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

www.expressfly.co.il Open in urlscan Pro 35.157.62.102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

86 Requests

97 %HTTPS

55 %IPv6

23 Domains

31 Subdomains

30 IPs

4 Countries

2013 kBTransfer

4144 kBSize

19 Cookies

10 Outgoing links

Page URL History

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.expressfly.co.il Open in urlscan Pro
35.157.62.102 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

97 %
HTTPS

55 %
IPv6

23
Domains

31
Subdomains

30
IPs

4
Countries

2013 kB
Transfer

4144 kB
Size

19
Cookies

86 HTTP transactions
0 data transactions