www.fm1.co.il Open in urlscan Pro
80.179.18.21 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.fm1.co.il/
Submission: On June 28 via manual (June 28th 2022, 9:05:22 am UTC) from IL — Scanned from DE

Summary HTTP 72 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 5 countries across 16 domains to perform 72 HTTP transactions. The main IP is 80.179.18.21, located in Gan Yavne, Israel and belongs to PARTNER-AS, IL. The main domain is www.fm1.co.il.

This is the only time www.fm1.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	80.179.18.21 80.179.18.21	12400 (PARTNER-AS) (PARTNER-AS)
12	2606:4700::68... 2606:4700::6812:e234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
8	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	78.47.197.57 78.47.197.57	24940 (HETZNER-AS) (HETZNER-AS)
6	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:dc60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
72	19

22 80.179.18.21 (Gan Yavne, Israel)

ASN12400 (PARTNER-AS, IL)
PTR: 80.179.18.21.static.012.net.il

www.fm1.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fm1coil.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.47.197.57 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: mdblog.mdsrl.it

tailo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:dc60 (United States)

ASN13335 (CLOUDFLARENET, US)

fm1coil.os.tc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	fm1.co.il www.fm1.co.il	293 KB
15	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	232 KB
12	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3211 onesignal.com — Cisco Umbrella Rank: 1162 fm1coil.onesignal.com	229 KB
7	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 119	26 KB
4	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 8 adservice.google.com — Cisco Umbrella Rank: 92	2 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	42 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5448 adservice.google.de — Cisco Umbrella Rank: 7751	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	23 B
2	google-analytics.com 1 redirects www.google-analytics.com — Cisco Umbrella Rank: 49	17 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	86 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	43 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 867	642 B
1	os.tc fm1coil.os.tc	800 B
1	tailo.com tailo.com
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 630	82 KB
72	16

	Domain	Requested by
22	www.fm1.co.il	www.fm1.co.il
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	pagead2.googlesyndication.com	www.fm1.co.il pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	cdn.onesignal.com	www.fm1.co.il cdn.onesignal.com fm1coil.os.tc fm1coil.onesignal.com
5	onesignal.com	cdn.onesignal.com
3	www.google.com	2 redirects tpc.googlesyndication.com
2	www.facebook.com	connect.facebook.net
2	www.google-analytics.com	1 redirects www.fm1.co.il
2	connect.facebook.net	www.fm1.co.il connect.facebook.net
1	fonts.gstatic.com	fonts.googleapis.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	fm1coil.onesignal.com	cdn.onesignal.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.google.de	www.fm1.co.il
1	stats.g.doubleclick.net	1 redirects
1	fm1coil.os.tc	cdn.onesignal.com
1	tailo.com	www.fm1.co.il
1	code.jquery.com	www.fm1.co.il
72	23

This site contains links to these domains. Also see Links.

Domain
www.acum.org.il

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-06` - `2022-07-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 10 frames:

Primary Page: http://www.fm1.co.il/
Frame ID: A9A3C872E981286DB697A2B28005EED0
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220623/r20190131/zrt_lookup.html
Frame ID: 65E85BC1050589EEFE771913EEF9144B
Requests: 1 HTTP requests in this frame

Frame: https://fm1coil.os.tc/webPushIframe
Frame ID: 16B76D924F8EFC1EE8A7DBE1C1505680
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3642046533900868&output=html&h=90&slotname=7982552697&adk=2126893257&adf=1985419241&pi=t.ma~as.7982552697&w=728&lmt=1656407118&psa=0&format=728x90&url=http%3A%2F%2Fwww.fm1.co.il%2F&wgl=1&dt=1656407117965&bpp=3&bdt=232&idt=124&shv=r20220623&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&correlator=1865593000093&frm=20&pv=2&ga_vid=936155532.1656407118&ga_sid=1656407118&ga_hid=52479946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066434%2C42531606%2C31064018&oid=2&pvsid=1759845789579246&tmod=1909911466&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=VaNUW1Vw77&p=http%3A//www.fm1.co.il&dtd=139
Frame ID: 20EE2446823DBF321008C729AA2150A7
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3642046533900868&output=html&adk=1812271804&adf=3025194257&lmt=1656407118&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.fm1.co.il%2F&ea=0&pra=7&wgl=1&dt=1656407117998&bpp=1&bdt=265&idt=114&shv=r20220623&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=1865593000093&frm=20&pv=1&ga_vid=936155532.1656407118&ga_sid=1656407118&ga_hid=52479946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066434%2C42531606%2C31064018&oid=2&pvsid=1759845789579246&tmod=1909911466&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=119
Frame ID: 5ED14662537A388B0957F459C224F450
Requests: 1 HTTP requests in this frame

Frame: https://fm1coil.onesignal.com/webPushIframe
Frame ID: 21AEDEDC8EA8081045520AC83C82FAF9
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FDF433957F2BBAC29B77163AE0C76B13
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=113814722048122&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2af815c368a89c%26domain%3Dwww.fm1.co.il%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.fm1.co.il%252Ff21096abfc327b8%26relation%3Dparent.parent&container_width=0&font=&href=http%3A%2F%2Fwww.fm1.co.il%2F&layout=box_count&locale=de_DE&sdk=joey&send=false&show_faces=false
Frame ID: 17D3585387B62C55C9165319C9D6A194
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9C233688EB1FAF5DBF0D19933B6F37CE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D8DBB29A6B73B9855FD65282AE553411
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

רדיו fm1 - תחנות רדיו בשידור חי באינטרנט

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

72
Requests

61 %
HTTPS

84 %
IPv6

16
Domains

23
Subdomains

19
IPs

5
Countries

1055 kB
Transfer

2812 kB
Size

8
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.acum.org.il/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

http://connect.facebook.net/en_US/all.js HTTP 307
https://connect.facebook.net/en_US/all.js

Request Chain 29

http://www.google-analytics.com/ga.js HTTP 307
https://www.google-analytics.com/ga.js

Request Chain 33

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1105325911&utmhn=www.fm1.co.il&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D7%A8%D7%93%D7%99%D7%95%20fm1%20-%20%D7%AA%D7%97%D7%A0%D7%95%D7%AA%20%D7%A8%D7%93%D7%99%D7%95%20%D7%91%D7%A9%D7%99%D7%93%D7%95%D7%A8%20%D7%97%D7%99%20%D7%91%D7%90%D7%99%D7%A0%D7%98%D7%A8%D7%A0%D7%98&utmhid=52479946&utmr=-&utmp=%2F&utmht=1656407118067&utmac=UA-41398856-1&utmcc=__utma%3D41083445.936155532.1656407118.1656407118.1656407118.1%3B%2B__utmz%3D41083445.1656407118.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1769063074&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1105325911&utmhn=www.fm1.co.il&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D7%A8%D7%93%D7%99%D7%95%20fm1%20-%20%D7%AA%D7%97%D7%A0%D7%95%D7%AA%20%D7%A8%D7%93%D7%99%D7%95%20%D7%91%D7%A9%D7%99%D7%93%D7%95%D7%A8%20%D7%97%D7%99%20%D7%91%D7%90%D7%99%D7%A0%D7%98%D7%A8%D7%A0%D7%98&utmhid=52479946&utmr=-&utmp=%2F&utmht=1656407118067&utmac=UA-41398856-1&utmcc=__utma%3D41083445.936155532.1656407118.1656407118.1656407118.1%3B%2B__utmz%3D41083445.1656407118.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1769063074&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-41398856-1&cid=936155532.1656407118&jid=1769063074&_v=5.7.2&z=1105325911 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41398856-1&cid=936155532.1656407118&jid=1769063074&_v=5.7.2&z=1105325911 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41398856-1&cid=936155532.1656407118&jid=1769063074&_v=5.7.2&z=1105325911&slf_rd=1&random=2786459459

Request Chain 61

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

72 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
www.fm1.co.il/ 22 KB
6 KB 177ms
91ms Document
text/html 80.179.18.21
PARTNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fm1.co.il/
Protocol: HTTP/1.1
Server: 80.179.18.21 Gan Yavne, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: 80.179.18.21.static.012.net.il
Software: nginx /
Resource Hash: 02b55eea694cb406207d04af2d76ae47f70909e3af324c087a75848576afa3ba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5850
Content-Type: text/html
Date: Tue, 28 Jun 2022 09:05:17 GMT
Server: nginx
Vary: Accept-Encoding,User-Agent

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 51ms
16ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 722542861b58bb8b-FRA
date: Tue, 28 Jun 2022 09:05:17 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1170
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 01 Jul 2022 09:05:17 GMT

GET
H/1.1 200
OK style.css
www.fm1.co.il/css/ 7 KB
2 KB 109ms
109ms Stylesheet
text/css 80.179.18.21
PARTNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fm1.co.il/css/style.css
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/
Protocol: HTTP/1.1
Server: 80.179.18.21 Gan Yavne, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: 80.179.18.21.static.012.net.il
Software: nginx /
Resource Hash: 6555af20e90d9f3089cc3f64e28b976466ce46210fe4b90615c31aa437aa020a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 09:05:17 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Dec 2014 17:13:32 GMT
Server: nginx
ETag: W/"549af43c-1c97"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 29 Jun 2022 09:05:17 GMT

GET
H/1.1 200
OK jquery-latest.js Show response
code.jquery.com/ 276 KB
82 KB 15ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery-latest.js
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/
Protocol: HTTP/1.1
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 09:05:17 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT
Server: nginx
ETag: W/"28feccc0-4508e"
Vary: Accept-Encoding
X-HW: 1656407117.dop136.fr8.t,1656407117.cds214.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 83875

GET
H/1.1 200
OK style.css
www.fm1.co.il/firstline/ 792 B
691 B 182ms
70ms Stylesheet
text/css 80.179.18.21
PARTNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fm1.co.il/firstline/style.css
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/
Protocol: HTTP/1.1
Server: 80.179.18.21 Gan Yavne, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: 80.179.18.21.static.012.net.il
Software: nginx /
Resource Hash: 63623d689dd6bffd5ca8240057be3afb24c86be0771bced5eea2541bcbe12060

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 09:05:17 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Jul 2014 12:11:23 GMT
Server: nginx
ETag: W/"53bbdfeb-318"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=86400
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 29 Jun 2022 09:05:17 GMT

GET
H/1.1 200
OK checktbhomepage.js Show response
www.fm1.co.il/js/ 518 B
622 B 203ms
91ms Script
application/javascript 80.179.18.21
PARTNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.fm1.co.il/js/checktbhomepage.js
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/
Protocol: HTTP/1.1
Server: 80.179.18.21 Gan Yavne, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: 80.179.18.21.static.012.net.il
Software: nginx /
Resource Hash: 6b9b3f1783ca81b660f35ee6ebf818099d2d9e6ea1522370235507a743b28a2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 09:05:17 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Feb 2021 16:17:16 GMT
Server: nginx
ETag: W/"6021640c-206"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 05 Jul 2022 09:05:17 GMT

GET
H/1.1 200
OK download.png
www.fm1.co.il/firstline/ 1 KB
2 KB 159ms
74ms Image
image/png 80.179.18.21
PARTNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fm1.co.il/firstline/download.png
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/
Protocol: HTTP/1.1
Server: 80.179.18.21 Gan Yavne, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: 80.179.18.21.static.012.net.il
Software: nginx /
Resource Hash: 68daf32a0e2d0ca41dcb7c69d68b18f7ea8b64859598db6fa597abe3750c0b0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 09:05:17 GMT
Last-Modified: Tue, 08 Jul 2014 12:11:23 GMT
Server: nginx
ETag: "53bbdfeb-555"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1365
Expires: Thu, 28 Jul 2022 09:05:17 GMT

GET
H/1.1 200
OK close.png
www.fm1.co.il/firstline/ 820 B
1 KB 161ms
76ms Image
image/png 80.179.18.21
PARTNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fm1.co.il/firstline/close.png
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/
Protocol: HTTP/1.1
Server: 80.179.18.21 Gan Yavne, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: 80.179.18.21.static.012.net.il
Software: nginx /
Resource Hash: a0c254205b11abf9cdc8272d94eafbee63fa35647fe7c909bb5436897ddb3831

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 09:05:17 GMT
Last-Modified: Tue, 08 Jul 2014 12:11:23 GMT
Server: nginx
ETag: "53bbdfeb-334"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 820
Expires: Thu, 28 Jul 2022 09:05:17 GMT

GET
H2

200

all.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/all.js
https://connect.facebook.net/en_US/all.js

3 KB
2 KB

85ms
8ms

Script
application/x-javascript

2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.fm1.co.il
URL: http://www.fm1.co.il/

Protocol

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0f21843e26b5a8c500ee7e8574a1545e31e4352ec5e687399843c687f7678d94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: jhnF3Uj6P+c1/gs6ytzKdQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: Hf9sAvHf1t4q0aksJOg9xXlBxCPT6eqZlkJIMinI9dKh3G7KdsDIJTAK5AISkc3efo4H68a5XEHDcBBbBjkO8Q==
x-fb-trip-id: 917726464
x-fb-content-md5: 0f2e6778d8c78aa5704f7186d6b8fdc4
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 28 Jun 2022 09:05:17 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "efde9b767ff58c8cf65458ba44d7a393"
timing-allow-origin: *
expires: Tue, 28 Jun 2022 09:15:57 GMT

Redirect headers

Location: https://connect.facebook.net/en_US/all.js#appId=113814722048122&xfbml=1
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK logo.jpg
www.fm1.co.il/images/ 8 KB
8 KB 161ms
78ms Image
image/jpeg 80.179.18.21
PARTNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fm1.co.il/images/logo.jpg
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/
Protocol: HTTP/1.1
Server: 80.179.18.21 Gan Yavne, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: 80.179.18.21.static.012.net.il
Software: nginx /
Resource Hash: 5cdda928756083c85bc02296b17c024245aeb8013896d0a3fdfd3a5471b12fe3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 09:05:17 GMT
Last-Modified: Tue, 08 Jul 2014 12:11:28 GMT
Server: nginx
ETag: "53bbdff0-1f08"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7944
Expires: Thu, 28 Jul 2022 09:05:17 GMT

GET
H/1.1 200
OK glgltz.png
www.fm1.co.il/images/stations/ 36 KB
36 KB 82ms
81ms Image
image/png 80.179.18.21
PARTNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fm1.co.il/images/stations/glgltz.png
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/
Protocol: HTTP/1.1
Server: 80.179.18.21 Gan Yavne, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: 80.179.18.21.static.012.net.il
Software: nginx /
Resource Hash: eb2ea477b6cf4bc6e0a044b4c61e8fe07177823993dda48b93d5ba6646d68778

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 09:05:17 GMT
Last-Modified: Thu, 18 Dec 2014 12:17:39 GMT
Server: nginx
ETag: "5492c5e3-8e7e"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36478
Expires: Thu, 28 Jul 2022 09:05:17 GMT

GET
H/1.1 200
OK glz.png
www.fm1.co.il/images/stations/ 22 KB
22 KB 74ms
74ms Image
image/png 80.179.18.21
PARTNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fm1.co.il/images/stations/glz.png
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/
Protocol: HTTP/1.1
Server: 80.179.18.21 Gan Yavne, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: 80.179.18.21.static.012.net.il
Software: nginx /
Resource Hash: 40fc1c29f0fb4875ce0486658bf7164dfad898ad2e67cae844049fd028144ce9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 09:05:17 GMT
Last-Modified: Thu, 18 Dec 2014 12:17:40 GMT
Server: nginx
ETag: "5492c5e4-5834"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22580
Expires: Thu, 28 Jul 2022 09:05:17 GMT

GET
H/1.1 200
OK kan-bet.png
www.fm1.co.il/images/stations/ 12 KB
13 KB 73ms
73ms Image
image/png 80.179.18.21
PARTNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fm1.co.il/images/stations/kan-bet.png
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/
Protocol: HTTP/1.1
Server: 80.179.18.21 Gan Yavne, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: 80.179.18.21.static.012.net.il
Software: nginx /
Resource Hash: 20ce127ff3263f9fdf048d5b92a79c0af49c1da0664371e1672dc14217e38507

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 09:05:17 GMT
Last-Modified: Thu, 18 May 2017 06:15:03 GMT
Server: nginx
ETag: "591d3be7-312d"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12589
Expires: Thu, 28 Jul 2022 09:05:17 GMT

GET
H/1.1 200
OK kan-gimmel.png
www.fm1.co.il/images/stations/ 10 KB
11 KB 76ms
76ms Image
image/png 80.179.18.21
PARTNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fm1.co.il/images/stations/kan-gimmel.png
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/
Protocol: HTTP/1.1
Server: 80.179.18.21 Gan Yavne, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: 80.179.18.21.static.012.net.il
Software: nginx /
Resource Hash: db6bb7592ef5cec11f03e3fdcb1c2cf0a9c231afa52c20a92ff454908374c430

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 09:05:17 GMT
Last-Modified: Thu, 18 May 2017 06:15:02 GMT
Server: nginx
ETag: "591d3be6-28f3"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10483
Expires: Thu, 28 Jul 2022 09:05:17 GMT

GET
H/1.1 200
OK kan-88.png
www.fm1.co.il/images/stations/ 39 KB
40 KB 76ms
76ms Image
image/png 80.179.18.21
PARTNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fm1.co.il/images/stations/kan-88.png
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/
Protocol: HTTP/1.1
Server: 80.179.18.21 Gan Yavne, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: 80.179.18.21.static.012.net.il
Software: nginx /
Resource Hash: d363a3495986b0801e1843c3b70738395e7dd3b56e9ead94d629eba0c1ba8e15

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 09:05:17 GMT
Last-Modified: Thu, 18 May 2017 06:15:02 GMT
Server: nginx
ETag: "591d3be6-9db3"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40371
Expires: Thu, 28 Jul 2022 09:05:17 GMT

GET
H/1.1 200
OK galey-israel.png
www.fm1.co.il/images/stations/ 26 KB
26 KB 87ms
87ms Image
image/png 80.179.18.21
PARTNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fm1.co.il/images/stations/galey-israel.png
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/
Protocol: HTTP/1.1
Server: 80.179.18.21 Gan Yavne, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: 80.179.18.21.static.012.net.il
Software: nginx /
Resource Hash: bd765d42a061013f0b703ab5e7dfe65e1ed300d7d8ab8b70b89f196208ac55af

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 09:05:17 GMT
Last-Modified: Tue, 09 Mar 2021 09:07:33 GMT
Server: nginx
ETag: "60473ad5-67e7"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26599
Expires: Thu, 28 Jul 2022 09:05:17 GMT

GET
H/1.1 200
OK eco99fm.png
www.fm1.co.il/images/stations/ 9 KB
10 KB 178ms
68ms Image
image/png 80.179.18.21
PARTNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fm1.co.il/images/stations/eco99fm.png
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/
Protocol: HTTP/1.1
Server: 80.179.18.21 Gan Yavne, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: 80.179.18.21.static.012.net.il
Software: nginx /
Resource Hash: 2813b4f24b9898e0d1b6c67b18c5e37af5c0912da5d82dbae4d676cead0ede3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 09:05:18 GMT
Last-Modified: Sun, 08 Jul 2018 12:53:48 GMT
Server: nginx
ETag: "5b42095c-2593"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9619
Expires: Thu, 28 Jul 2022 09:05:18 GMT

GET
H/1.1 200
OK 100fm.png
www.fm1.co.il/images/stations/ 24 KB
24 KB 191ms
73ms Image
image/png 80.179.18.21
PARTNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fm1.co.il/images/stations/100fm.png
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/
Protocol: HTTP/1.1
Server: 80.179.18.21 Gan Yavne, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: 80.179.18.21.static.012.net.il
Software: nginx /
Resource Hash: 4b7345efa0fc43f99a89bd479a44b99377967c7bd73a1fe67b1f0b3e5cc25d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 09:05:18 GMT
Last-Modified: Thu, 18 Dec 2014 12:17:41 GMT
Server: nginx
ETag: "5492c5e5-5f37"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24375
Expires: Thu, 28 Jul 2022 09:05:18 GMT

GET
H/1.1 200
OK 102fm.png
www.fm1.co.il/images/stations/ 19 KB
19 KB 140ms
81ms Image
image/png 80.179.18.21
PARTNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fm1.co.il/images/stations/102fm.png
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/
Protocol: HTTP/1.1
Server: 80.179.18.21 Gan Yavne, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: 80.179.18.21.static.012.net.il
Software: nginx /
Resource Hash: 2a0454920ce395eb20659cd95559d547f39bbf84136d1324d9abd54ae22c3e66

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 09:05:18 GMT
Last-Modified: Thu, 21 Jan 2016 15:50:12 GMT
Server: nginx
ETag: "56a0fe34-4bbb"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19387
Expires: Thu, 28 Jul 2022 09:05:18 GMT

GET
H/1.1 200
OK 103fm.png
www.fm1.co.il/images/stations/ 31 KB
31 KB 202ms
75ms Image
image/png 80.179.18.21
PARTNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fm1.co.il/images/stations/103fm.png
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/
Protocol: HTTP/1.1
Server: 80.179.18.21 Gan Yavne, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: 80.179.18.21.static.012.net.il
Software: nginx /
Resource Hash: 50ca25581e8857002dfa7743727b6fa883a5c35938275ce85331a4a2e1532f64

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 09:05:18 GMT
Last-Modified: Thu, 18 Dec 2014 12:17:41 GMT
Server: nginx
ETag: "5492c5e5-7a31"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31281
Expires: Thu, 28 Jul 2022 09:05:18 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
56 KB 79ms
61ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.fm1.co.il
URL: http://www.fm1.co.il/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c40a413823da643cfe2c0d34364b71b8464db42d3ef575aca88dae1ff89a33a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 28 Jun 2022 09:05:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 2311962852819133863
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 56390
X-XSS-Protection: 0
Expires: Tue, 28 Jun 2022 09:05:17 GMT

GET
H/1.1 200
OK acum.png
www.fm1.co.il/images/ 4 KB
4 KB 76ms
75ms Image
image/png 80.179.18.21
PARTNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fm1.co.il/images/acum.png
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/
Protocol: HTTP/1.1
Server: 80.179.18.21 Gan Yavne, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: 80.179.18.21.static.012.net.il
Software: nginx /
Resource Hash: cf45cb87de1719aed344d3d114f8da6379fa444fa7e028bc0f56b2412541ecc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 09:05:18 GMT
Last-Modified: Tue, 08 Jul 2014 12:11:25 GMT
Server: nginx
ETag: "53bbdfed-f09"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3849
Expires: Thu, 28 Jul 2022 09:05:18 GMT

GET
H/1.1 404
Not Found 7
tailo.com/smrtpx/ 0
0 92ms
12ms Script
text/html 78.47.197.57
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://tailo.com/smrtpx/7
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/
Protocol: HTTP/1.1
Server: 78.47.197.57 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: mdblog.mdsrl.it
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 20ms
20ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 722542869c1fbb8b-FRA
date: Tue, 28 Jun 2022 09:05:17 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1720
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 01 Jul 2022 09:05:17 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/c0c11443-6a8e-47a1-b125-9eca514cfda6/ 3 KB
2 KB 26ms
17ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/c0c11443-6a8e-47a1-b125-9eca514cfda6/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fe611247dff2908308668936fd28c7470cbdbecd1411834ab63fd69444b091b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 09:05:17 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 135
cf-polished: origSize=3042
status: 200 OK
x-envoy-upstream-service-time: 26
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: a032d886-b881-4480-8749-7de86d03c985
x-runtime: 0.024766
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"010c9fdc07ef63d40d11eebc019f26e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 72254286ecbabb8b-FRA
access-control-allow-headers: SDK-Version
expires: Tue, 28 Jun 2022 10:05:17 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 296 KB
84 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=9ba908c04612b1586b6fd4f356644e30

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7b3498afa00dd800ce25101d9f57a4f0dd13d3152efae614094f71e7469f42d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://www.fm1.co.il/
Origin: http://www.fm1.co.il
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: gZ53o4G+XNzLgKR9h8S1HA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 85849
x-fb-rlafr: 0
x-fb-debug: iqheG8FTHndwcDOTIlcLSNIwFhDYgH24tc3XTHUz7EGN8DpTrHXAdQS9e57D54Zt4CdRTOGxxUGQx8htmXwUZA==
x-fb-content-md5: 19a22650ada4663f4f297f1b1f053f44
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 28 Jun 2022 09:05:17 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "3b4809acde363d82fb4c8abd314dc1b3"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 28 Jun 2023 07:24:44 GMT

GET
H/1.1 200
OK Header_bg.jpg
www.fm1.co.il/images/ 13 KB
13 KB 118ms
73ms Image
image/jpeg 80.179.18.21
PARTNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fm1.co.il/images/Header_bg.jpg
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/css/style.css
Protocol: HTTP/1.1
Server: 80.179.18.21 Gan Yavne, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: 80.179.18.21.static.012.net.il
Software: nginx /
Resource Hash: 622a6409f1acf77144b731f087165bfd5d77ea6602ebe441a9e34e44e5f4f2b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 09:05:18 GMT
Last-Modified: Tue, 08 Jul 2014 12:11:28 GMT
Server: nginx
ETag: "53bbdff0-3275"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12917
Expires: Thu, 28 Jul 2022 09:05:18 GMT

GET
H/1.1 200
OK blue_arrow.jpg
www.fm1.co.il/images/ 462 B
766 B 127ms
76ms Image
image/jpeg 80.179.18.21
PARTNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fm1.co.il/images/blue_arrow.jpg
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/css/style.css
Protocol: HTTP/1.1
Server: 80.179.18.21 Gan Yavne, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: 80.179.18.21.static.012.net.il
Software: nginx /
Resource Hash: 3e933ebe1521fdf5275717cae27ad216df687e0ea804ad37407fa30819e226e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 09:05:18 GMT
Last-Modified: Tue, 08 Jul 2014 12:11:25 GMT
Server: nginx
ETag: "53bbdfed-1ce"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 462
Expires: Thu, 28 Jul 2022 09:05:18 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/ 339 KB
120 KB 78ms
43ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3642046533900868&plah=www.fm1.co.il

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37b8a889b1fbcad40e08f8f77c9e8d4d98c6962105d973e99afeb2cfda916b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 09:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122440
x-xss-protection: 0
server: cafe
etag: 1665381133887239711
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 09:05:18 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220623/r20190131/ Frame 65E8 10 KB
5 KB 49ms
13ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220623/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.fm1.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 37273
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Jun 2022 22:44:05 GMT
etag: 10429905676100781186
expires: Mon, 11 Jul 2022 22:44:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

ga.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/ga.js
https://www.google-analytics.com/ga.js

45 KB
17 KB

50ms
14ms

Script
text/javascript

2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: www.fm1.co.il
URL: http://www.fm1.co.il/

Protocol

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 2432
date: Tue, 28 Jun 2022 08:24:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 28 Jun 2022 10:24:46 GMT

Redirect headers

Location: https://www.google-analytics.com/ga.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 webPushIframe Show response
fm1coil.os.tc/ Frame 16B7 489 B
800 B 347ms
15ms Document
text/html 2606:4700::6810:dc60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fm1coil.os.tc/webPushIframe

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:dc60 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fae22233dbba744c8e59fab3970a749e2f653ae5b824539964d278b4cee9791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.fm1.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 685
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7225428989289951-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 28 Jun 2022 09:05:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Tue, 28 Jun 2022 10:05:18 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
status: 200 OK
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-envoy-upstream-service-time: 15
x-permitted-cross-domain-policies: none
x-request-id: 157d74ea-a996-4a52-98e8-ef4414461be5
x-runtime: 0.013945
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK footer_logo.jpg
www.fm1.co.il/images/ 2 KB
3 KB 153ms
152ms Image
image/jpeg 80.179.18.21
PARTNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fm1.co.il/images/footer_logo.jpg
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/css/style.css
Protocol: HTTP/1.1
Server: 80.179.18.21 Gan Yavne, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: 80.179.18.21.static.012.net.il
Software: nginx /
Resource Hash: 6ab83f66afa36f5bcb2d761e280f0015c6b9dbc4665fb7a3e92a986c3e60def7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 09:05:18 GMT
Last-Modified: Tue, 08 Jul 2014 12:11:27 GMT
Server: nginx
ETag: "53bbdfef-9bd"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2493
Expires: Thu, 28 Jul 2022 09:05:18 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 51ms
36ms Fetch
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=113814722048122&input_token&origin=1&redirect_uri=http%3A%2F%2Fwww.fm1.co.il%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=9ba908c04612b1586b6fd4f356644e30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 5aKQbPbsuSG0MR72l4xXPJ9J8KQKLN6h3l60jm5OdB9/4WbkSs9woDaGGloOjgd+V7vz+cMyv3jXZBN9S9wPQA==
fb-s: unknown
cache-control: private, no-cache, no-store, must-revalidate
date: Tue, 28 Jun 2022 09:05:18 GMT
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://www.fm1.co.il
access-control-expose-headers: fb-s
fb-error-description: "This endpoint may only be called from an HTTPS Origin."
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1105325911&utmhn=www.fm1.co.il&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D7%A8%...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1105325911&utmhn=www.fm1.co.il&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D7%A8...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-41398856-1&cid=936155532.1656407118&jid=1769063074&_v=5.7.2&z=1105325911
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41398856-1&cid=936155532.1656407118&jid=1769063074&_v=5.7.2&z=1105325911
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41398856-1&cid=936155532.1656407118&jid=1769063074&_v=5.7.2&z=1105325911&slf_rd=1&random=2786459459

42 B
501 B

77ms
40ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41398856-1&cid=936155532.1656407118&jid=1769063074&_v=5.7.2&z=1105325911&slf_rd=1&random=2786459459

Requested by

Host: www.fm1.co.il
URL: http://www.fm1.co.il/

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 09:05:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Jun 2022 09:05:18 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-41398856-1&cid=936155532.1656407118&jid=1769063074&_v=5.7.2&z=1105325911&slf_rd=1&random=2786459459
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 213 B
642 B 147ms
102ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.fm1.co.il&callback=_gfp_s_&client=ca-pub-3642046533900868

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3642046533900868&plah=www.fm1.co.il

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

35a171c96e66930360208bc7f05618197e0a554ac108c0917db04eb10e27e677

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 09:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 197
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 147ms
101ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.fm1.co.il

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jun 2022 09:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 147ms
102ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.fm1.co.il

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jun 2022 09:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 20EE 73 KB
21 KB 1023ms
994ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3642046533900868&output=html&h=90&slotname=7982552697&adk=2126893257&adf=1985419241&pi=t.ma~as.7982552697&w=728&lmt=1656407118&psa=0&format=728x90&url=http%3A%2F%2Fwww.fm1.co.il%2F&wgl=1&dt=1656407117965&bpp=3&bdt=232&idt=124&shv=r20220623&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&correlator=1865593000093&frm=20&pv=2&ga_vid=936155532.1656407118&ga_sid=1656407118&ga_hid=52479946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066434%2C42531606%2C31064018&oid=2&pvsid=1759845789579246&tmod=1909911466&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=VaNUW1Vw77&p=http%3A//www.fm1.co.il&dtd=139

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb9dc27aef1a012685532768af9a56e25f3762ad327e1130ef0f5c021fd814aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.fm1.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 21238
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 09:05:19 GMT
expires: Tue, 28 Jun 2022 09:05:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5ED1 0
19 B 40ms
23ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3642046533900868&output=html&adk=1812271804&adf=3025194257&lmt=1656407118&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.fm1.co.il%2F&ea=0&pra=7&wgl=1&dt=1656407117998&bpp=1&bdt=265&idt=114&shv=r20220623&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=1865593000093&frm=20&pv=1&ga_vid=936155532.1656407118&ga_sid=1656407118&ga_hid=52479946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066434%2C42531606%2C31064018&oid=2&pvsid=1759845789579246&tmod=1909911466&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=119

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.fm1.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 09:05:18 GMT
expires: Tue, 28 Jun 2022 09:05:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ Frame 16B7 9 KB
3 KB 19ms
18ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: fm1coil.os.tc
URL: https://fm1coil.os.tc/webPushIframe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fm1coil.os.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72254289b9ae9223-FRA
date: Tue, 28 Jun 2022 09:05:18 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1173
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 01 Jul 2022 09:05:18 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ Frame 16B7 283 KB
68 KB 23ms
22ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fm1coil.os.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 72254289d9cb9223-FRA
date: Tue, 28 Jun 2022 09:05:18 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1171
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 01 Jul 2022 09:05:18 GMT

GET
H3 200 web Show response
onesignal.com/api/v1/sync/c0c11443-6a8e-47a1-b125-9eca514cfda6/ Frame 16B7 3 KB
2 KB 26ms
26ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/c0c11443-6a8e-47a1-b125-9eca514cfda6/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f1f23f90c19de06b4539422fd8e1100f6e6f6e141e6498385cd5c62a7e97f04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fm1coil.os.tc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 09:05:18 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 3357
cf-polished: origSize=3042
status: 200 OK
x-envoy-upstream-service-time: 27
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: b4df6e2d-4af6-470a-94a9-f916132d97cd
x-runtime: 0.025968
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"676c1dcc7c19ff2458781e2114453443"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 7225428a1a199223-FRA
access-control-allow-headers: SDK-Version
expires: Tue, 28 Jun 2022 10:05:18 GMT

GET
H2 200 webPushIframe Show response
fm1coil.onesignal.com/ Frame 21AE 460 B
429 B 37ms
27ms Document
text/html 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fm1coil.onesignal.com/webPushIframe

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98357db066e5e48c1d040ccde7c8dbbc42481eec0d70f06b519dbaeb12864598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.fm1.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1115
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7225428a6ae0bb8b-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 28 Jun 2022 09:05:18 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Tue, 28 Jun 2022 10:05:18 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
status: 200 OK
vary: Accept-Encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-envoy-upstream-service-time: 10
x-permitted-cross-domain-policies: none
x-request-id: 0cc88a58-19c2-4399-b423-b4139efac62e
x-runtime: 0.009116
x-xss-protection: 1; mode=block

GET
H3 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ Frame 21AE 9 KB
3 KB 18ms
18ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: fm1coil.onesignal.com
URL: https://fm1coil.onesignal.com/webPushIframe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fm1coil.onesignal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 7225428aaad09223-FRA
date: Tue, 28 Jun 2022 09:05:18 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1173
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 01 Jul 2022 09:05:18 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ Frame 21AE 283 KB
68 KB 26ms
25ms Script
application/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fm1coil.onesignal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 7225428acafe9223-FRA
date: Tue, 28 Jun 2022 09:05:18 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1171
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 01 Jul 2022 09:05:18 GMT

GET
H3 200 web Show response
onesignal.com/api/v1/sync/c0c11443-6a8e-47a1-b125-9eca514cfda6/ Frame 21AE 3 KB
2 KB 20ms
20ms Script
text/javascript 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/c0c11443-6a8e-47a1-b125-9eca514cfda6/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f1f23f90c19de06b4539422fd8e1100f6e6f6e141e6498385cd5c62a7e97f04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fm1coil.onesignal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 09:05:18 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
x-permitted-cross-domain-policies: none
age: 3357
cf-polished: origSize=3042
status: 200 OK
x-envoy-upstream-service-time: 27
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: b4df6e2d-4af6-470a-94a9-f916132d97cd
x-runtime: 0.025968
referrer-policy: strict-origin-when-cross-origin
cf-bgj: minify
server: cloudflare
etag: W/"676c1dcc7c19ff2458781e2114453443"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
x-download-options: noopen
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=3600
cf-ray: 7225428b0b569223-FRA
access-control-allow-headers: SDK-Version
expires: Tue, 28 Jun 2022 10:05:18 GMT

GET
H3 200 OneSignalSDKStyles.css
onesignal.com/sdks/ 82 KB
9 KB 21ms
21ms Stylesheet
text/css 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 7225428b9c259223-FRA
date: Tue, 28 Jun 2022 09:05:18 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 1162
etag: W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=2592000
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 28 Jul 2022 09:05:18 GMT

GET
H3 200 icon Show response
onesignal.com/api/v1/apps/c0c11443-6a8e-47a1-b125-9eca514cfda6/ 128 B
617 B 423ms
40ms Fetch
application/json 2606:4700::6812:e234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/apps/c0c11443-6a8e-47a1-b125-9eca514cfda6/icon

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1b72c4078b5a5f45b2f74fd4cd9540cda18a535e83d2f9170a228b81b6ba72b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 09:05:19 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-permitted-cross-domain-policies: none
status: 200 OK
x-envoy-upstream-service-time: 17
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 3e937f92-1926-4a4d-8a6a-8bebbae0816d
x-runtime: 0.015467
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"c1b72c4078b5a5f45b2f74fd4cd9540c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 7225428e39216910-FRA
access-control-allow-headers: SDK-Version

GET
H/1.1 200
OK fm1-logo-192.jpg
www.fm1.co.il/images/ 21 KB
21 KB 80ms
80ms Image
image/jpeg 80.179.18.21
PARTNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.fm1.co.il/images/fm1-logo-192.jpg
Requested by: Host: www.fm1.co.il
URL: http://www.fm1.co.il/
Protocol: HTTP/1.1
Server: 80.179.18.21 Gan Yavne, Israel, ASN12400 (PARTNER-AS, IL),
Reverse DNS: 80.179.18.21.static.012.net.il
Software: nginx /
Resource Hash: 57c207ceb2166ea490aa72a5a1a7b99ebd8cbda8bf1dd7b12a6435db12823b68

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Tue, 28 Jun 2022 09:05:19 GMT
Last-Modified: Wed, 10 Aug 2016 08:39:40 GMT
Server: nginx
ETag: "57aae84c-527b"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21115
Expires: Thu, 28 Jul 2022 09:05:19 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 20EE 8 KB
1 KB 119ms
29ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3642046533900868&output=html&h=90&slotname=7982552697&adk=2126893257&adf=1985419241&pi=t.ma~as.7982552697&w=728&lmt=1656407118&psa=0&format=728x90&url=http%3A%2F%2Fwww.fm1.co.il%2F&wgl=1&dt=1656407117965&bpp=3&bdt=232&idt=124&shv=r20220623&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&correlator=1865593000093&frm=20&pv=2&ga_vid=936155532.1656407118&ga_sid=1656407118&ga_hid=52479946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066434%2C42531606%2C31064018&oid=2&pvsid=1759845789579246&tmod=1909911466&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=VaNUW1Vw77&p=http%3A//www.fm1.co.il&dtd=139

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 07:32:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Jun 2022 09:05:19 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Jun 2022 09:05:19 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame 20EE 2 KB
982 B 110ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 09:01:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jul 2022 09:01:37 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/ Frame 20EE 21 KB
9 KB 104ms
15ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 608
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jul 2022 08:55:11 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame 20EE 3 KB
1 KB 108ms
23ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2279
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jul 2022 08:27:20 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ Frame 20EE 17 KB
7 KB 109ms
20ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 08:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Jul 2022 08:44:20 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 20EE 138 KB
43 KB 122ms
33ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 09:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43256
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1656329918998510"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Jun 2022 09:05:19 GMT

GET
H2 200 21b2dfe42abab24529e209ac1efa07c6.js Show response
www.gstatic.com/mysidia/ Frame 20EE 31 KB
13 KB 98ms
13ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/21b2dfe42abab24529e209ac1efa07c6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 00:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 462041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13060
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 00:04:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 21 Sep 2022 00:44:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 20EE 0
0 82ms
81ms Fetch
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnbpbTsS6Yv7fCZD03gP4npeACPKkgatphZOz9MYP0fH3zd0LEAEgltyiA2CVyvmBlAegAbebzr4DyAEBqQJaod-kvL-xPqgDAaoEvwFP0OJWTQRVnxQ17_tlVgaXpeOzx1iXSVfTbiLqspOiPWk61rXEbgjppTXxUq-OUQmyC43G0a1qG8PPITbVBqKy5PovaHuzuVNvJzP0r33fAe8PXNLCiKx1IjVltZgAf2OeFq5XdBit6CQe0DSE4Pz74kprqMfXbQIdXztwu7-8do-TT77QMbUh-UW3HMdBanHz5u8aYprSbr3VkWkvCnFUU8SFiezxXytIABMrrLWbU3Ma3PlXxUkevryxzCtmg8AEzIDPi68DkgUECAQYAZIFBAgFGASAB7HksUGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD8xAbSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUB9AVAZgWAYAXAbIXHAoaCAASFHB1Yi0zNjQyMDQ2NTMzOTAwODY4GAA&sigh=dfwTfbuNW9U&uach_m=[UACH]&template_id=5001

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3642046533900868&output=html&h=90&slotname=7982552697&adk=2126893257&adf=1985419241&pi=t.ma~as.7982552697&w=728&lmt=1656407118&psa=0&format=728x90&url=http%3A%2F%2Fwww.fm1.co.il%2F&wgl=1&dt=1656407117965&bpp=3&bdt=232&idt=124&shv=r20220623&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&correlator=1865593000093&frm=20&pv=2&ga_vid=936155532.1656407118&ga_sid=1656407118&ga_hid=52479946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066434%2C42531606%2C31064018&oid=2&pvsid=1759845789579246&tmod=1909911466&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=VaNUW1Vw77&p=http%3A//www.fm1.co.il&dtd=139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 28 Jun 2022 09:05:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 28 Jun 2022 09:05:19 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1893591238195601137/ Frame 20EE 2 KB
2 KB 103ms
25ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1893591238195601137/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b686d08a9f6f5b58859e06dfd5dbc1afa2b388ddc6736c2a96441e5e6dfa4a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 27 Jun 2022 08:57:04 GMT
x-content-type-options: nosniff
age: 86895
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2142
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 11:09:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 27 Jun 2023 08:57:04 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FDF4 143 B
163 B 15ms
14ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3642046533900868&output=html&h=90&slotname=7982552697&adk=2126893257&adf=1985419241&pi=t.ma~as.7982552697&w=728&lmt=1656407118&psa=0&format=728x90&url=http%3A%2F%2Fwww.fm1.co.il%2F&wgl=1&dt=1656407117965&bpp=3&bdt=232&idt=124&shv=r20220623&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&correlator=1865593000093&frm=20&pv=2&ga_vid=936155532.1656407118&ga_sid=1656407118&ga_hid=52479946&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=263&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C21066434%2C42531606%2C31064018&oid=2&pvsid=1759845789579246&tmod=1909911466&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=VaNUW1Vw77&p=http%3A//www.fm1.co.il&dtd=139
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Tue, 28 Jun 2022 08:08:25 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 20EE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc3d59e8c2b4cd9b6d2213d3137a5655428b257ecd1518bf80821ceb06090dc9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 20EE 28 KB
28 KB 60ms
13ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 519635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Jun 2023 08:44:44 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FDF4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

77ms
76ms

Document
text/html

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 28 Jun 2022 09:05:19 GMT
expires: Tue, 28 Jun 2022 09:05:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 28 Jun 2022 09:05:19 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 like.php Show response
www.facebook.com/plugins/ Frame 17D3 0
23 B 46ms
35ms Document
text/html 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?action=like&app_id=113814722048122&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2af815c368a89c%26domain%3Dwww.fm1.co.il%26is_canvas%3Dfalse%26origin%3Dhttp%253A%252F%252Fwww.fm1.co.il%252Ff21096abfc327b8%26relation%3Dparent.parent&container_width=0&font=&href=http%3A%2F%2Fwww.fm1.co.il%2F&layout=box_count&locale=de_DE&sdk=joey&send=false&show_faces=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=9ba908c04612b1586b6fd4f356644e30

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.fm1.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Jun 2022 09:05:19 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: thCyadynFjsTN4xvIJlrUK0ZS3VrnyizryeEHKplLSYh6hgjKjYpfuS2YKjlqKtijHjRNBfvrllmlBJjsiFw3g==
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 57ms
29ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220623&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f94687cde8b3dd453a0e928babaaf76c574b6cb64bcb946abe266bcdb3e29ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 28 Jun 2022 09:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10588
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 63ms
34ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 09:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Jun 2022 09:05:19 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9C23 13 KB
5 KB 14ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.fm1.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4953
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 07:42:46 GMT
expires: Wed, 28 Jun 2023 07:42:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D8DB 783 B
536 B 23ms
23ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

84ecdb5ec03522aab06d22fa47b556b651e5a644818ae5dd084cb5229789e2c7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-27HFyDKRLmwIedY3jkEwmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.fm1.co.il/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-27HFyDKRLmwIedY3jkEwmQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 28 Jun 2022 09:05:19 GMT
expires: Tue, 28 Jun 2022 09:05:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 knGWWo7aSa0uHovcfrgOqEbwt81bmGsp9O44qLiKOUk.js Show response
pagead2.googlesyndication.com/bg/ Frame 9C23 36 KB
14 KB 42ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/knGWWo7aSa0uHovcfrgOqEbwt81bmGsp9O44qLiKOUk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9271965a8eda49ad2e1e8bdc7eb80ea846f0b7cd5b986b29f4ee38a8b88a3949

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 19:27:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 481070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13854
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Jun 2023 19:27:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D8DB 0
0 97ms
77ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220623&jk=1759845789579246&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9C23 0
9 B 13ms
12ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Bvo_SQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 28 Jun 2022 09:05:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 65ms
65ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220623&jk=1759845789579246&bg=!PzylPHjNAAa8IIBmnCA7ACkAdvg8WgsmANN1Ed3ir0LwJDsMTsf751WIcgLYS0S3BuqDoXCbKQR7sAIAAAClUgAAAANoAQeZApTcDt8x0OiQUVMWthmhpMDbd0rz2WDci4CJKOcBwqrqkzfr56c7otRtzlB-hKhyO_if3q1MKZ8mUN5Wk7C9YSRMfrHxYWU_-SV7MsiI-UiwvJLtEtDxKtY9QwPfVs63qXQFeCtq34UCDxX6RgqXDeKkFQ8yNSY4IgKMKeRlQJ6o3b9uvRKyi8v2EqZshv7PIRXnEVF5ltDca8Jp9J3dKc4a1haI5KTqqpbJpoc20NMpH2bs1jaE9p1bVtpPvKhGAjgoCFh0o7q5UqQwBeRfYzsnWwbRI35kfDklEYkT6KikzCBWcW_NUQVRV0l0kBLzWeUGjrp7d7YkP6K3gdbogt32UHt4WlONo8bZkTXrc4K9P9m71KPOjt1LdhwGcb6EJ9t7R0-0pAtuCz0RkcfzO4USf0BU9IsW_XGLn7FX9VeCtLfoHO9bD3MylQtZ5vjkhXSignTtGg_MM3Y-l6mRZUAnUqwZnQp0pm11YNRAi2wbhtIjip5LUAa2ElrYE-uOUF9p7aWLfERG_zoXEBeL2uNqAh4_ACl-COm4VbYxXah5pfrgEjd8QsAxnXygNiF9EcO0NUAlKcHhpygRPZV1CZi_gjIyMH7el-5E-qj-ehhNjUoxy6VRm4uu8F_SoT5VZQgJS1brgxPXxq4xbUlLVkPuh2to90Yrqb8B9UCg3OzmdlhK2w2qfZs7f03CvZ2Ib3Y6eRClhxwi5KmuYwRrYKDIB0yi9zTroPNzVibe1lX3LqCm-WW1Q_czCVFTAR11mUW6rRooVBRJhcA8py3IU72iSaY-jY5izdtFwF_NQNhM0nrAr-6_u1uNEEY7vqzLxxy8QuK7axeP_5ZI8rg3OymeM2UeaCzC0Sbe2GCoQJxJ8omrC6w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.fm1.co.il/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 20EE 42 B
64 B 48ms
48ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkg9TyOBFCNO9AC2_hxSXbw-vB6h3TjzJJ6d1PqkxshB1l2PHQaUIBXTVYHkiLjUhkYnXi75_FCDpm5vIHn2llHXrjUU6GVnznwnBKDgLWa0hsdfbKNWJRbcLIOCUd4CaTGIeRTg&sai=AMfl-YT_yvCCM8iyHeNIcW_efI2hQFJx9s61kFDmzPeldJlhzIoZbXtBd-zsh1LTbbF7K-xpJh6b2uajUa-D&sig=Cg0ArKJSzArB4d_iAWYFEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220627&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2126893257&rs=2&la=0&cr=0&vs=4&r=v&rst=1656407118105&rpt=1445&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Jun 2022 09:05:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fm1.co.il/	1970-01-20 21:37:59	Name: __utma Value: 41083445.936155532.1656407118.1656407118.1656407118.1
.fm1.co.il/	1969-12-31 23:59:59	Name: __utmc Value: 41083445
.fm1.co.il/	1970-01-20 08:29:35	Name: __utmz Value: 41083445.1656407118.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.fm1.co.il/	1970-01-20 04:06:47	Name: __utmt Value: 1
.fm1.co.il/	1970-01-20 04:06:48	Name: __utmb Value: 41083445.1.10.1656407118
.fm1.co.il/	1970-01-20 13:28:23	Name: __gads Value: ID=26b91b7291cd8700-2222cc72becd007e:T=1656407118:RT=1656407118:S=ALNI_Mb_bA-ddYXW_cEPtyXuhaBtQftTTQ
.doubleclick.net/	1970-01-20 13:28:23	Name: IDE Value: AHWqTUmS3uYVVYpQshPKxTprAV_xULfu6G0Uz_KjFuUanqIcahBifx8M2Jnrcgw9AVY
.doubleclick.net/	1970-01-20 04:06:50	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://tailo.com/smrtpx/7 Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.onesignal.com
code.jquery.com
connect.facebook.net
fm1coil.onesignal.com
fm1coil.os.tc
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
stats.g.doubleclick.net
tailo.com
tpc.googlesyndication.com
www.facebook.com
www.fm1.co.il
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
172.217.18.98
2001:4de0:ac18::1:a:3b
2606:4700::6810:dc60
2606:4700::6812:e234
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2001
2a00:1450:400c:c08::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
78.47.197.57
80.179.18.21
02b55eea694cb406207d04af2d76ae47f70909e3af324c087a75848576afa3ba
0f21843e26b5a8c500ee7e8574a1545e31e4352ec5e687399843c687f7678d94
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
20ce127ff3263f9fdf048d5b92a79c0af49c1da0664371e1672dc14217e38507
2813b4f24b9898e0d1b6c67b18c5e37af5c0912da5d82dbae4d676cead0ede3a
29a74bd48fa0b500b61194468e760e8acef2f465e782e0da3eb219850bcea8fb
2a0454920ce395eb20659cd95559d547f39bbf84136d1324d9abd54ae22c3e66
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
35a171c96e66930360208bc7f05618197e0a554ac108c0917db04eb10e27e677
37b8a889b1fbcad40e08f8f77c9e8d4d98c6962105d973e99afeb2cfda916b95
3e933ebe1521fdf5275717cae27ad216df687e0ea804ad37407fa30819e226e2
40fc1c29f0fb4875ce0486658bf7164dfad898ad2e67cae844049fd028144ce9
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b7345efa0fc43f99a89bd479a44b99377967c7bd73a1fe67b1f0b3e5cc25d80
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4fe611247dff2908308668936fd28c7470cbdbecd1411834ab63fd69444b091b
50ca25581e8857002dfa7743727b6fa883a5c35938275ce85331a4a2e1532f64
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57c207ceb2166ea490aa72a5a1a7b99ebd8cbda8bf1dd7b12a6435db12823b68
5cdda928756083c85bc02296b17c024245aeb8013896d0a3fdfd3a5471b12fe3
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5f94687cde8b3dd453a0e928babaaf76c574b6cb64bcb946abe266bcdb3e29ed
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622a6409f1acf77144b731f087165bfd5d77ea6602ebe441a9e34e44e5f4f2b2
63623d689dd6bffd5ca8240057be3afb24c86be0771bced5eea2541bcbe12060
6555af20e90d9f3089cc3f64e28b976466ce46210fe4b90615c31aa437aa020a
68daf32a0e2d0ca41dcb7c69d68b18f7ea8b64859598db6fa597abe3750c0b0a
6ab83f66afa36f5bcb2d761e280f0015c6b9dbc4665fb7a3e92a986c3e60def7
6b9b3f1783ca81b660f35ee6ebf818099d2d9e6ea1522370235507a743b28a2e
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
7b3498afa00dd800ce25101d9f57a4f0dd13d3152efae614094f71e7469f42d3
7fae22233dbba744c8e59fab3970a749e2f653ae5b824539964d278b4cee9791
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
84ecdb5ec03522aab06d22fa47b556b651e5a644818ae5dd084cb5229789e2c7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b686d08a9f6f5b58859e06dfd5dbc1afa2b388ddc6736c2a96441e5e6dfa4a6
9271965a8eda49ad2e1e8bdc7eb80ea846f0b7cd5b986b29f4ee38a8b88a3949
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98357db066e5e48c1d040ccde7c8dbbc42481eec0d70f06b519dbaeb12864598
9f1f23f90c19de06b4539422fd8e1100f6e6f6e141e6498385cd5c62a7e97f04
a0c254205b11abf9cdc8272d94eafbee63fa35647fe7c909bb5436897ddb3831
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
b97d2c98f8bac4ee72d075d577db22903f83ae9a2742b9caef94f0842b459348
bd765d42a061013f0b703ab5e7dfe65e1ed300d7d8ab8b70b89f196208ac55af
c1b72c4078b5a5f45b2f74fd4cd9540cda18a535e83d2f9170a228b81b6ba72b
c40a413823da643cfe2c0d34364b71b8464db42d3ef575aca88dae1ff89a33a3
cf45cb87de1719aed344d3d114f8da6379fa444fa7e028bc0f56b2412541ecc2
d363a3495986b0801e1843c3b70738395e7dd3b56e9ead94d629eba0c1ba8e15
db6bb7592ef5cec11f03e3fdcb1c2cf0a9c231afa52c20a92ff454908374c430
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dc3d59e8c2b4cd9b6d2213d3137a5655428b257ecd1518bf80821ceb06090dc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2ea477b6cf4bc6e0a044b4c61e8fe07177823993dda48b93d5ba6646d68778
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb9dc27aef1a012685532768af9a56e25f3762ad327e1130ef0f5c021fd814aa

www.fm1.co.il Open in urlscan Pro 80.179.18.21 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

72 Requests

61 %HTTPS

84 %IPv6

16 Domains

23 Subdomains

19 IPs

5 Countries

1055 kBTransfer

2812 kBSize

8 Cookies

1 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.fm1.co.il Open in urlscan Pro
80.179.18.21 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

61 %
HTTPS

84 %
IPv6

16
Domains

23
Subdomains

19
IPs

5
Countries

1055 kB
Transfer

2812 kB
Size

8
Cookies

72 HTTP transactions
1 data transactions