urlscan.io logo urlscan.io
SecurityTrails logo

k4ml.in Open in urlscan Pro
172.67.220.163  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://s.oursoffersstatus.com/ga/click/2-47981303-5085-2563-5031-3124-c38a4f508e-69f00c3a47
Effective URL: https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%...
Submission: On April 18 via api from IL — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 33 HTTP transactions. The main IP is 172.67.220.163, located in United States and belongs to CLOUDFLARENET, US. The main domain is k4ml.in.
TLS certificate: Issued by E1 on April 2nd 2024. Valid for: 3 months.
This is the only time k4ml.in was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Israel Post (Transporation) Generic Tracking (Transportation)

Domain & IP information

1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
s.oursoffersstatus.com
16    172.67.220.163 (United States)

ASN13335 (CLOUDFLARENET, US)
k4ml.in
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700::6812:12b7 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.by.wonderpush.com
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700:3035::6815:1464 (United States)

ASN13335 (CLOUDFLARENET, US)
natureviewer.in
2    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
2    104.18.18.183 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.by.wonderpush.com
1    2001:4860:4802:32::15 (None, )

ASN- ()
measurements-api.wonderpush.com
1    172.67.70.233 (None, )

ASN- ()
get.geojs.io
Apex Domain
Subdomains		 Transfer
16 k4ml.in
k4ml.in
190 KB
5 wonderpush.com
cdn.by.wonderpush.com — Cisco Umbrella Rank: 48567
measurements-api.wonderpush.com
95 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2941
302 B
2 gstatic.com
fonts.gstatic.com
14 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
3 KB
1 geojs.io
get.geojs.io
771 B
1 google.nl
www.google.nl — Cisco Umbrella Rank: 10513
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
248 B
1 natureviewer.in
natureviewer.in
460 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
98 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
5 KB
1 oursoffersstatus.com
s.oursoffersstatus.com
749 B
33 12
Domain Requested by
16 k4ml.in k4ml.in
4 cdn.by.wonderpush.com k4ml.in
cdn.by.wonderpush.com
2 region1.analytics.google.com www.googletagmanager.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com k4ml.in
1 get.geojs.io cdn.by.wonderpush.com
1 measurements-api.wonderpush.com cdn.by.wonderpush.com
1 www.google.nl k4ml.in
1 stats.g.doubleclick.net www.googletagmanager.com
1 natureviewer.in k4ml.in
1 www.googletagmanager.com k4ml.in
1 cdnjs.cloudflare.com k4ml.in
1 s.oursoffersstatus.com 1 redirects
33 13

This site contains links to these domains. Also see Links.

Domain
www.bhhz5trk.com
Subject Issuer Validity Valid
k4ml.in
E1		 2024-04-02 -
2024-07-01		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
wonderpush.com
GTS CA 1P5		 2024-03-29 -
2024-06-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
natureviewer.in
E1		 2024-04-13 -
2024-07-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google.nl
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
measurements-api.wonderpush.com
GTS CA 1D4		 2024-03-25 -
2024-06-23		 3 months crt.sh
geojs.io
E1		 2024-03-11 -
2024-06-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
Frame ID: 2B56202C38D1C7249D47365B73B5285D
Requests: 33 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

דואר בארץ

Page URL History Show full URLs

  1. https://s.oursoffersstatus.com/ga/click/2-47981303-5085-2563-5031-3124-c38a4f508e-69f00c3a47 HTTP 302
    https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

100 %
HTTPS

71 %
IPv6

12
Domains

13
Subdomains

13
IPs

4
Countries

408 kB
Transfer

1184 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://s.oursoffersstatus.com/ga/click/2-47981303-5085-2563-5031-3124-c38a4f508e-69f00c3a47 HTTP 302
    https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
k4ml.in/IL-678T260324/
Redirect Chain
  • https://s.oursoffersstatus.com/ga/click/2-47981303-5085-2563-5031-3124-c38a4f508e-69f00c3a47
  • https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
15 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
2004770b682fddf7f386b379fb37d75a482a1c9e6f8b1bdc965200f60be2a976

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8763978f1bd40be0-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 18 Apr 2024 09:22:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gUTBygibGNIbitKf9VZ8YixLApL9tsL4qoReeNp2rN36q3z9YzGpLjxM1mYJwT7mRGzJe7rOEwEoc1sUiRfg7vYpln8A23iarbYqsuSFKguwauRpSqcCJM%2FC"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8763978cbcdc672a-AMS
content-type
text/html; charset=utf-8
date
Thu, 18 Apr 2024 09:22:43 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BLo1wLKwxig4jAvXlTz5MSiOUrHdO1vA7ykerjymV7VNwxapDkN%2BPBsBUe4K%2FVQohc4tW1CpC1EDP05RzrHPwWtDvyTuXebRDD6MDA5Y8bDKniFMin1%2BNCamR0Tft1RM1Zw7aK1I5Q1vpIpmznQT8L0HTTXF"}],"group":"cf-nel","max_age":604800}
server
cloudflare
status
302 Found
x-powered-by
Phusion Passenger 6.0.4
x-rack-cache
miss
x-request-id
c32b4c0c6ca3c59454b13e9c04ec0ea3
x-runtime
0.058774
x-ua-compatible
IE=Edge,chrome=1
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/font-awesome.min.css
Requested by
Host: k4ml.in
URL: https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:22:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1165575
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4972
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-6b4a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pUEZdQowvyJDEnkDXqP80LZYdfx9SOYN1H4epGH1WXFS039ybvPvePR%2F67wmLRsxFpj1rpmf2ZtuzL0vxsklOpAaHCiq9H1dVr74ymhO%2BruDeFiqis7N7r%2BUHuced1F%2Bpq%2FWssbh"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
87639790ceee66af-AMS
expires
Tue, 08 Apr 2025 09:22:43 GMT
bootstrap.min.css
k4ml.in/IL-678T260324/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://k4ml.in/IL-678T260324/css/bootstrap.min.css
Requested by
Host: k4ml.in
URL: https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:22:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Apr 2024 09:55:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1d975-615a6eac9d944"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JyYHiC8sk%2B8%2BIIbweoFmCbdJyPU1DnGqrrlS44w6A8Kj44RDo3Rm320ytYOuy5KM1DzLZV%2FuojQQ1%2FW9bVj41HwhuGtj2LqXg8oNE5DJRUZMWTMLF0FmdaCb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
876397909dbb0be0-AMS
alt-svc
h3=":443"; ma=86400
custom.css
k4ml.in/IL-678T260324/css/ 		47 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://k4ml.in/IL-678T260324/css/custom.css
Requested by
Host: k4ml.in
URL: https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9363a86fcb121b2b20bffeca656288ad60ba376ed66347e3c17e9b8fe5098ba5

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:22:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Apr 2024 09:55:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"bbf7-615a6eabebd9a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eDzrGyqAAp1QQtohgpNTLdVfZGIDkXMeaMTi5Kvoay3%2BIzFVkwnfMRWbgCFZkWkY83SFXNBtqVIgk0mwaqQU2xb94aotObsd6rhsweMKh2MaMY70zaPbuLLo"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
876397909dbe0be0-AMS
alt-svc
h3=":443"; ma=86400
wonderpush-loader.min.js
cdn.by.wonderpush.com/sdk/1.1/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Requested by
Host: k4ml.in
URL: https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4b6f1e89823eb3953d76d22b254f456ed58e053a34346c11ef013b1e6573fc4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:22:44 GMT
content-encoding
gzip
via
1.1 cf8597852fd073f5b8e6fed4908fe46e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AMS1-P2
age
987
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
872
last-modified
Tue, 10 Oct 2023 16:29:47 GMT
server
cloudflare
etag
"3bfe95c40b26f3ffec80bc846ed15b60ed6e"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=3600
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
87639796d80a1c18-AMS
x-amz-cf-id
R5CICA1xscy5okosEJwgwPdsiDHmsuIFiFuTuRZBUfXFRFHiG-6ZkA==
js
www.googletagmanager.com/gtag/ 		292 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MB2WV0SZV7
Requested by
Host: k4ml.in
URL: https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2d7ffda97ea24ed09730ac449ad7348584d8db4124c698c41b7f88887394b235
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:22:44 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
100048
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 18 Apr 2024 09:22:44 GMT
clicks
natureviewer.in/ 		0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://natureviewer.in/clicks?p=678P105C678&e=imicha@iai.co.il&s3=%C3%97?%C3%97%C2%A6%C3%97?%C3%97%C2%A7&s4=%C3%97?%C3%97?%C3%97?%C3%97?
Requested by
Host: k4ml.in
URL: https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:1464 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:22:44 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.33
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rdp5Pd3aY%2BBUf5QQ15oIRsJ4udVrKVWAMsoFaIMWVMFNHynpCUX6coHVpuRH8Pmu11cCOU4XK2qbHz3z0mJIqVhktMz6nVJcGUhEGKm1H9phTMsa%2BY2kDZLSdN8c5e1WBIu0Zj8HzWqXSdjC4bY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
876397911f15670f-AMS
alt-svc
h3=":443"; ma=86400
2.jpg
k4ml.in/IL-678T260324/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k4ml.in/IL-678T260324/img/2.jpg
Requested by
Host: k4ml.in
URL: https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bfcdbcf6bdef035fbd3202aed3f1493314365802dca559fed221e55ae80f942

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:22:44 GMT
cf-cache-status
MISS
last-modified
Tue, 09 Apr 2024 09:55:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6bd-615a6eb06ce45"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gSR62ds7Wfb%2BJZIF47wsUU28UvlWYhOFM%2B1%2BLq5KhmlfdFmT7iOrpRPrLoEYAEBQE3c24%2B8b00TNHxD4zI6JkPRTvHU%2BuNBsiheta2BrQUzAPK5NFEibxNRu"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
876397909dc20be0-AMS
alt-svc
h3=":443"; ma=86400
content-length
1725
1.jpg
k4ml.in/IL-678T260324/img/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k4ml.in/IL-678T260324/img/1.jpg
Requested by
Host: k4ml.in
URL: https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1291ed9118c0b9fd9040b52e5dd60403ce649fac4295b219e38bfabd163a5bf7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:22:44 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Apr 2024 09:55:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"10b2-615a6eafc8589"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5WxKdlFMXxo7v%2BiN5PHznm4gjPd3zHtPBqhXWlLekbR7Yivs4gTUsiz8GZCA9EI0TkYdRtxhC4aHoXYoVnlyjHeONUmXN2adqVQXtoEPX8JDcCW1MU6eDxa1"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8763979309ec0be0-AMS
alt-svc
h3=":443"; ma=86400
content-length
4274
dori-laptop.png
k4ml.in/IL-678T260324/img/ 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k4ml.in/IL-678T260324/img/dori-laptop.png
Requested by
Host: k4ml.in
URL: https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed5a4c4a159cbfbc2b92ead6ccac13bcb03cc03525e8ba04d39cc24c56bf18ac

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:22:44 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Apr 2024 09:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"15629-615a6eb26777f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bzzYngwu3egQK1P3TzjqJgjF6AAqMrHLXH8nGp3BNO26WzMDIUgVgfNNns%2B%2BfBh2oVuMdCselSOfEXpsnm4Z0vxJAWtpCVbFNBa1LoHfA92GMSN8MtW2%2Fo7J"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
876397932a340be0-AMS
alt-svc
h3=":443"; ma=86400
content-length
87593
logo.png
k4ml.in/IL-678T260324/img/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k4ml.in/IL-678T260324/img/logo.png
Requested by
Host: k4ml.in
URL: https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cff082fe3676f7e02428c7d1b72b5daf671c05eb60e4e53ddd10267080111f0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:22:44 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Apr 2024 09:55:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"153d-615a6ebf07cb4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gtf02btsVpTp5qofg8MOKQvQ75FjQUB%2ByaAnXpxKHmxf0FC2yEzNBF5YgYce67wA4F2WrA3nyZ%2FWeCyLv9%2FC9EK2H7%2F1N1PuIVwpri6%2BAwiXLb9nqSdZdVkL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
876397943b880be0-AMS
alt-svc
h3=":443"; ma=86400
content-length
5437
loader.gif
k4ml.in/IL-678T260324/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k4ml.in/IL-678T260324/img/loader.gif
Requested by
Host: k4ml.in
URL: https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c297929a72964c7cfe17e2dfd5d17c15c2c03243b6cec7f67a3929030fbf8c3d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:22:44 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Apr 2024 09:55:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"128e-615a6eb7bf1a8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jeGKgpcHKOdOMaApRUmd%2F8Nujm3soHpJmfkIXnxR7mJ99I1JDd4W34cmw9EXjZuF30bv2FD9H49fKnpp5a6P1hjCIda92VoMKJHsrrv%2BE8Csd5uhRH%2BdgHPe"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
876397943b8f0be0-AMS
alt-svc
h3=":443"; ma=86400
content-length
4750
icon-box.svg
k4ml.in/IL-678T260324/img/ 		1 KB
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k4ml.in/IL-678T260324/img/icon-box.svg
Requested by
Host: k4ml.in
URL: https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62f7ef6281d5e0db3f14298ca3707ee3a9f61d1ee85ac5fa5dade011eafb32e9

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:22:44 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Apr 2024 09:55:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"49e-615a6eb44b18c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kQLQqOBQdKOm%2BLGuhrtXOjPMYik%2FuB4eprMtBNZaxIdsPG6iPJbKpj0DdooHz57OMgQK4d9or9fGjpL94plKFeWjqeR%2FG1y9RXdmMG%2Fttd1KT13dBdVfpfFn"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
876397943b900be0-AMS
alt-svc
h3=":443"; ma=86400
faces.png
k4ml.in/IL-678T260324/img/ 		446 B
888 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k4ml.in/IL-678T260324/img/faces.png
Requested by
Host: k4ml.in
URL: https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
560143d8dc3a7798c529a19166554335bf8b5a9fafa490655eca4a0ebe22eded

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:22:44 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Apr 2024 09:55:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1be-615a6eb2fb69d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rsYDeJQDanC3DsFYN7PfUmMi1jlSQsOV6RC9VWk6nPQJR24X2WR8hZy33511NzWzLE75rnL1N2bnZe1YV1H2PGvGIWnIgFOal4XApWTPfUbYHne0CpYv%2BtX0"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
876397943b940be0-AMS
alt-svc
h3=":443"; ma=86400
content-length
446
inst.png
k4ml.in/IL-678T260324/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k4ml.in/IL-678T260324/img/inst.png
Requested by
Host: k4ml.in
URL: https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2d0ff975341bbc34a2cfe1c78d1147b74f64e82ee5cbcbe07f12cab9cc6da0d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:22:45 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Apr 2024 09:55:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4c6-615a6eb7c0148"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LVlU3vnSJR7qAR5vQAOf4VypFme2M5SacQlBbIPH751C0u8mbkDRHjMBLIiw7onaN3zfMck1U0Wo6fB4zXjOzO%2BZTvUOvsK1KRf7a%2BfycSKUGNNcRRQliaIl"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
876397943b950be0-AMS
alt-svc
h3=":443"; ma=86400
content-length
1222
gl.png
k4ml.in/IL-678T260324/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k4ml.in/IL-678T260324/img/gl.png
Requested by
Host: k4ml.in
URL: https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f594875e65830469619d4124ced5e7d9a39c7ccb9db1bd2142759e78ac12ea8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:22:44 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Apr 2024 09:55:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"b94-615a6eb45da6a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RH56nUxEkwuoU3kRLRK8uLrJU0yJi%2B28QPSx68XYKFMSyUykSWOelz0Ibe7fRiNZiEkaRfvx%2BRYZTXoi2etG%2FezC2NzC313IX39Iwd4YXyL9e8sw3Y1VJ5ZI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
876397943b960be0-AMS
alt-svc
h3=":443"; ma=86400
content-length
2964
apl.png
k4ml.in/IL-678T260324/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k4ml.in/IL-678T260324/img/apl.png
Requested by
Host: k4ml.in
URL: https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b3419cad8127572fda8c073270946888cd2998acdc12b117fbc7c1d0f7c623d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:22:46 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Apr 2024 09:55:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"832-615a6eb1c906b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m2F3F49Nhi5XcDcVh%2Btw5hKMRJUB%2BQjRQ6jH2AWYBv7JARV%2B6GwvThFyKij00dvzjOklk8TFELxI8JZ9koPi5ZcuEXuJL65VGH7R2cp8nJld0OfS6UcxKuRK"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
876397943b980be0-AMS
alt-svc
h3=":443"; ma=86400
content-length
2098
jquery.min.js
k4ml.in/IL-678T260324/js/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://k4ml.in/IL-678T260324/js/jquery.min.js
Requested by
Host: k4ml.in
URL: https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:22:46 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Apr 2024 09:55:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1538f-615a6ebf070fc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r3Tz10R8qjqIBLi6xLhvpTn7%2BZLUGe2myCB5B%2FZRyX%2FgjLwZKuIcJZXs7KTJrOosNEuBroVY87P5uPj5eqG5LbdwJvNMeuHd6V73DcRlPSnvIXO3hkWuQraz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
876397943b8b0be0-AMS
alt-svc
h3=":443"; ma=86400
bootstrap.min.js
k4ml.in/IL-678T260324/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://k4ml.in/IL-678T260324/js/bootstrap.min.js
Requested by
Host: k4ml.in
URL: https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:22:45 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 09 Apr 2024 09:55:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"90bb-615a6ebd1b220"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M1Q%2BXTrxVdaanoVHbXsF9KWWzZ8IrFk3bLQt82PeWyUgIdEueXAb%2BdBTB20e8N0y3AiapynPrILj2i5GMuM8cpzzheOhzNENRZBB%2BJnaYg%2B%2B1amNZ8hOPSph"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
876397943b8e0be0-AMS
alt-svc
h3=":443"; ma=86400
css2
fonts.googleapis.com/ 		5 KB
607 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,200;0,300;0,400;1,100;1,200;1,300&display=swap
Requested by
Host: k4ml.in
URL: https://k4ml.in/IL-678T260324/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a26ec861082423de8e050b062c0d26b2af00fd6ef6acc8d1bda414c27c89c8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 18 Apr 2024 09:22:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 18 Apr 2024 09:22:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Apr 2024 09:22:44 GMT
css
fonts.googleapis.com/ 		55 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i
Requested by
Host: k4ml.in
URL: https://k4ml.in/IL-678T260324/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b17609553b24140fc01409b78fa834fe878de6410fe9e8996b0a5f6a984ddd6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 18 Apr 2024 09:22:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 18 Apr 2024 07:39:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Apr 2024 09:22:44 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,200;0,300;0,400;1,100;1,200;1,300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://k4ml.in
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 07:42:03 GMT
x-content-type-options
nosniff
age
438041
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 07:42:03 GMT
pxiEyp8kv8JHgFVrJJnecmNE.woff2
fonts.gstatic.com/s/poppins/v21/ 		5 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJnecmNE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,200;0,300;0,400;1,100;1,200;1,300&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a526dac26fcc645d428764b07fd6ae2ad3399129b75c22c8e149278157291189
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://k4ml.in
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 23:10:53 GMT
x-content-type-options
nosniff
age
468711
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5552
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Apr 2025 23:10:53 GMT
collect
region1.analytics.google.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-MB2WV0SZV7&gtm=45je44f0v9115169269za200&_p=1713432164509&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1071165565.1713432165&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1713432165&sct=1&seg=0&dl=https%3A%2F%2Fk4ml.in%2FIL-678T260324%2F%3Fu%3D105C678%26e%3Dimicha%2540iai.co.il%26s3%3D%25C3%2597%253F%25C3%2597%25C2%25A6%25C3%2597%253F%25C3%2597%25C2%25A7%26s4%3D%25C3%2597%253F%25C3%2597%253F%25C3%2597%253F%25C3%2597%253F&dt=%D7%93%D7%95%D7%90%D7%A8%20%D7%91%D7%90%D7%A8%D7%A5&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2090
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MB2WV0SZV7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 09:22:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://k4ml.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-MB2WV0SZV7&cid=1071165565.1713432165&gtm=45je44f0v9115169269za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MB2WV0SZV7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 09:22:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://k4ml.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-MB2WV0SZV7&cid=1071165565.1713432165&gtm=45je44f0v9115169269za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=1788742502
Requested by
Host: k4ml.in
URL: https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 09:22:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
k4ml.in/ 		207 B
582 B 		Other
General
Check archive.org
Download Go to
Full URL
https://k4ml.in/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.220.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72ec27bd0d959a1e6713d96b4e55c5a9b92ac6d1b5b5a4a8d5d1211422fcee57

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:22:47 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f3VxX6ROWKdGNC%2BnGv%2FtJtS9x%2BFkZi7vryUqgENIl81oGQmVgQpJ9%2F6hlNBLwc01rX9tW40Xr36Q%2FKpqUyRW9ndqde2VyskS5CXK1ayxiafqfBYKfjIBteSr"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
876397a35d960be0-AMS
alt-svc
h3=":443"; ma=86400
wonderpush.min.js
cdn.by.wonderpush.com/sdk/1.1.33.36/ 		375 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/sdk/1.1.33.36/wonderpush.min.js
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1/wonderpush-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:12b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ba77247588da7b85eb0d23e70fb7dfc650c5ac7da3acc7d2b8ea7feffadfbc2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:22:49 GMT
content-encoding
gzip
via
1.1 701ed6d11cb535ec9687bbfbe3b14bc0.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AMS1-P2
age
3084009
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
92310
last-modified
Tue, 10 Oct 2023 16:27:00 GMT
server
cloudflare
etag
"34c4d826740620a0081d04f5feba9a20ed6e"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=31536000
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
876397b47b9f1c18-AMS
x-amz-cf-id
G0pDUZiK0XqXYUSVG7qrUCaItsYJUNAXDBWYSzIrpGNPin_OT_Q-qg==
41d403593c0b49d57f632b281192a2cc78b1d2de15f2c5576bbb2af96cbee7e0
cdn.by.wonderpush.com/config/webkeys/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/config/webkeys/41d403593c0b49d57f632b281192a2cc78b1d2de15f2c5576bbb2af96cbee7e0?_=1713432169813
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.33.36/wonderpush.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
439f44a085a6aeeeb6d738e826984a4b73422a1262ce400abf0251086972add7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:22:49 GMT
content-encoding
gzip
via
1.1 e4a4a1d8cbc68200b55d6f49ec5eb07a.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
FRA56-P9
age
2356
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
829
last-modified
Tue, 05 Sep 2023 08:35:20 GMT
server
cloudflare
etag
"178ec23aede09f7fe915cdf5553f76c3ed6e"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
876397b5fe9fb8df-AMS
x-amz-cf-id
kWUF8GVYFMJiISAdXUgx9p9DnldQx1NDfjNBZbt7B7ppM_teKtYTmw==
geojs.js
cdn.by.wonderpush.com/plugins/geojs/1.0.2/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.by.wonderpush.com/plugins/geojs/1.0.2/geojs.js
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.33.36/wonderpush.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.183 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b877ef66eabd2dd21768d59e2ac26f9c4f48e0ed602e27cbd4d53c0701c7d515

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:22:50 GMT
content-encoding
gzip
via
1.1 c24bf4c03d36f2d43fb38710581fa0e6.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
AMS1-P2
age
3083990
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
1055
last-modified
Mon, 22 Jun 2020 15:30:23 GMT
server
cloudflare
etag
"eade35070a4a96bcbeb77c55c1856e96ed6e"
access-control-max-age
86400
access-control-allow-methods
HEAD, GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000,stale-while-revalidate=2592000
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
876397b69a316645-AMS
x-amz-cf-id
Ew2DjkRBr8UML-asIX_-M1uQRcpicrpXCjIs_xwGY9Wa2ZcD980GSw==
events
measurements-api.wonderpush.com/v1/ 		94 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://measurements-api.wonderpush.com/v1/events
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/sdk/1.1.33.36/wonderpush.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::15 -, , ASN (),
Reverse DNS
Software
Google Frontend /
Resource Hash
cee6b40697dbffb2b29e0f98e07b3b42041dbc0d995d9cc5f57b8499e12e415e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://k4ml.in
x-cloud-trace-context
91ddd485cb094c5da58a82edf7b1b1f6
date
Thu, 18 Apr 2024 09:22:50 GMT
access-control-allow-credentials
true
server
Google Frontend
content-length
94
content-type
application/json
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-MB2WV0SZV7&gtm=45je44f0v9115169269za200&_p=1713432164509&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1071165565.1713432165&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1713432165&sct=1&seg=0&dl=https%3A%2F%2Fk4ml.in%2FIL-678T260324%2F%3Fu%3D105C678%26e%3Dimicha%2540iai.co.il%26s3%3D%25C3%2597%253F%25C3%2597%25C2%25A6%25C3%2597%253F%25C3%2597%25C2%25A7%26s4%3D%25C3%2597%253F%25C3%2597%253F%25C3%2597%253F%25C3%2597%253F&dt=%D7%93%D7%95%D7%90%D7%A8%20%D7%91%D7%90%D7%A8%D7%A5&en=scroll&epn.percent_scrolled=90&_et=4&tfd=7096
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MB2WV0SZV7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 09:22:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://k4ml.in
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
geo.json
get.geojs.io/v1/ip/ 		331 B
771 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://get.geojs.io/v1/ip/geo.json
Requested by
Host: cdn.by.wonderpush.com
URL: https://cdn.by.wonderpush.com/plugins/geojs/1.0.2/geojs.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.70.233 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
0a2beaf166e996f38290f769b98d14c43dce8ccabf1a38f55e15c20856fa9888
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 09:22:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-request-id
6d35664d397dc9aa2dc9d28bec3e8750-AMS
x-geojs-location
AMS
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mR7Ffnp6h1ZFA9e1VawYFaZsjnAoDdAtlRYYvKLQZ7IRIFYwW5Bb3uyLke%2FrTzXbDjj3380DQzgICcRLJkf1eLz9phVyB9WmN7UNiwzQJ7w3Z0xikFrLCcegDGIb3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
cf-ray
876397b98ee5b978-AMS

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Israel Post (Transporation) Generic Tracking (Transportation)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| partstep object| WonderPush function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal function| $ function| jQuery function| moveProgressBar object| webpackChunkwonderpush_javascript_sdk

2 Cookies

Domain/Path Name / Value
.k4ml.in/ Name: _ga
Value: GA1.1.1071165565.1713432165
.k4ml.in/ Name: _ga_MB2WV0SZV7
Value: GS1.1.1713432165.1.0.1713432165.60.0.0

3 Console Messages

Source Level URL
Text
security warning URL: https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F
Message:
Mixed Content: The page at 'https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F' was loaded over HTTPS, but requested an insecure element 'http://natureviewer.in/clicks?p=678P105C678&e=imicha@iai.co.il&s3=%C3%97?%C3%97%C2%A6%C3%97?%C3%97%C2%A7&s4=%C3%97?%C3%97?%C3%97?%C3%97?'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F(Line 376)
Message:
Mixed Content: The page at 'https://k4ml.in/IL-678T260324/?u=105C678&e=imicha%40iai.co.il&s3=%C3%97%3F%C3%97%C2%A6%C3%97%3F%C3%97%C2%A7&s4=%C3%97%3F%C3%97%3F%C3%97%3F%C3%97%3F' was loaded over HTTPS, but requested an insecure element 'http://natureviewer.in/clicks?p=678P105C678&e=imicha@iai.co.il&s3=%C3%97?%C3%97%C2%A6%C3%97?%C3%97%C2%A7&s4=%C3%97?%C3%97?%C3%97?%C3%97?'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://k4ml.in/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.by.wonderpush.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
get.geojs.io
k4ml.in
measurements-api.wonderpush.com
natureviewer.in
region1.analytics.google.com
s.oursoffersstatus.com
stats.g.doubleclick.net
www.google.nl
www.googletagmanager.com
104.17.25.14
104.18.18.183
172.67.220.163
172.67.70.233
2001:4860:4802:32::15
2001:4860:4802:32::36
2606:4700:3035::6815:1464
2606:4700::6812:12b7
2a00:1450:4001:80b::200a
2a00:1450:4001:810::2008
2a00:1450:4001:813::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c0a::9a
2a06:98c1:3120::3
0a2beaf166e996f38290f769b98d14c43dce8ccabf1a38f55e15c20856fa9888
1291ed9118c0b9fd9040b52e5dd60403ce649fac4295b219e38bfabd163a5bf7
1ba77247588da7b85eb0d23e70fb7dfc650c5ac7da3acc7d2b8ea7feffadfbc2
2004770b682fddf7f386b379fb37d75a482a1c9e6f8b1bdc965200f60be2a976
2d7ffda97ea24ed09730ac449ad7348584d8db4124c698c41b7f88887394b235
2f594875e65830469619d4124ced5e7d9a39c7ccb9db1bd2142759e78ac12ea8
36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64
3b3419cad8127572fda8c073270946888cd2998acdc12b117fbc7c1d0f7c623d
439f44a085a6aeeeb6d738e826984a4b73422a1262ce400abf0251086972add7
560143d8dc3a7798c529a19166554335bf8b5a9fafa490655eca4a0ebe22eded
5a3d8c05785485d36ee5c94d4681e5b1d9e4b94c5be8b5bd7b0f3168fff1bd9a
62f7ef6281d5e0db3f14298ca3707ee3a9f61d1ee85ac5fa5dade011eafb32e9
72ec27bd0d959a1e6713d96b4e55c5a9b92ac6d1b5b5a4a8d5d1211422fcee57
7cff082fe3676f7e02428c7d1b72b5daf671c05eb60e4e53ddd10267080111f0
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8bfcdbcf6bdef035fbd3202aed3f1493314365802dca559fed221e55ae80f942
9363a86fcb121b2b20bffeca656288ad60ba376ed66347e3c17e9b8fe5098ba5
9a26ec861082423de8e050b062c0d26b2af00fd6ef6acc8d1bda414c27c89c8a
a2d0ff975341bbc34a2cfe1c78d1147b74f64e82ee5cbcbe07f12cab9cc6da0d
a526dac26fcc645d428764b07fd6ae2ad3399129b75c22c8e149278157291189
b17609553b24140fc01409b78fa834fe878de6410fe9e8996b0a5f6a984ddd6d
b877ef66eabd2dd21768d59e2ac26f9c4f48e0ed602e27cbd4d53c0701c7d515
c297929a72964c7cfe17e2dfd5d17c15c2c03243b6cec7f67a3929030fbf8c3d
cee6b40697dbffb2b29e0f98e07b3b42041dbc0d995d9cc5f57b8499e12e415e
d30b6114fb9496ae46b2a8cdf59379c8ffdb957534bd1dd73e626c7c61c7e67d
d4b6f1e89823eb3953d76d22b254f456ed58e053a34346c11ef013b1e6573fc4
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed5a4c4a159cbfbc2b92ead6ccac13bcb03cc03525e8ba04d39cc24c56bf18ac
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629