urlscan.io logo urlscan.io
SecurityTrails logo

www.hasr.co.il Open in urlscan Pro
45.60.46.233  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hasr.co.il/rm/vCLsO
Effective URL: https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Submission: On December 10 via manual from IL — Scanned from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 9 domains to perform 38 HTTP transactions. The main IP is 45.60.46.233, located in United States and belongs to INCAPSULA, US. The main domain is www.hasr.co.il.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 5th 2024. Valid for: a year.
This is the only time www.hasr.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 28 45.60.46.233 19551 (INCAPSULA)
1 142.250.186.40 15169 (GOOGLE)
2 142.250.186.106 15169 (GOOGLE)
2 104.18.186.31 13335 (CLOUDFLAR...)
1 104.21.27.152 13335 (CLOUDFLAR...)
1 18.66.102.53 16509 (AMAZON-02)
2 142.250.186.163 15169 (GOOGLE)
1 13.33.187.92 16509 (AMAZON-02)
1 3.161.82.8 16509 (AMAZON-02)
38 10
28    45.60.46.233 (United States)

ASN19551 (INCAPSULA, US)
hasr.co.il
www.hasr.co.il
1    142.250.186.40 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net
www.googletagmanager.com
2    142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net
fonts.googleapis.com
2    104.18.186.31 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    104.21.27.152 (None, )

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
1    18.66.102.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-53.fra56.r.cloudfront.net
static.hotjar.com
2    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
fonts.gstatic.com
1    13.33.187.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-92.fra60.r.cloudfront.net
script.hotjar.com
1    3.161.82.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-8.fra56.r.cloudfront.net
vc.hotjar.io
Apex Domain
Subdomains		 Transfer
28 hasr.co.il
hasr.co.il
www.hasr.co.il
1 MB
2 gstatic.com
fonts.gstatic.com
22 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 888
script.hotjar.com — Cisco Umbrella Rank: 1185
62 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
450 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 3181
232 B
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1331
10 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
103 KB
0 facebook.net Failed
connect.facebook.net Failed
38 9
Domain Requested by
27 www.hasr.co.il 1 redirects www.hasr.co.il
2 fonts.gstatic.com fonts.googleapis.com
2 cdn.jsdelivr.net www.hasr.co.il
cdn.jsdelivr.net
2 fonts.googleapis.com www.hasr.co.il
1 vc.hotjar.io script.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.hasr.co.il
1 use.fontawesome.com www.hasr.co.il
1 www.googletagmanager.com www.hasr.co.il
1 hasr.co.il 1 redirects
0 connect.facebook.net Failed www.hasr.co.il
38 11

This site contains no links.

Subject Issuer Validity Valid
www.hasr.co.il
Sectigo RSA Domain Validation Secure Server CA		 2024-05-05 -
2025-05-05		 a year crt.sh
*.google-analytics.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.jsdelivr.net
Sectigo RSA Domain Validation Secure Server CA		 2024-05-04 -
2025-05-04		 a year crt.sh
use.fontawesome.com
WE1		 2024-11-07 -
2025-02-06		 3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03		 2024-05-22 -
2025-06-20		 a year crt.sh
*.gstatic.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2024-02-07 -
2025-03-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Frame ID: 88C4864905813A36B5CDDCD1EA0D5481
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

הסרה

Page URL History Show full URLs

  1. http://hasr.co.il/rm/vCLsO HTTP 307
    https://hasr.co.il/rm/vCLsO HTTP 301
    https://www.hasr.co.il/rm/vCLsO HTTP 302
    https://www.hasr.co.il/remove?hash=vCLsO&valid=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • vue[.-]([\d.]*\d)[^/]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

38
Requests

97 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

10
IPs

2
Countries

2056 kB
Transfer

6272 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hasr.co.il/rm/vCLsO HTTP 307
    https://hasr.co.il/rm/vCLsO HTTP 301
    https://www.hasr.co.il/rm/vCLsO HTTP 302
    https://www.hasr.co.il/remove?hash=vCLsO&valid=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request remove
www.hasr.co.il/
Redirect Chain
  • http://hasr.co.il/rm/vCLsO
  • https://hasr.co.il/rm/vCLsO
  • https://www.hasr.co.il/rm/vCLsO
  • https://www.hasr.co.il/remove?hash=vCLsO&valid=1
4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
b33524f38f4c2f9dbae2c724ea23afe2db6586188f21969c5bd6f387d3cbc05a
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Cache-Control
public, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Content-Type
text/html; charset=UTF-8
Date
Tue, 10 Dec 2024 15:15:09 GMT
ETag
W/"109a-1939563d4c0"
Last-Modified
Thu, 05 Dec 2024 05:56:08 GMT
Permissions-Policy
interest-cohort=()
Referrer-Policy
origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding Origin
X-CDN
Imperva
X-Frame-Options
SAMEORIGIN
X-Iinfo
0-62664898-62664900 SNNN RT(1733843708733 297) q(0 0 0 -1) r(0 0) U24
X-XSS-Protection
1; mode=block

Redirect headers

Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
104
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Content-Type
text/html; charset=utf-8
Date
Tue, 10 Dec 2024 15:15:09 GMT
Location
/remove?hash=vCLsO&valid=1
Permissions-Policy
interest-cohort=()
Referrer-Policy
origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Origin, Accept
X-CDN
Imperva
X-Frame-Options
SAMEORIGIN
X-Iinfo
0-62664898-62664900 NNNN CT(5 7 0) RT(1733843708733 76) q(0 0 0 0) r(0 1) U24
X-XSS-Protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		298 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-946SPQTWDB
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ee4daec85d6dadfba4866e9955d451031dbc0df7972aa7ef965729b2dd04bf12
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 10 Dec 2024 15:15:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 15:15:10 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104628
x-xss-protection
0
server
Google Tag Manager
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Material+Icons
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
ESF /
Resource Hash
b64471a80a6405aef70e8302a7a638fbaefb5939aec12b797428ec48c1eba975
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 10 Dec 2024 15:15:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 15:15:10 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 10 Dec 2024 15:15:10 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/ 		339 KB
55 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.186.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03fe3caba05e65b14e4035139eee89b12be87cd0bcf342ac3886770eec3a9962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

access-control-expose-headers
*
content-encoding
br
cf-cache-status
HIT
etag
W/"54a02-OVjZUfBzAil15Q3gxxGhe/obcD8"
age
34709
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hp%2B51S%2BRJW9P9YHfMuOROfYWHeBnQ4Be3UFNCdI6plxktVpcv3oE9PaUpqZJ5iCPjDHEUbL3WRsyk2pVgMBXn1HNylAO06vsrMRMQGp5rDtQ5sOFbUJWl9fjs8TcdsfPZY8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
date
Tue, 10 Dec 2024 15:15:09 GMT
content-type
text/css; charset=utf-8
x-served-by
cache-fra-etou8220025-FRA, cache-lga21950-LGA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8efe3052bc4ac22c-TLV
accept-ranges
bytes
access-control-allow-origin
*
content-length
55843
server
cloudflare
x-jsd-version
7.4.47
all.css
use.fontawesome.com/releases/v5.0.13/css/ 		40 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.13/css/all.css
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.27.152 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

cache-control
max-age=31556926
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"d61bfe9b56c13ecff5313ee3abb45e8b"
age
306679
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0sy%2Bs1%2FuO5ff13uWOdC4t3n%2F4Gyc9vefbTDKHfaQ%2F8aSvUd3Avtao9kTRwpT9u2ZrXThfFGZ0Y06Kg7koAHEq20crbVSOPPPEaFlX77NzKSdhAyXvq%2FpE6wmaKRyly2n7RbCsTed"}],"group":"cf-nel","max_age":604800}
cf-ray
8efe3054698fe902-LHR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=54977&min_rtt=54912&rtt_var=20639&sent=6&recv=8&lost=0&retrans=0&sent_bytes=4032&recv_bytes=2271&delivery_rate=70367&cwnd=252&unsent_bytes=0&cid=84fb0222bbabfbe8&ts=291&x=0"
date
Tue, 10 Dec 2024 15:15:10 GMT
content-type
text/css
last-modified
Fri, 22 Sep 2023 01:44:09 GMT
vary
Accept-Encoding
server
cloudflare
app.b9d0ee24.css
www.hasr.co.il/css/ 		50 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/css/app.b9d0ee24.css
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
f2ca99aa88e2bc467e5b06145a357b60e477187dc4820a77feb605307fb75d96
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

Content-Encoding
gzip
ETag
W/"c6ea-1939563d0d8"
Date
Tue, 10 Dec 2024 15:15:09 GMT
Content-Type
text/css; charset=UTF-8
Vary
Accept-Encoding, Origin
Last-Modified
Thu, 05 Dec 2024 05:56:07 GMT
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Iinfo
0-62664898-62664900 SNNN RT(1733843708733 618) q(0 0 0 -1) r(0 0) U24
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Cache-Control
public, max-age=0
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Referrer-Policy
origin
Permissions-Policy
interest-cohort=()
X-XSS-Protection
1; mode=block
Server
nginx
vue.23c2f397.css
www.hasr.co.il/css/ 		445 KB
53 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/css/vue.23c2f397.css
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
6de5b42a76ee56522fd9f00a6b9d6ab4330fe43ec80677ebf030b316ad2a1b60
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

Content-Encoding
gzip
ETag
W/"6f50c-1939563d4c0"
Date
Tue, 10 Dec 2024 15:15:09 GMT
Content-Type
text/css; charset=UTF-8
Vary
Accept-Encoding, Origin
Last-Modified
Thu, 05 Dec 2024 05:56:08 GMT
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Iinfo
0-62664898-62664900 SNNN RT(1733843708733 763) q(0 0 0 -1) r(1 1) U24
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Cache-Control
public, max-age=0
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Referrer-Policy
origin
Permissions-Policy
interest-cohort=()
X-XSS-Protection
1; mode=block
Server
nginx
app.6c9ab65d.js
www.hasr.co.il/js/ 		925 KB
219 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/js/app.6c9ab65d.js
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
d6af2189e30a342531dfa5c6f3a3faf2e838235257fb21065b09936e6f28a8a4
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

Content-Encoding
gzip
ETag
W/"e7364-1939563d0d8"
Date
Tue, 10 Dec 2024 15:15:09 GMT
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding, Origin
Last-Modified
Thu, 05 Dec 2024 05:56:07 GMT
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Iinfo
13-128969523-128969532 NNNY CT(5 8 0) RT(1733843709427 79) q(0 0 0 -1) r(0 0) U24
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Cache-Control
public, max-age=0
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Referrer-Policy
origin
Permissions-Policy
interest-cohort=()
X-XSS-Protection
1; mode=block
Server
nginx
chunk-vendors~253ae210.0d0faa5c.js
www.hasr.co.il/js/ 		65 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/js/chunk-vendors~253ae210.0d0faa5c.js
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
9490962f22231fb9ef5d8430b1ed76b480066a5dbd0feedf67c7d3391eb0ea47
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

Content-Encoding
gzip
ETag
W/"104ef-1939563d4c0"
Date
Tue, 10 Dec 2024 15:15:09 GMT
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding, Origin
Last-Modified
Thu, 05 Dec 2024 05:56:08 GMT
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Iinfo
13-128969524-128969531 NNNY CT(8 11 0) RT(1733843709428 76) q(0 0 0 -1) r(0 0) U24
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Cache-Control
public, max-age=0
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Referrer-Policy
origin
Permissions-Policy
interest-cohort=()
X-XSS-Protection
1; mode=block
Server
nginx
chunk-vendors~7d359b94.8ca0311d.js
www.hasr.co.il/js/ 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/js/chunk-vendors~7d359b94.8ca0311d.js
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
9a4a9908e25387693c1b3a0941b42adc905c504a3f6081c9ee9a0bd3d7881233
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

Content-Encoding
gzip
ETag
W/"6213-1939563d4c0"
Date
Tue, 10 Dec 2024 15:15:09 GMT
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding, Origin
Last-Modified
Thu, 05 Dec 2024 05:56:08 GMT
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Iinfo
2-75351610-75351613 NNNY CT(8 10 0) RT(1733843709434 70) q(0 0 0 -1) r(0 0) U24
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Cache-Control
public, max-age=0
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Referrer-Policy
origin
Permissions-Policy
interest-cohort=()
X-XSS-Protection
1; mode=block
Server
nginx
chunk-vendors~8b33879e.c3949056.js
www.hasr.co.il/js/ 		433 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/js/chunk-vendors~8b33879e.c3949056.js
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
fd719b908847ae24ef99536f79e3da97fc852b930b62f7f4b0fe6b5375c92c20
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

Content-Encoding
gzip
ETag
W/"6c2a1-1939563d4c0"
Date
Tue, 10 Dec 2024 15:15:10 GMT
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding, Origin
Last-Modified
Thu, 05 Dec 2024 05:56:08 GMT
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Iinfo
14-159637278-159637287 NNNN CT(41 34 0) RT(1733843709437 172) q(0 0 0 -1) r(1 1) U24
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Cache-Control
public, max-age=0
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Referrer-Policy
origin
Permissions-Policy
interest-cohort=()
X-XSS-Protection
1; mode=block
Server
nginx
chunk-vendors~92c00e46.51086e94.js
www.hasr.co.il/js/ 		154 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/js/chunk-vendors~92c00e46.51086e94.js
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
5f7c9b18929667c76653e675b020d6e9ebbaf6a516d25dcc8c79231c28bae3c3
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

Content-Encoding
gzip
ETag
W/"2660f-1939563d4c0"
Date
Tue, 10 Dec 2024 15:15:09 GMT
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding, Origin
Last-Modified
Thu, 05 Dec 2024 05:56:08 GMT
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Iinfo
13-128969525-128969535 NNNY CT(5 7 0) RT(1733843709438 81) q(0 0 0 -1) r(0 0) U24
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Cache-Control
public, max-age=0
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Referrer-Policy
origin
Permissions-Policy
interest-cohort=()
X-XSS-Protection
1; mode=block
Server
nginx
chunk-vendors~b1c93edb.57e2a70b.js
www.hasr.co.il/js/ 		527 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/js/chunk-vendors~b1c93edb.57e2a70b.js
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
5c803e52ee6903b89d21b7bb8c55dd2c3f8606a5a742752c2fb2ea160a1a107a
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

Content-Encoding
gzip
ETag
W/"83a38-1939563d4c0"
Date
Tue, 10 Dec 2024 15:15:10 GMT
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding, Origin
Last-Modified
Thu, 05 Dec 2024 05:56:08 GMT
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Iinfo
2-75351610-75351613 SNNy RT(1733843709434 203) q(0 0 0 -1) r(0 0) U24
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Cache-Control
public, max-age=0
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Referrer-Policy
origin
Permissions-Policy
interest-cohort=()
X-XSS-Protection
1; mode=block
Server
nginx
chunk-vendors~b916e1a4.d5849e9d.js
www.hasr.co.il/js/ 		414 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/js/chunk-vendors~b916e1a4.d5849e9d.js
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
188ad913ef8d729e6b7d52f2e4b72145fbd36e7f3815b1f838e469ea5927a5cd
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

Content-Encoding
gzip
ETag
W/"679aa-1939563d4c0"
Date
Tue, 10 Dec 2024 15:15:10 GMT
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding, Origin
Last-Modified
Thu, 05 Dec 2024 05:56:08 GMT
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Iinfo
13-128969524-128969531 SNNy RT(1733843709428 342) q(0 0 0 -1) r(0 1) U24
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Cache-Control
public, max-age=0
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Referrer-Policy
origin
Permissions-Policy
interest-cohort=()
X-XSS-Protection
1; mode=block
Server
nginx
chunk-vendors~db300d2f.9d29b8dc.js
www.hasr.co.il/js/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/js/chunk-vendors~db300d2f.9d29b8dc.js
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
a274e3b321e44dad47cc16aa4486a98bc32b8f5de5825d72732a242239f06c00
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

Content-Encoding
gzip
ETag
W/"11da4-1939563d4c0"
Date
Tue, 10 Dec 2024 15:15:10 GMT
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding, Origin
Last-Modified
Thu, 05 Dec 2024 05:56:08 GMT
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Iinfo
0-62664898-62664900 SNNN RT(1733843708733 1091) q(0 0 0 -1) r(0 0) U24
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Cache-Control
public, max-age=0
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Referrer-Policy
origin
Permissions-Policy
interest-cohort=()
X-XSS-Protection
1; mode=block
Server
nginx
chunk-vendors~e806364e.d810b5ae.js
www.hasr.co.il/js/ 		74 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/js/chunk-vendors~e806364e.d810b5ae.js
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
c1a0d77342d3ae8aac537da42cd8faf4befa3d01fa98d74f6b017fe7a294154d
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

Content-Encoding
gzip
ETag
W/"129ef-1939563d4c0"
Date
Tue, 10 Dec 2024 15:15:10 GMT
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding, Origin
Last-Modified
Thu, 05 Dec 2024 05:56:08 GMT
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Iinfo
13-128969525-128969535 SNNy RT(1733843709438 388) q(0 0 0 -1) r(0 0) U24
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Cache-Control
public, max-age=0
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Referrer-Policy
origin
Permissions-Policy
interest-cohort=()
X-XSS-Protection
1; mode=block
Server
nginx
chunk-vendors~ec8c427e.520d6136.js
www.hasr.co.il/js/ 		119 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/js/chunk-vendors~ec8c427e.520d6136.js
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
aadbccbc267879319528b41d241e448c952fca41bf4a413523eef1e94fafeda6
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

Content-Encoding
gzip
ETag
W/"1daf1-1939563d4c0"
Date
Tue, 10 Dec 2024 15:15:10 GMT
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding, Origin
Last-Modified
Thu, 05 Dec 2024 05:56:08 GMT
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Iinfo
0-62664898-62664900 SNNN RT(1733843708733 1323) q(0 0 0 -1) r(0 0) U24
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Cache-Control
public, max-age=0
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Referrer-Policy
origin
Permissions-Policy
interest-cohort=()
X-XSS-Protection
1; mode=block
Server
nginx
chunk-vendors~f6c5c229.0f517065.js
www.hasr.co.il/js/ 		740 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/js/chunk-vendors~f6c5c229.0f517065.js
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
36ccc228a693ef7c44ac9e5cb8ea9152bb1758d47513587f87a273977a992bf1
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

Content-Encoding
gzip
ETag
W/"b8f3c-1939563d4c0"
Date
Tue, 10 Dec 2024 15:15:10 GMT
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding, Origin
Last-Modified
Thu, 05 Dec 2024 05:56:08 GMT
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Iinfo
13-128969525-128969535 SNNy RT(1733843709438 566) q(0 0 0 -1) r(0 0) U24
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Cache-Control
public, max-age=0
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Referrer-Policy
origin
Permissions-Policy
interest-cohort=()
X-XSS-Protection
1; mode=block
Server
nginx
chunk-vendors~fc2f81ef.48cfd4a8.js
www.hasr.co.il/js/ 		106 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/js/chunk-vendors~fc2f81ef.48cfd4a8.js
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
9bc7127ef43b10d4089cf2d9e805e2bc994c3c17c98da5cb809c38300874f8ee
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

Content-Encoding
gzip
ETag
W/"1a75f-1939563d4c0"
Date
Tue, 10 Dec 2024 15:15:10 GMT
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding, Origin
Last-Modified
Thu, 05 Dec 2024 05:56:08 GMT
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Iinfo
2-75351610-75351613 SNNy RT(1733843709434 640) q(0 0 0 -1) r(0 0) U24
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Cache-Control
public, max-age=0
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Referrer-Policy
origin
Permissions-Policy
interest-cohort=()
X-XSS-Protection
1; mode=block
Server
nginx
runtime~app.be5fb3dc.js
www.hasr.co.il/js/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/js/runtime~app.be5fb3dc.js
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
e9255fcb041815b15cf5b7617d7a94ea9e761e9d48a8073c27816ce86abc46eb
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

Content-Encoding
gzip
ETag
W/"2c8b-1939563d4c0"
Date
Tue, 10 Dec 2024 15:15:10 GMT
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding, Origin
Last-Modified
Thu, 05 Dec 2024 05:56:08 GMT
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Iinfo
13-128969523-128969532 SNNy RT(1733843709427 670) q(0 0 0 -1) r(1 1) U24
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Cache-Control
public, max-age=0
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Referrer-Policy
origin
Permissions-Policy
interest-cohort=()
X-XSS-Protection
1; mode=block
Server
nginx
vue.099a27b0.js
www.hasr.co.il/js/ 		666 KB
330 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/js/vue.099a27b0.js
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
0ba17481f1e02ba14f31f633d5b154614fd28d9eae6a8152eb6f70d1ed0d9f60
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

Content-Encoding
gzip
ETag
W/"a67ac-1939563d4c0"
Date
Tue, 10 Dec 2024 15:15:10 GMT
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding, Origin
Last-Modified
Thu, 05 Dec 2024 05:56:08 GMT
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Iinfo
13-128969524-128969531 SNNy RT(1733843709428 744) q(0 0 0 -1) r(1 1) U24
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Cache-Control
public, max-age=0
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Referrer-Policy
origin
Permissions-Policy
interest-cohort=()
X-XSS-Protection
1; mode=block
Server
nginx
_Incapsula_Resource
www.hasr.co.il/ 		82 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=88944810
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/remove?hash=vCLsO&valid=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
bcbbdccf4a813c99f2eb40db143b0cdcd61f6c98b8ccdaa71d04ab9c78382fbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Robots-Tag
noindex
Cache-Control
no-cache, no-store
Content-Encoding
gzip
Content-Length
19837
Content-Type
application/javascript
css
fonts.googleapis.com/ 		2 KB
827 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rubik:100,300
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/css/app.b9d0ee24.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
ESF /
Resource Hash
dce14ae0461d2c9e6e81f0f7e3c0f3e9d7a70feb76711c468ffa144eb2ada4aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 10 Dec 2024 15:15:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 15:15:10 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 10 Dec 2024 15:15:10 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
hotjar-2184647.js
static.hotjar.com/c/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2184647.js?sv=6
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/js/vue.099a27b0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.102.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-102-53.fra56.r.cloudfront.net
Software
/
Resource Hash
c9adec3013b54e40ca36022193ec66b0e27226cc47715dd5192443814d2ffe3a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
content-encoding
br
etag
W/ba5ef7b8b207269c491fcec8ba22ecc2
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
x-cache-hit
1
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
RefreshHit from cloudfront
x-amz-cf-id
Mh3keUxxL1GNParn17IFdiEBQy2T4bceIBQaSu5eu_xe-xcJ4oTf2A==
date
Tue, 10 Dec 2024 15:15:11 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
x-amz-cf-pop
FRA56-P2
chunk-28620258.81cf4d51.css
www.hasr.co.il/css/ 		159 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/css/chunk-28620258.81cf4d51.css
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/js/runtime~app.be5fb3dc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
c44aad42ccf33b7bcfb477a3270e935f3809eed85180a65cc82b261405dc1735
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

Content-Encoding
gzip
ETag
W/"9f-1939563d0d8"
Date
Tue, 10 Dec 2024 15:15:11 GMT
Content-Type
text/css; charset=UTF-8
Vary
Accept-Encoding, Origin
Last-Modified
Thu, 05 Dec 2024 05:56:07 GMT
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Iinfo
13-128969524-128969531 SNNy RT(1733843709428 1646) q(0 0 0 -1) r(0 0) U24
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Cache-Control
public, max-age=0
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Referrer-Policy
origin
Permissions-Policy
interest-cohort=()
X-XSS-Protection
1; mode=block
Server
nginx
chunk-28620258.459691a0.js
www.hasr.co.il/js/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/js/chunk-28620258.459691a0.js
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/js/runtime~app.be5fb3dc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
d70b7cd704bb5dac29a48831b3bf3e44786656ec8d9b6cda2434427f5e0bfd2d
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

Content-Encoding
gzip
ETag
W/"28c0-1939563d0d8"
Date
Tue, 10 Dec 2024 15:15:11 GMT
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding, Origin
Last-Modified
Thu, 05 Dec 2024 05:56:07 GMT
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Iinfo
0-62664898-62664900 SNNN RT(1733843708733 2330) q(0 0 0 -1) r(0 0) U24
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Cache-Control
public, max-age=0
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Referrer-Policy
origin
Permissions-Policy
interest-cohort=()
X-XSS-Protection
1; mode=block
Server
nginx
chunk-500d7fc7.9913fd68.css
www.hasr.co.il/css/ 		115 B
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/css/chunk-500d7fc7.9913fd68.css
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/js/runtime~app.be5fb3dc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
e7665986e888e8569ca1aacb7df594bccb4e26997e72fce0430294352ab8ae54
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

Content-Encoding
gzip
ETag
W/"73-1939563d4c0"
Date
Tue, 10 Dec 2024 15:15:11 GMT
Content-Type
text/css; charset=UTF-8
Vary
Accept-Encoding, Origin
Last-Modified
Thu, 05 Dec 2024 05:56:08 GMT
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Iinfo
13-128969525-128969535 SNNy RT(1733843709438 1641) q(0 0 0 -1) r(0 0) U24
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Cache-Control
public, max-age=0
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Referrer-Policy
origin
Permissions-Policy
interest-cohort=()
X-XSS-Protection
1; mode=block
Server
nginx
chunk-500d7fc7.776fc2f9.js
www.hasr.co.il/js/ 		539 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/js/chunk-500d7fc7.776fc2f9.js
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/js/runtime~app.be5fb3dc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
ad66c5feb3088d6c487a46003b9adeb56da65ac4c925a1202e76500bdbfb1727
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

Content-Encoding
gzip
ETag
W/"21b-1939563d4c0"
Date
Tue, 10 Dec 2024 15:15:11 GMT
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding, Origin
Last-Modified
Thu, 05 Dec 2024 05:56:08 GMT
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Iinfo
2-75351610-75351613 SNNy RT(1733843709434 1643) q(0 0 0 -1) r(0 0) U24
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Cache-Control
public, max-age=0
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Referrer-Policy
origin
Permissions-Policy
interest-cohort=()
X-XSS-Protection
1; mode=block
Server
nginx
xfbml.customerchat.js
connect.facebook.net/he_IL/sdk/ 		0
0
get-app-meta-data
www.hasr.co.il/auth/ 		325 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/auth/get-app-meta-data
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/js/chunk-vendors~253ae210.0d0faa5c.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
d1b910b808a71e9d111e3950415823588f51ccf368f940d69625c8efcdfb85ae
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Authorization
Bearer null
Referer
https://www.hasr.co.il/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json;charset=UTF-8

Response headers

Content-Encoding
gzip
ETag
W/"145-0POtR77zcKF6b+NUERfwapxtkyE"
Date
Tue, 10 Dec 2024 15:15:11 GMT
Content-Type
application/json; charset=utf-8
Vary
Accept-Encoding, Origin
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Iinfo
13-128969523-128969532 SNNy RT(1733843709427 1723) q(0 0 0 -1) r(1 1) U24
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Cache-Control
private
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Referrer-Policy
origin
Permissions-Policy
interest-cohort=()
Access-Control-Allow-Origin
https://www.hasr.co.il
X-XSS-Protection
1; mode=block
Server
nginx
chunk-2d0ae949.22a9cf5a.js
www.hasr.co.il/js/ 		591 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/js/chunk-2d0ae949.22a9cf5a.js
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/js/runtime~app.be5fb3dc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
b8fba164cbb305afcc400d2daf750ac7228e3b58a80fa62e8685b3e68e6ec200
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

Content-Encoding
gzip
ETag
W/"24f-1939563d0d8"
Date
Tue, 10 Dec 2024 15:15:11 GMT
Content-Type
application/javascript; charset=UTF-8
Vary
Accept-Encoding, Origin
Last-Modified
Thu, 05 Dec 2024 05:56:07 GMT
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Iinfo
13-128969525-128969535 SNNy RT(1733843709438 1843) q(0 0 0 -1) r(0 0) U24
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Cache-Control
public, max-age=0
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Referrer-Policy
origin
Permissions-Policy
interest-cohort=()
X-XSS-Protection
1; mode=block
Server
nginx
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-WYiFV0U1.woff2
fonts.gstatic.com/s/rubik/v28/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-WYiFV0U1.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:100,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
d447e3dda790bf9638b928b14c0783be54e5c8bb796e0f1d91dd6ee2e00351c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.hasr.co.il
Referer
https://fonts.googleapis.com/

Response headers

age
517409
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 04 Dec 2025 15:31:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 04 Dec 2024 15:31:42 GMT
last-modified
Thu, 29 Jun 2023 16:14:46 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
17556
x-xss-protection
0
server
sffe
materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/ 		394 KB
395 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/materialdesignicons-webfont.woff2?v=7.4.47
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.186.31 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
662fefa8f2f8a95c18588d21774789c107c64e771cbe65a69af46291c4311afc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.hasr.co.il
Referer
https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css

Response headers

access-control-expose-headers
*
cf-cache-status
HIT
etag
W/"62710-TiD2zPQxmd6lyFsjoODwuoH/7iY"
age
34440
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fOFI9EaNrniYttIGTbpo0gudH6tYQ2t%2BsW%2BbM5r1ze3RZtNFDY4HCokIDwOKFRyfjisRWVzeuUeBvchVJGtHVDyAJWDoLHTXHk4oNUs6TY95o2W0cMn2KMs2lU78nc1YJGk%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443"; ma=86400
x-cache
HIT, HIT
server-timing
cfExtPri
date
Tue, 10 Dec 2024 15:15:11 GMT
content-type
font/woff2
x-served-by
cache-fra-eddf8230112-FRA, cache-lga21929-LGA
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8efe305f5e067da4-TLV
accept-ranges
bytes
access-control-allow-origin
*
content-length
403216
server
cloudflare
x-jsd-version
7.4.47
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-WYiFVUU1Z4Y.woff2
fonts.gstatic.com/s/rubik/v28/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-WYiFVUU1Z4Y.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:100,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
2a0d29811657ea8172ceb099fa9f2ea4d2026daf9a0a8251bb5ea75e08d55822
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.hasr.co.il
Referer
https://fonts.googleapis.com/

Response headers

age
21200
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 09:21:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 10 Dec 2024 09:21:51 GMT
last-modified
Thu, 29 Jun 2023 16:18:56 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
4692
x-xss-protection
0
server
sffe
_Incapsula_Resource
www.hasr.co.il/ 		1 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hasr.co.il/_Incapsula_Resource?SWKMTFSR=1&e=0.03936035541408822
Requested by
Host: www.hasr.co.il
URL: https://www.hasr.co.il/remove
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Robots-Tag
noindex
Cache-Control
no-cache, no-store
Content-Length
1
Content-Type
text/plain
modules.675199526fcb21f102e5.js
script.hotjar.com/ 		222 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.675199526fcb21f102e5.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2184647.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-92.fra60.r.cloudfront.net
Software
/
Resource Hash
e61c3520c8110a709d981083ddc93cf042c2d2ba25a21903b5df270edb3a05c5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

x-robots-tag
none
content-encoding
br
etag
"787cb060b057c5d555662c23eb0e0d17"
age
4085
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
A4W7jfG9gQ8nLrSzvOONhO8G4u4IAYgpezENn0e777XQqwszfOALeQ==
date
Tue, 10 Dec 2024 14:07:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 10 Dec 2024 14:06:32 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 eb8dd67e239abea324e36244f60eec4c.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56361
x-amz-cf-pop
FRA60-P9
2184647
vc.hotjar.io/sessions/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/2184647?s=0.25&r=0.10796501558274607
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.675199526fcb21f102e5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.161.82.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-161-82-8.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

via
1.1 2a1069adbc6a1208306ee3de10fe9952.cloudfront.net (CloudFront)
access-control-allow-origin
*
cache-control
no-store
x-cache
Miss from cloudfront
x-amz-cf-id
LDGnFp_m50plxiJeh8YxbePJKZ3ljD_npqMDAIPpWVuhSNugJEgvLw==
date
Tue, 10 Dec 2024 15:15:13 GMT
x-amz-cf-pop
FRA56-P10
hasr.png
www.hasr.co.il/ 		7 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.hasr.co.il/hasr.png
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.46.233 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
nginx /
Resource Hash
8b14efdc1db464c65519938f4b2b6e4e43d5668db82ab955c45d533c1da36d10
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.hasr.co.il/

Response headers

ETag
W/"1dd1-17ef7486d50"
Date
Tue, 10 Dec 2024 15:15:13 GMT
Content-Type
image/png
Vary
Origin
Last-Modified
Mon, 14 Feb 2022 08:10:26 GMT
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Iinfo
13-128969525-128969535 SNNy RT(1733843709438 3923) q(0 0 0 -1) r(0 0) U24
Content-Security-Policy
default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Cache-Control
public, max-age=0
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Security-Policy-Report-Only
default-src 'self' https://vc.hotjar.io https://manager.eu.smartlook.cloud https://assets-proxy.smartlook.cloud https://web-writer.sg.smartlook.cloud https://maps.googleapis.com https://socialplugin.facebook.net https://www.facebook.com https://www.google-analytics.com;font-src 'self' https://script.hotjar.com https://fonts.gstatic.com https://use.fontawesome.com https://cdn.jsdelivr.net;img-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://rec.smartlook.com https://www.gstatic.com https://www.google.com https://code.jquery.com https://www.googletagmanager.com https://static.hotjar.com https://maps.googleapis.com https://connect.facebook.net https://script.hotjar.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.jsdelivr.net https://use.fontawesome.com; frame-src 'self' https://vars.hotjar.com https://www.google.com https://www.facebook.com
Referrer-Policy
origin
Permissions-Policy
interest-cohort=()
Accept-Ranges
bytes
Content-Length
7633
X-XSS-Protection
1; mode=block
Server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
connect.facebook.net
URL
https://connect.facebook.net/he_IL/sdk/xfbml.customerchat.js

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 number| pixel_from_start object| webpackJsonp object| google_tag_manager object| google_tag_data object| dataLayer object| cptable object| XLSX function| hj object| _hjSettings function| vueRecaptchaApiLoaded object| _0x31c0 function| _0x031c object| numberA function| onYouTubeIframeAPIReady object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled

6 Cookies

Domain/Path Name / Value
.hasr.co.il/ Name: visid_incap_2174157
Value: CvQRLE2YS7ew4s9DdBKY0PxaWGcAAAAAQUIPAAAAAAAq26h+gocvQPIdnNX4legg
.hasr.co.il/ Name: incap_ses_1052_2174157
Value: KuP1YLF0LkSDSVu8onSZDvxaWGcAAAAAaz9ZyTp5MUkHLT3QB0mqMg==
www.hasr.co.il/ Name: 019sms_login
Value: eyJ0eXAiOiJqd3QiLCJhbGciOiJIUzI1NiJ9.eyJmaXJzdF9rZXkiOjAsInNlY29uZF9rZXkiOiJ3d3cuaGFzci5jby5pbCIsImlzc3VlZEF0IjoiMjAyNC0xMi0xMFQxNzoxNToxMSswMjAwIiwidHRsIjoxODAwfQ.R9yP81ANaRPPgcH686v4GFFdaktsvDw_TzrYUvMnwyI%3B%20expires
www.hasr.co.il/ Name: USER_IP_IDENTIFY_LOGIN
Value: 31.187.78.183%2C%20198.143.51.5
.hasr.co.il/ Name: _hjSessionUser_2184647
Value: eyJpZCI6ImYyMGRkNGIzLWU2ZjktNTQxZS05MDg1LTEzNWQ3OWE2NzVkOCIsImNyZWF0ZWQiOjE3MzM4NDM3MTI2OTcsImV4aXN0aW5nIjpmYWxzZX0=
.hasr.co.il/ Name: _hjSession_2184647
Value: eyJpZCI6ImU2NGYyNmRmLTgwNjAtNDRhNC04MDgzLTZhMDlmOTEyOTJkMyIsImMiOjE3MzM4NDM3MTI2OTksInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
hasr.co.il
script.hotjar.com
static.hotjar.com
use.fontawesome.com
vc.hotjar.io
www.googletagmanager.com
www.hasr.co.il
connect.facebook.net
104.18.186.31
104.21.27.152
13.33.187.92
142.250.186.106
142.250.186.163
142.250.186.40
18.66.102.53
3.161.82.8
45.60.46.233
03fe3caba05e65b14e4035139eee89b12be87cd0bcf342ac3886770eec3a9962
0ba17481f1e02ba14f31f633d5b154614fd28d9eae6a8152eb6f70d1ed0d9f60
188ad913ef8d729e6b7d52f2e4b72145fbd36e7f3815b1f838e469ea5927a5cd
2a0d29811657ea8172ceb099fa9f2ea4d2026daf9a0a8251bb5ea75e08d55822
36ccc228a693ef7c44ac9e5cb8ea9152bb1758d47513587f87a273977a992bf1
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e
5c803e52ee6903b89d21b7bb8c55dd2c3f8606a5a742752c2fb2ea160a1a107a
5f7c9b18929667c76653e675b020d6e9ebbaf6a516d25dcc8c79231c28bae3c3
662fefa8f2f8a95c18588d21774789c107c64e771cbe65a69af46291c4311afc
6de5b42a76ee56522fd9f00a6b9d6ab4330fe43ec80677ebf030b316ad2a1b60
8b14efdc1db464c65519938f4b2b6e4e43d5668db82ab955c45d533c1da36d10
9490962f22231fb9ef5d8430b1ed76b480066a5dbd0feedf67c7d3391eb0ea47
9a4a9908e25387693c1b3a0941b42adc905c504a3f6081c9ee9a0bd3d7881233
9bc7127ef43b10d4089cf2d9e805e2bc994c3c17c98da5cb809c38300874f8ee
a274e3b321e44dad47cc16aa4486a98bc32b8f5de5825d72732a242239f06c00
aadbccbc267879319528b41d241e448c952fca41bf4a413523eef1e94fafeda6
ad66c5feb3088d6c487a46003b9adeb56da65ac4c925a1202e76500bdbfb1727
b33524f38f4c2f9dbae2c724ea23afe2db6586188f21969c5bd6f387d3cbc05a
b64471a80a6405aef70e8302a7a638fbaefb5939aec12b797428ec48c1eba975
b8fba164cbb305afcc400d2daf750ac7228e3b58a80fa62e8685b3e68e6ec200
bcbbdccf4a813c99f2eb40db143b0cdcd61f6c98b8ccdaa71d04ab9c78382fbf
c1a0d77342d3ae8aac537da42cd8faf4befa3d01fa98d74f6b017fe7a294154d
c44aad42ccf33b7bcfb477a3270e935f3809eed85180a65cc82b261405dc1735
c9adec3013b54e40ca36022193ec66b0e27226cc47715dd5192443814d2ffe3a
d1b910b808a71e9d111e3950415823588f51ccf368f940d69625c8efcdfb85ae
d447e3dda790bf9638b928b14c0783be54e5c8bb796e0f1d91dd6ee2e00351c0
d6af2189e30a342531dfa5c6f3a3faf2e838235257fb21065b09936e6f28a8a4
d70b7cd704bb5dac29a48831b3bf3e44786656ec8d9b6cda2434427f5e0bfd2d
dce14ae0461d2c9e6e81f0f7e3c0f3e9d7a70feb76711c468ffa144eb2ada4aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61c3520c8110a709d981083ddc93cf042c2d2ba25a21903b5df270edb3a05c5
e7665986e888e8569ca1aacb7df594bccb4e26997e72fce0430294352ab8ae54
e9255fcb041815b15cf5b7617d7a94ea9e761e9d48a8073c27816ce86abc46eb
ee4daec85d6dadfba4866e9955d451031dbc0df7972aa7ef965729b2dd04bf12
f2ca99aa88e2bc467e5b06145a357b60e477187dc4820a77feb605307fb75d96
fd719b908847ae24ef99536f79e3da97fc852b930b62f7f4b0fe6b5375c92c20