URL: https://office365-login.co.il/
Submission Tags: @phishunt_io
Submission: On July 02 via api from DE

Summary

This website contacted 26 IPs in 2 countries across 15 domains to perform 79 HTTP transactions. The main IP is 2606:4700:3031::ac43:ccde, located in United States and belongs to CLOUDFLARENET, US. The main domain is office365-login.co.il.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 2nd 2021. Valid for: a year.
This is the only time office365-login.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 2606:4700:303... 13335 (CLOUDFLAR...)
9 2600:9000:20e... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
1 35.174.194.37 14618 (AMAZON-AES)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 18.198.109.212 16509 (AMAZON-02)
1 142.250.185.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
79 26
Domain Requested by
9 www.youtube.com office365-login.co.il
www.youtube.com
9 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
9 office365-login.co.il office365-login.co.il
8 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
8 ws.sharethis.com w.sharethis.com
ws.sharethis.com
office365-login.co.il
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.youtube.com
googleads.g.doubleclick.net
7 pagead2.googlesyndication.com office365-login.co.il
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
2 www.gstatic.com www.youtube.com
googleads.g.doubleclick.net
2 www.google.com www.youtube.com
tpc.googlesyndication.com
2 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 l.sharethis.com w.sharethis.com
office365-login.co.il
2 www.google-analytics.com office365-login.co.il
www.google-analytics.com
2 fonts.googleapis.com office365-login.co.il
googleads.g.doubleclick.net
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 count-server.sharethis.com ws.sharethis.com
1 c.sharethis.mgr.consensu.org w.sharethis.com
1 ajax.googleapis.com office365-login.co.il
1 w.sharethis.com office365-login.co.il
79 23

This site contains links to these domains. Also see Links.

Domain
login.microsoftonline.com
mail.office365.com
portal.microsoftonline.com
250.co.il
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-05-02 -
2022-05-01
a year crt.sh
sharethis.com
Amazon
2020-08-17 -
2021-09-16
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-06-07 -
2021-08-30
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-06-07 -
2021-08-30
3 months crt.sh
sharethis.mgr.consensu.org
Amazon
2021-04-07 -
2022-05-06
a year crt.sh
*.google.com
GTS CA 1C3
2021-06-07 -
2021-08-30
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-06-07 -
2021-08-30
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-06-07 -
2021-08-30
3 months crt.sh
*.google.de
GTS CA 1C3
2021-06-07 -
2021-08-30
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2021-06-07 -
2021-08-30
3 months crt.sh
www.google.com
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2021-05-31 -
2021-08-23
3 months crt.sh
edgestatic.com
GTS CA 1C3
2021-06-07 -
2021-08-30
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-06-07 -
2021-08-30
3 months crt.sh

This page contains 12 frames:

Primary Page: https://office365-login.co.il/
Frame ID: 20B21128053BE37E7E89CC1E1EC8C408
Requests: 36 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: D1D69C7CEA2C0E7BFB5CA1C1FDEB8BBC
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/7FxIRqhRa3w
Frame ID: 7CEC234CB57AA6AC8AB028DA4829C991
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210630/r20190131/zrt_lookup.html
Frame ID: 54FFD326FA4C3CABA48C1E9C9309797F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&adk=1812271804&adf=3025194257&lmt=1620063081&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Foffice365-login.co.il%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625235998762&bpp=3&bdt=165&idt=73&shv=r20210630&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1873812502054&frm=20&pv=2&ga_vid=229771899.1625235999&ga_sid=1625235999&ga_hid=1516855728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=264524781967606&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=88
Frame ID: 53766E00A3F2D4E87DFB6470DA6CCF4B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625235998765&bpp=1&bdt=168&idt=92&shv=r20210630&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1873812502054&frm=20&pv=1&ga_vid=229771899.1625235999&ga_sid=1625235999&ga_hid=1516855728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=264524781967606&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EVPx9mn2OM&p=https%3A//office365-login.co.il&dtd=113
Frame ID: AA26369A0D677531D7829A7BBA4FB502
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=3723614189&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625235998766&bpp=1&bdt=169&idt=117&shv=r20210630&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=1873812502054&frm=20&pv=1&ga_vid=229771899.1625235999&ga_sid=1625235999&ga_hid=1516855728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=264524781967606&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wudgiGVjXN&p=https%3A//office365-login.co.il&dtd=119
Frame ID: 70F3E0B20B21018430745DF2A3AA03E8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=2905302740&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625235998767&bpp=1&bdt=170&idt=122&shv=r20210630&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=1873812502054&frm=20&pv=1&ga_vid=229771899.1625235999&ga_sid=1625235999&ga_hid=1516855728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=264524781967606&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Tme1NUTzCQ&p=https%3A//office365-login.co.il&dtd=124
Frame ID: 6F759312AE70D25E1D046B09003AFA32
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js
Frame ID: 1681B48DCB23A3CA6F2E9886BD2F4F4C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: E9254F94F4C1BD3FDED7CC19C7EB8893
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AFACD54C096CB09EE028E896598E0C0B
Requests: 1 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure/index.html
Frame ID: 0C25BC65161B47A3E87B7C79D31EEC83
Requests: 2 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Overall confidence: 100%
Detected patterns
  • script /w\.sharethis\.com\//i

Page Statistics

79
Requests

100 %
HTTPS

88 %
IPv6

15
Domains

23
Subdomains

26
IPs

2
Countries

1387 kB
Transfer

4112 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

79 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
office365-login.co.il/
9 KB
3 KB
Document
General
Full URL
https://office365-login.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:ccde , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18355c68390338e3c804dead124a3df2bf019fc57f46597225bc8c957496936f

Request headers

:method
GET
:authority
office365-login.co.il
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:26:38 GMT
content-type
text/html
last-modified
Mon, 03 May 2021 17:31:21 GMT
vary
Accept-Encoding
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=pGL2uLXybA24v5BIGNkBX5XcXCirSM2NSt91tqIZuf6USUveeq%2F8AK926xRumG2wPnmYywrh1ok657YDVod3tKIH2GTVNh8UYg%2BCZyITvhhC3bRbDz7U5ZjgjQ4FGkBeQh1WtxiKz8HKypidDOpU"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
66888cde88d60605-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
bootstrap.css
office365-login.co.il/style/
108 KB
16 KB
Stylesheet
General
Full URL
https://office365-login.co.il/style/bootstrap.css
Requested by
Host: office365-login.co.il
URL: https://office365-login.co.il/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ccde , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6121ec11f6f973764c805699924fc8de985509e321254c5b23e5a859aaf5e03

Request headers

:path
/style/bootstrap.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
office365-login.co.il
referer
https://office365-login.co.il/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:26:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5513
cf-polished
origSize=116486
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 25 Jun 2013 13:06:02 GMT
server
cloudflare
etag
W/"1c706-4dffa30e56280-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=wefx74tatWU%2Bx4tjbXFCYRTxhreRDLrtsD0ja4c230JD%2Fy%2Foy13TVbzgxupRKBOpjv0lp%2Bwd6yBZq7IwZfWjslufKGjnLpVe4gKzWFrwIJLr6v3b3g1tNk8rosQegBxPayFW4cPmzARnDmzOWJAK"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
66888cdf5ddcdfdb-FRA
cf-bgj
minify
font-awesome.css
office365-login.co.il/style/
13 KB
3 KB
Stylesheet
General
Full URL
https://office365-login.co.il/style/font-awesome.css
Requested by
Host: office365-login.co.il
URL: https://office365-login.co.il/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ccde , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aff0fe9c5bb0b48251cc524c2f70eb71353076fb39203f634c9dbe0dd1f6226e

Request headers

:path
/style/font-awesome.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
office365-login.co.il
referer
https://office365-login.co.il/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:26:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5513
cf-polished
origSize=19557
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 25 Jun 2013 13:06:01 GMT
server
cloudflare
etag
W/"4c65-4dffa30d62040-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=%2BaPKX13%2BjAUjwtf8xEER7mWgDW4T6FLg6Il4ny18xh5bkcWkm54%2FjwRvcl4F%2FgS7%2BptZnA9O%2BrypMNuV8hz2S8s0KZJAmzeYBKRnVVfvtt1nqtFU9sXOXd3kh%2F%2FR84ge6jROSqt5gHeJMPy79Tvv"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
66888cdf5dd9dfdb-FRA
cf-bgj
minify
style.css
office365-login.co.il/style/
23 KB
5 KB
Stylesheet
General
Full URL
https://office365-login.co.il/style/style.css
Requested by
Host: office365-login.co.il
URL: https://office365-login.co.il/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ccde , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3addf610b495fe6cfd73ebfac82f86b7ec7acd54f18e3a8e3c79528302c47c0

Request headers

:path
/style/style.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
office365-login.co.il
referer
https://office365-login.co.il/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:26:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5513
cf-polished
origSize=31404
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 25 Jun 2013 13:06:02 GMT
server
cloudflare
etag
W/"7aac-4dffa30e56280-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SY4lr3CKSO4jNKxOaMaXNZL4xcPWH59rVIaRev3ep81AFeMD%2FoSSRaHij4usBVsWIdUlndupArP8ElppTcsY3Sofyih7zlV1kwlYBxh2N9rHsoxeQZe197uoLurMxu2qoHNKMAO9MM%2Fk8VJAhU9C"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
66888cdf5dd3dfdb-FRA
cf-bgj
minify
lblue.css
office365-login.co.il/style/
1 KB
971 B
Stylesheet
General
Full URL
https://office365-login.co.il/style/lblue.css
Requested by
Host: office365-login.co.il
URL: https://office365-login.co.il/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ccde , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf5883ce5f30c835f5f46139cb23f16db3d4edcc851b798409173fd12449c3b4

Request headers

:path
/style/lblue.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
office365-login.co.il
referer
https://office365-login.co.il/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:26:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5513
cf-polished
origSize=1774
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 25 Jun 2013 13:06:02 GMT
server
cloudflare
etag
W/"6ee-4dffa30e56280-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ozJOXEa7HJ3OnsrSnHyCdMLOzKpP0GwAdAXnLj5XYPhe1fbtQxFo0mYUOnASCsS%2B3l2yC3sCdJipgFnllhu8M8CR8XxDPJggX4Ez4iYbmX78VkhAgCNczVDbZAhuo5iS%2FCclKfwXlpmMRZKQ5THA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
66888cdf5ddadfdb-FRA
cf-bgj
minify
bootstrap-responsive.css
office365-login.co.il/style/
11 KB
3 KB
Stylesheet
General
Full URL
https://office365-login.co.il/style/bootstrap-responsive.css
Requested by
Host: office365-login.co.il
URL: https://office365-login.co.il/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ccde , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ab2d37103d429a8d794024db503039481ea04c9b8995f95fd4a3675754537ac

Request headers

:path
/style/bootstrap-responsive.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
office365-login.co.il
referer
https://office365-login.co.il/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:26:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5513
cf-polished
origSize=21447
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 25 Jun 2013 13:06:00 GMT
server
cloudflare
etag
W/"53c7-4dffa30c6de00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0TGUGd9HjZDO8244Ty10Lkz06%2FqoETW1JAocdqx1oyGAdgqHclPX7dHcRsDjgUqLt1j%2F3fPvZacxedFe6noFRgDF%2BAkDma1qND1smMSIaydj%2B2oO2rNL1PHyEU9Y8esvfbCX9BJtCFcIM%2FvF%2FoIa"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
66888cdf5ddbdfdb-FRA
cf-bgj
minify
buttons.js
w.sharethis.com/button/
59 KB
17 KB
Script
General
Full URL
https://w.sharethis.com/button/buttons.js
Requested by
Host: office365-login.co.il
URL: https://office365-login.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
101952754cb8c2ae6e1b8b8cba16dc2a9b47e6e808bd563a8b87d0561daf7d85

Request headers

Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 09:44:36 GMT
content-encoding
gzip
server
nginx/1.16.1
age
103322
etag
W/"60256fd0-eabe"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
cache-control
max-age=259200
x-amz-cf-pop
FRA2-C1
x-robots-tag
noindex, nofollow
content-length
16639
x-amz-cf-id
8AwwZuf29fzq_7oNfwHxq6z6UW5a-4wfM1TdfyOM98HLD4zuKCR1ig==
expires
Sun, 04 Jul 2021 09:44:36 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
135 KB
48 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5857703812409507
Requested by
Host: office365-login.co.il
URL: https://office365-login.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
789d25597a48ee75857b4f804d9bc81fe5c0484b6f05cf76c3c6335948c41cb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://office365-login.co.il
Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:26:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48740
x-xss-protection
0
server
cafe
etag
4822591463873944812
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 02 Jul 2021 14:26:38 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/
90 KB
32 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: office365-login.co.il
URL: https://office365-login.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:15:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
692
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33018
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Jul 2022 14:15:06 GMT
bootstrap.js
office365-login.co.il/js/
31 KB
8 KB
Script
General
Full URL
https://office365-login.co.il/js/bootstrap.js
Requested by
Host: office365-login.co.il
URL: https://office365-login.co.il/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ccde , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a271908459f412648865c52f284ec5fdc1dac8b6074d32f75a72d8103867f2fd

Request headers

:path
/js/bootstrap.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
office365-login.co.il
referer
https://office365-login.co.il/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:26:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5513
cf-polished
origSize=31596
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 25 Jun 2013 13:05:59 GMT
server
cloudflare
etag
W/"7b6c-4dffa30b79bc0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=kfn%2FTGGy1zZcOl8dyjkFDsjVyCAUK4Ejwpqzpy%2Bf9mVwziNFo2GkI8GkUqL3JQsjauqKBb0TLJZKXBme7s2dqy61pmTQ9JUo2%2FTxi8CUocx4jLEnqOFmd9STL3jMobY8tMu36csycIw9BdMdEjSA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
66888cdf5dd6dfdb-FRA
cf-bgj
minify
modernizr.custom.28468.js
office365-login.co.il/js/
7 KB
4 KB
Script
General
Full URL
https://office365-login.co.il/js/modernizr.custom.28468.js
Requested by
Host: office365-login.co.il
URL: https://office365-login.co.il/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ccde , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54e0095946406ad3449ee0bd4f1e6e08403f97b767f4611be9e9c2e1c9ef5b33

Request headers

:path
/js/modernizr.custom.28468.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
office365-login.co.il
referer
https://office365-login.co.il/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:26:38 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5513
cf-polished
origSize=7521
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Tue, 25 Jun 2013 13:05:58 GMT
server
cloudflare
etag
W/"1d61-4dffa30a85980-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=srZw79omlEQFLEo49o5YaWfQlW8sbzU%2BUI%2BMJtMPqvPeY1%2Bc%2BSf38RMaZ2pGYyGjAnY0YNU%2F970wgdt3Hd0tBDQk7z5yjGrAkQJQEyngJSsnydbTgHcUX3K4L%2FepgD3fpByeTqEE2uhWhT9V7TBF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
66888cdf5ddedfdb-FRA
cf-bgj
minify
css
fonts.googleapis.com/
10 KB
950 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400italic,700italic,400,700
Requested by
Host: office365-login.co.il
URL: https://office365-login.co.il/style/bootstrap.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4635b48f19fd4496699f611a687ab8e77121776112be215a5b35e8a0986ca48c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 02 Jul 2021 14:26:38 GMT
server
ESF
date
Fri, 02 Jul 2021 14:26:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Jul 2021 14:26:38 GMT
async-buttons.js
ws.sharethis.com/button/
89 KB
19 KB
Script
General
Full URL
https://ws.sharethis.com/button/async-buttons.js
Requested by
Host: w.sharethis.com
URL: https://w.sharethis.com/button/buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
f3bc548fe0ec38e954e193e2048fcd89948a61e9b321e69476b807cfb530215b

Request headers

Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 18:14:50 GMT
content-encoding
gzip
server
nginx/1.16.1
age
72708
etag
W/"60257011-16245"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
cache-control
max-age=259200
x-amz-cf-pop
FRA2-C1
x-robots-tag
noindex, nofollow
content-length
18815
x-amz-cf-id
HM4sKp5b_OyTrNzKjWTROdVjkHJ1vNaUnGNB4vXp0d6o29LDmbj4jg==
expires
Sun, 04 Jul 2021 18:14:50 GMT
fontawesome-webfont.woff
office365-login.co.il/font/
43 KB
43 KB
Font
General
Full URL
https://office365-login.co.il/font/fontawesome-webfont.woff
Requested by
Host: office365-login.co.il
URL: https://office365-login.co.il/style/font-awesome.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:ccde , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f

Request headers

:path
/font/fontawesome-webfont.woff
pragma
no-cache
origin
https://office365-login.co.il
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
office365-login.co.il
referer
https://office365-login.co.il/style/font-awesome.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://office365-login.co.il
Referer
https://office365-login.co.il/style/font-awesome.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:26:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 25 Jun 2013 13:07:53 GMT
server
cloudflare
age
5513
etag
W/"aa34-4dffa37831c40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=jMu91xzKUWMWfZ1iFHUozm8fJQgnmbIp30zjKqpAb63qjFnszqpPe31vw1b3J93k9aO5OFWeN2eNjGNGHxu5CIuinlOopu3fSr8K90OggfGPTBEahE02M125GhnRkbCS%2FDtEBG%2FqL5IUpTwU4%2FtB"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
66888cdfbe60dfdb-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v20/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400italic,700italic,400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://office365-login.co.il
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 10:05:12 GMT
x-content-type-options
nosniff
age
188486
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14992
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:24 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 10:05:12 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400italic,700italic,400,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://office365-login.co.il
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 13:09:35 GMT
x-content-type-options
nosniff
age
177423
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 13:09:35 GMT
portal-v2.html
c.sharethis.mgr.consensu.org/ Frame D1D6
2 KB
1 KB
Document
General
Full URL
https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by
Host: w.sharethis.com
URL: https://w.sharethis.com/button/buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:e00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6

Request headers

:method
GET
:authority
c.sharethis.mgr.consensu.org
:scheme
https
:path
/portal-v2.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://office365-login.co.il/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://office365-login.co.il/

Response headers

content-type
text/html; charset=utf-8
cache-control
max-age=3600, public
content-encoding
gzip
date
Fri, 02 Jul 2021 14:25:19 GMT
etag
W/"865-g9QqzjbIJI1xmvSY3DM2A/8Cpl8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
NG2WbhIT9nHDi57LALYUEv77Sdx1Mmsb5WAju3f6OmGQp9VuHc9Fvg==
age
79
7FxIRqhRa3w
www.youtube.com/embed/ Frame 7CEC
54 KB
22 KB
Document
General
Full URL
https://www.youtube.com/embed/7FxIRqhRa3w
Requested by
Host: office365-login.co.il
URL: https://office365-login.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0335381d4e7109a9ce4bc3e137e192d5a4d8182963f9ad988f1f24e03a99e0d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/7FxIRqhRa3w
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://office365-login.co.il/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://office365-login.co.il/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 02 Jul 2021 14:26:38 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=Ov-T1qT_ElE; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=C8qZ4vuT108; Domain=.youtube.com; Expires=Wed, 29-Dec-2021 14:26:38 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+646; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: office365-login.co.il
URL: https://office365-login.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
2713
date
Fri, 02 Jul 2021 13:41:25 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Fri, 02 Jul 2021 15:41:25 GMT
mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400italic,700italic,400,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://office365-login.co.il
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 29 Jun 2021 16:31:16 GMT
x-content-type-options
nosniff
age
251722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15112
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:50 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Jun 2022 16:31:16 GMT
mem8YaGs126MiZpBA-UFW50bbck.woff2
fonts.gstatic.com/s/opensans/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFW50bbck.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400italic,700italic,400,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://office365-login.co.il
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 02:21:39 GMT
x-content-type-options
nosniff
age
216299
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11316
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:25 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 02:21:39 GMT
buttons-secure.css
ws.sharethis.com/button/css/
23 KB
4 KB
Stylesheet
General
Full URL
https://ws.sharethis.com/button/css/buttons-secure.css
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05

Request headers

Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 19:54:39 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 17:57:38 GMT
server
nginx/1.16.1
age
66719
etag
W/"60257012-5a76"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-robots-tag
noindex, nofollow
content-length
3851
x-amz-cf-id
UBS8QpUoqg-ohPgfmnxH7wALUqhZJTieivOUksG2QwC_xSkxyTX29Q==
get_counts
count-server.sharethis.com/v2.0/
232 B
478 B
Script
General
Full URL
https://count-server.sharethis.com/v2.0/get_counts?url=https%3A%2F%2Foffice365-login.co.il%2F&cb=stButtons.processCB&wd=true
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.194.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-194-37.compute-1.amazonaws.com
Software
/ Express
Resource Hash
f7c1a447dd5df632e09cb03fc8e264c6ca815e6bf90e8732c8534152bce49328

Request headers

Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 14:26:39 GMT
Cache-Control
public, max-age=900
ETag
78574919c48ed7310dd9b52d1438d84f
Connection
keep-alive
X-Powered-By
Express
Content-Length
232
Content-Type
text/javascript; charset=utf-8
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/
240 KB
89 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5857703812409507&plah=office365-login.co.il&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5857703812409507
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c107239496609ede285e80b91336c653f68e65956a25b489ef9b4d9591d07ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:26:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91175
x-xss-protection
0
server
cafe
etag
16806287549005047208
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 02 Jul 2021 14:26:38 GMT
facebook_counter.png
ws.sharethis.com/images/2017/
2 KB
3 KB
Image
General
Full URL
https://ws.sharethis.com/images/2017/facebook_counter.png
Requested by
Host: office365-login.co.il
URL: https://office365-login.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75

Request headers

Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 19:07:06 GMT
via
1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
server
nginx/1.16.1
age
12165572
etag
"60256fcb-977"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
2423
x-amz-cf-id
h-_lWhGsdFSTu2DRzJdWKX8nGYbtNUSdGwMnqphEBEL6X0_-znD1Xw==
expires
Fri, 11 Feb 2022 19:07:06 GMT
linkedin_counter.png
ws.sharethis.com/images/2017/
2 KB
3 KB
Image
General
Full URL
https://ws.sharethis.com/images/2017/linkedin_counter.png
Requested by
Host: office365-login.co.il
URL: https://office365-login.co.il/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
0e3f83554765fa48514ce0a169441466f92010d01cdc716003e02317bffc6993

Request headers

Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Feb 2021 19:07:06 GMT
via
1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
server
nginx/1.16.1
age
12165572
etag
"60256fcb-9e1"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
2529
x-amz-cf-id
aORTeU6YBV3-BTecmoFHY8JiP3Ck5hzmsWnoWOmzw3XaliTOTC8EDg==
expires
Fri, 11 Feb 2022 19:07:06 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210630/r20190131/ Frame 54FF
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210630/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5857703812409507
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210630/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://office365-login.co.il/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://office365-login.co.il/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 02 Jul 2021 04:01:27 GMT
expires
Fri, 16 Jul 2021 04:01:27 GMT
content-type
text/html; charset=UTF-8
etag
15579341980913220427
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
37511
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bubble_arrow.png
ws.sharethis.com/secure/images/
979 B
1 KB
Image
General
Full URL
https://ws.sharethis.com/secure/images/bubble_arrow.png
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
516630dc137782b6ea784ed6891b487b8a2fff9be9ed921977008453039cc1fe

Request headers

Referer
https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 11 Jun 2021 23:35:01 GMT
via
1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
server
nginx/1.16.1
age
1781497
etag
"60257011-3d3"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
979
x-amz-cf-id
jKJdTwq-MyzjMT8y1dw0u9KHxNSHckJNvd4fe2Ur3PRCWlKbYKYmGQ==
expires
Sat, 11 Jun 2022 23:35:01 GMT
googleplus_16.png
ws.sharethis.com/images/2017/
2 KB
2 KB
Image
General
Full URL
https://ws.sharethis.com/images/2017/googleplus_16.png
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/css/buttons-secure.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
592a848da6f427ea5d9169179bd309484f531d3c23c5aaf858afa22fc28d40c8

Request headers

Referer
https://ws.sharethis.com/button/css/buttons-secure.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 15 Jun 2021 19:35:30 GMT
via
1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
server
nginx/1.16.1
age
1450268
etag
"60256fcb-61f"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
1567
x-amz-cf-id
FlHsrF7QnFJlLzptYDJxJBrK7YfTv6Xu-L6TWvgBCRBfHHYoEI6suA==
expires
Wed, 15 Jun 2022 19:35:30 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1516855728&t=pageview&_s=1&dl=https%3A%2F%2Foffice365-login.co.il%2F&ul=en-us&de=UTF-8&dt=Office%20365%20login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=1351949330&gjid=974278241&cid=229771899.1625235999&tid=UA-6461311-32&_gid=264103022.1625235999&_r=1&_slc=1&z=1637032978
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 14:26:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://office365-login.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pview
l.sharethis.com/
0
343 B
XHR
General
Full URL
https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1625235998670.83985&hostname=office365-login.co.il&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=b8696446-30b6-4dc5-9e4c-d3140afd5643&bsamesite=true&consent_cookie_duration=152&consent_duration=152&gdpr_domain=.consensu.org&gdpr_method=cookie&url=https%3A%2F%2Foffice365-login.co.il%2F&title=Office%20365%20login&sop=false&description=Login%20to%20your%20Office%20365%20portal%20or%20webmail%20with%20a%20simple%20click.
Requested by
Host: w.sharethis.com
URL: https://w.sharethis.com/button/buttons.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 14:26:38 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://office365-login.co.il
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
www-player-webp.css
www.youtube.com/s/player/7acefd5d/ Frame 7CEC
324 KB
45 KB
Stylesheet
General
Full URL
https://www.youtube.com/s/player/7acefd5d/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7FxIRqhRa3w
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6c3d5fa60e4bf93e81d7df8456be46e03d60e70378e9af123c010a610e49192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/7FxIRqhRa3w
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 20:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 30 Jun 2021 00:20:32 GMT
server
sffe
age
65156
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45801
x-xss-protection
0
expires
Fri, 01 Jul 2022 20:20:42 GMT
www-embed-player.js
www.youtube.com/s/player/7acefd5d/www-embed-player.vflset/ Frame 7CEC
192 KB
63 KB
Script
General
Full URL
https://www.youtube.com/s/player/7acefd5d/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7FxIRqhRa3w
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4118e3905681f28cf8dc9eb48bd5aabd36bff99666193810868d9182ba9686da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/7FxIRqhRa3w
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 14:40:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
171969
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64943
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 00:20:32 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Jun 2022 14:40:29 GMT
base.js
www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/ Frame 7CEC
2 MB
486 KB
Script
General
Full URL
https://www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7FxIRqhRa3w
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75b0a7bd1689b8f44e349e382ac54c3004d8559c347546ec7f3aea716cad758f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/7FxIRqhRa3w
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 18:56:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
70233
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
497452
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 00:20:32 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 01 Jul 2022 18:56:05 GMT
fetch-polyfill.js
www.youtube.com/s/player/7acefd5d/fetch-polyfill.vflset/ Frame 7CEC
8 KB
3 KB
Script
General
Full URL
https://www.youtube.com/s/player/7acefd5d/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7FxIRqhRa3w
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/7FxIRqhRa3w
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 13:32:51 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 30 Jun 2021 00:20:32 GMT
server
sffe
age
3227
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2830
x-xss-protection
0
expires
Sat, 02 Jul 2022 13:32:51 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 7CEC
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7FxIRqhRa3w
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 08:09:57 GMT
x-content-type-options
nosniff
age
195401
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 08:09:57 GMT
cookie.js
partner.googleadservices.com/gampad/
211 B
664 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=office365-login.co.il&callback=_gfp_s_&client=ca-pub-5857703812409507
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5857703812409507&plah=office365-login.co.il&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
57da1975a1a566cf1da2db57ab91d84b0a92b174e4c1da8ab4d60ef2c600de60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:26:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
198
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=office365-login.co.il
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5857703812409507&plah=office365-login.co.il&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 02 Jul 2021 14:26:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=office365-login.co.il
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5857703812409507&plah=office365-login.co.il&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 02 Jul 2021 14:26:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5376
0
19 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&adk=1812271804&adf=3025194257&lmt=1620063081&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Foffice365-login.co.il%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625235998762&bpp=3&bdt=165&idt=73&shv=r20210630&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1873812502054&frm=20&pv=2&ga_vid=229771899.1625235999&ga_sid=1625235999&ga_hid=1516855728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=264524781967606&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=88
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5857703812409507&plah=office365-login.co.il&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5857703812409507&output=html&adk=1812271804&adf=3025194257&lmt=1620063081&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Foffice365-login.co.il%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625235998762&bpp=3&bdt=165&idt=73&shv=r20210630&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1873812502054&frm=20&pv=2&ga_vid=229771899.1625235999&ga_sid=1625235999&ga_hid=1516855728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=264524781967606&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=88
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://office365-login.co.il/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://office365-login.co.il/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 02 Jul 2021 14:26:38 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 02-Jul-2021 14:41:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 02 Jul 2021 14:26:38 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5857703812409507&plah=office365-login.co.il&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a9a19e56cdf55a52ccdc15ae0f7bc04cf281e9039c1f33383266fe60df71b51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:26:38 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1625082173397852"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27722
x-xss-protection
0
expires
Fri, 02 Jul 2021 14:26:38 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame AA26
61 KB
22 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625235998765&bpp=1&bdt=168&idt=92&shv=r20210630&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1873812502054&frm=20&pv=1&ga_vid=229771899.1625235999&ga_sid=1625235999&ga_hid=1516855728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=264524781967606&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EVPx9mn2OM&p=https%3A//office365-login.co.il&dtd=113
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5857703812409507&plah=office365-login.co.il&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
82ebc46237f684fc9b9d1206e7c06e1f89993df7262d24b451f724717178643d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625235998765&bpp=1&bdt=168&idt=92&shv=r20210630&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1873812502054&frm=20&pv=1&ga_vid=229771899.1625235999&ga_sid=1625235999&ga_hid=1516855728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=264524781967606&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EVPx9mn2OM&p=https%3A//office365-login.co.il&dtd=113
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://office365-login.co.il/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://office365-login.co.il/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 02 Jul 2021 14:26:39 GMT
server
cafe
content-length
22135
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 02-Jul-2021 14:41:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 02 Jul 2021 14:26:39 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 70F3
430 B
231 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=3723614189&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625235998766&bpp=1&bdt=169&idt=117&shv=r20210630&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=1873812502054&frm=20&pv=1&ga_vid=229771899.1625235999&ga_sid=1625235999&ga_hid=1516855728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=264524781967606&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wudgiGVjXN&p=https%3A//office365-login.co.il&dtd=119
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5857703812409507&plah=office365-login.co.il&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00f8fcc97db3d00d2e70589631ddc43e7fb7bef87c3dedc3933f6551a11b2c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=3723614189&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625235998766&bpp=1&bdt=169&idt=117&shv=r20210630&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=1873812502054&frm=20&pv=1&ga_vid=229771899.1625235999&ga_sid=1625235999&ga_hid=1516855728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=264524781967606&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&xpc=wudgiGVjXN&p=https%3A//office365-login.co.il&dtd=119
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://office365-login.co.il/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://office365-login.co.il/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 02 Jul 2021 14:26:39 GMT
server
cafe
content-length
208
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 02-Jul-2021 14:41:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 02 Jul 2021 14:26:39 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 6F75
430 B
229 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=2905302740&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625235998767&bpp=1&bdt=170&idt=122&shv=r20210630&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=1873812502054&frm=20&pv=1&ga_vid=229771899.1625235999&ga_sid=1625235999&ga_hid=1516855728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=264524781967606&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Tme1NUTzCQ&p=https%3A//office365-login.co.il&dtd=124
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5857703812409507&plah=office365-login.co.il&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6838d0791382d1504f9baa2c1b9a296e9233b62f52025bc6637dd0b5913da50c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=3485054897&adf=2905302740&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625235998767&bpp=1&bdt=170&idt=122&shv=r20210630&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C300x250&nras=1&correlator=1873812502054&frm=20&pv=1&ga_vid=229771899.1625235999&ga_sid=1625235999&ga_hid=1516855728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=264524781967606&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CneEr%7C&abl=CS&pfx=0&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&xpc=Tme1NUTzCQ&p=https%3A//office365-login.co.il&dtd=124
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://office365-login.co.il/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://office365-login.co.il/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 02 Jul 2021 14:26:39 GMT
server
cafe
content-length
206
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 02-Jul-2021 14:41:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 02 Jul 2021 14:26:39 GMT
cache-control
private
pview
l.sharethis.com/
0
315 B
Image
General
Full URL
https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1625235998670.83985&hostname=office365-login.co.il&location=%2F&product=widget&fcmp=false&fcmpv2=false&publisher=b8696446-30b6-4dc5-9e4c-d3140afd5643&bsamesite=true&consent_cookie_duration=152&consent_duration=152&gdpr_domain=.consensu.org&gdpr_method=cookie&url=https%3A%2F%2Foffice365-login.co.il%2F&title=Office%20365%20login&sop=false&description=Login%20to%20your%20Office%20365%20portal%20or%20webmail%20with%20a%20simple%20click.&gdpr_domain=.consensu.org&gdpr_method=cookie&description=Login%20to%20your%20Office%20365%20portal%20or%20webmail%20with%20a%20simple%20click.&img_pview=true
Requested by
Host: office365-login.co.il
URL: https://office365-login.co.il/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 02 Jul 2021 14:26:38 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
id
googleads.g.doubleclick.net/pagead/ Frame 7CEC
113 B
161 B
XHR
General
Full URL
https://googleads.g.doubleclick.net/pagead/id
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7acefd5d/www-embed-player.vflset/www-embed-player.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
80a5d0b2983eac432da573ad8ed1bbe0910d95d373b24959854c9b311b43717a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:26:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 7CEC
29 B
91 B
Script
General
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7acefd5d/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:17:21 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
557
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Fri, 02 Jul 2021 14:32:21 GMT
remote.js
www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/ Frame 7CEC
94 KB
29 KB
Script
General
Full URL
https://www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9b9e10132c1000cef53bc06b39c845b1d522ca85222ff94f07bdc31fb3d16f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/7FxIRqhRa3w
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 14:40:29 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 30 Jun 2021 00:20:32 GMT
server
sffe
age
171970
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29554
x-xss-protection
0
expires
Thu, 30 Jun 2022 14:40:29 GMT
8LWF8Aw1Pw4CbeJgRqHqI_BfDLSA1tzHDNduqMVuO1Y.js
www.google.com/js/th/ Frame 7CEC
35 KB
13 KB
Script
General
Full URL
https://www.google.com/js/th/8LWF8Aw1Pw4CbeJgRqHqI_BfDLSA1tzHDNduqMVuO1Y.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0b585f00c353f0e026de26046a1ea23f05f0cb480d6dcc70cd76ea8c56e3b56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 20:07:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
152348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Mon, 14 Jun 2021 13:30:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 30 Jun 2022 20:07:31 GMT
embed.js
www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/ Frame 7CEC
25 KB
7 KB
Script
General
Full URL
https://www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65a3573a374b60552bfaf599cbda271a4301bbad1b489f65f091c3208f1e759e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/7FxIRqhRa3w
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 14:40:29 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 30 Jun 2021 00:20:32 GMT
server
sffe
age
171970
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7482
x-xss-protection
0
expires
Thu, 30 Jun 2022 14:40:29 GMT
truncated
/ Frame 7CEC
175 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AKedOLSDvM6op0no125l4uoMAKXtYNe3_ilwCxN-89eM=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 7CEC
2 KB
2 KB
Image
General
Full URL
https://yt3.ggpht.com/ytc/AKedOLSDvM6op0no125l4uoMAKXtYNe3_ilwCxN-89eM=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7FxIRqhRa3w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
04a0455a609f9a317ec86003bf3cf26130193dedf5b2b6d16f660ea1b616b4b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 12:32:04 GMT
x-content-type-options
nosniff
age
6875
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1956
x-xss-protection
0
server
fife
etag
"v44"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 25 Jun 2021 22:31:37 GMT
sddefault.jpg
i.ytimg.com/vi/7FxIRqhRa3w/ Frame 7CEC
32 KB
33 KB
Image
General
Full URL
https://i.ytimg.com/vi/7FxIRqhRa3w/sddefault.jpg
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/7FxIRqhRa3w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67231783b72037d61d496716be579bc104b5edb9f62bac875ab9d03e3247bca3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:26:39 GMT
x-content-type-options
nosniff
server
sffe
age
0
etag
"0"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33187
x-xss-protection
0
expires
Fri, 02 Jul 2021 16:26:39 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 7CEC
4 KB
2 KB
Script
General
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:26:39 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
x-content-type-options
nosniff
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Fri, 02 Jul 2021 14:26:39 GMT
generate_204
www.youtube.com/ Frame 7CEC
0
9 B
Image
General
Full URL
https://www.youtube.com/generate_204?tykRjQ
Requested by
Host: office365-login.co.il
URL: https://office365-login.co.il/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/7FxIRqhRa3w
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:26:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
css
fonts.googleapis.com/ Frame AA26
6 KB
715 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CHeebo%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625235998765&bpp=1&bdt=168&idt=92&shv=r20210630&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1873812502054&frm=20&pv=1&ga_vid=229771899.1625235999&ga_sid=1625235999&ga_hid=1516855728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=264524781967606&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EVPx9mn2OM&p=https%3A//office365-login.co.il&dtd=113
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a9c4d712b7b51877f33026f56e511bc1236649c28d616677946a646a2a944702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 02 Jul 2021 13:26:48 GMT
server
ESF
date
Fri, 02 Jul 2021 14:26:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 02 Jul 2021 14:26:39 GMT
bg_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/ Frame AA26
6 KB
3 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/bg_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625235998765&bpp=1&bdt=168&idt=92&shv=r20210630&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1873812502054&frm=20&pv=1&ga_vid=229771899.1625235999&ga_sid=1625235999&ga_hid=1516855728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=264524781967606&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EVPx9mn2OM&p=https%3A//office365-login.co.il&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3328d94071c26637fa9de964b25c26388df0391ea89295527c6451e881ab526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 12:39:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6400
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2724
x-xss-protection
0
server
cafe
etag
9308872209241704880
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Jul 2021 12:39:59 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame AA26
1 KB
990 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625235998765&bpp=1&bdt=168&idt=92&shv=r20210630&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1873812502054&frm=20&pv=1&ga_vid=229771899.1625235999&ga_sid=1625235999&ga_hid=1516855728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=264524781967606&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EVPx9mn2OM&p=https%3A//office365-login.co.il&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:18:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
477
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
882
x-xss-protection
0
server
cafe
etag
11243716317595354070
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Jul 2021 14:18:42 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/ Frame AA26
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625235998765&bpp=1&bdt=168&idt=92&shv=r20210630&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1873812502054&frm=20&pv=1&ga_vid=229771899.1625235999&ga_sid=1625235999&ga_hid=1516855728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=264524781967606&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EVPx9mn2OM&p=https%3A//office365-login.co.il&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:25:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7112
x-xss-protection
0
server
cafe
etag
12276874145846594193
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Jul 2021 14:25:13 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame AA26
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625235998765&bpp=1&bdt=168&idt=92&shv=r20210630&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1873812502054&frm=20&pv=1&ga_vid=229771899.1625235999&ga_sid=1625235999&ga_hid=1516855728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=264524781967606&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EVPx9mn2OM&p=https%3A//office365-login.co.il&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:22:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1385
x-xss-protection
0
server
cafe
etag
10711834930267210186
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Jul 2021 14:22:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AA26
125 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625235998765&bpp=1&bdt=168&idt=92&shv=r20210630&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1873812502054&frm=20&pv=1&ga_vid=229771899.1625235999&ga_sid=1625235999&ga_hid=1516855728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=264524781967606&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EVPx9mn2OM&p=https%3A//office365-login.co.il&dtd=113
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71008215cb62c211dcfc83974988e24793e527ded21a5a3443caf7f2732aaaab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:26:39 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1625082185441780"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38802
x-xss-protection
0
expires
Fri, 02 Jul 2021 14:26:39 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/ Frame AA26
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625235998765&bpp=1&bdt=168&idt=92&shv=r20210630&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1873812502054&frm=20&pv=1&ga_vid=229771899.1625235999&ga_sid=1625235999&ga_hid=1516855728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=264524781967606&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EVPx9mn2OM&p=https%3A//office365-login.co.il&dtd=113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:22:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6207
x-xss-protection
0
server
cafe
etag
17140096307539089235
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 16 Jul 2021 14:22:26 GMT
a419caddb94ba229832f3cb0e96cc3a1.js
www.gstatic.com/mysidia/ Frame AA26
26 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/a419caddb94ba229832f3cb0e96cc3a1.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625235998765&bpp=1&bdt=168&idt=92&shv=r20210630&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1873812502054&frm=20&pv=1&ga_vid=229771899.1625235999&ga_sid=1625235999&ga_hid=1516855728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=264524781967606&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EVPx9mn2OM&p=https%3A//office365-login.co.il&dtd=113
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1608463daf92a71b2a1c6ee7042cc0a1b6bf99f1a1816787c554536948a50ae4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 01 Jul 2021 08:12:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
108866
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10765
x-xss-protection
0
last-modified
Thu, 01 Jul 2021 07:49:39 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 29 Sep 2021 08:12:13 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame AA26
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ChdUpHiLfYKbnNoDI7_UP-sShsAqQiYGIYeLW8suADcq6jPG-ARABIMz83iFglQKgAZS9gN4CyAEJqQKBMjNKmdmzPqgDAcgDywSqBM8BT9Bk00LV-T57WWTTetyEKQyKC-WlY9CAf3jrUKxFoQ9VzdCxh5g16S9qksAWYABY1il75OR7_ks33qgikG1ulpvhYqQG8EskaQd5HzmIzQRgGY8_JwTtUGQTSA46wEjasIz5lP8XQzz2TMwRt2MzSZIfo5uuODV_1k9fIta3VuVe7TZxiqLlA8xaAJFy6DPVr_PW2dITLVDXQILN9HdKcf9GJscaDxXcKsAuKLeIpyvzXQa_Ncdhumq0ZMT1xtYEALhKcEfKwXmU0M3a5qfqwATe3I6evAOSBQQIBBgBkgUECAUYBKAGLoAH6Pal1gGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQg8ME0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBgBcBshcaChgIABIUcHViLTU4NTc3MDM4MTI0MDk1MDc&sigh=a-c5TL_gdUs&template_id=484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625235998765&bpp=1&bdt=168&idt=92&shv=r20210630&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1873812502054&frm=20&pv=1&ga_vid=229771899.1625235999&ga_sid=1625235999&ga_hid=1516855728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=264524781967606&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EVPx9mn2OM&p=https%3A//office365-login.co.il&dtd=113
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625235998765&bpp=1&bdt=168&idt=92&shv=r20210630&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1873812502054&frm=20&pv=1&ga_vid=229771899.1625235999&ga_sid=1625235999&ga_hid=1516855728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=264524781967606&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EVPx9mn2OM&p=https%3A//office365-login.co.il&dtd=113
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 02 Jul 2021 14:26:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
2076313506083323656
tpc.googlesyndication.com/simgad/9254546253044585677/ Frame AA26
33 KB
33 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/9254546253044585677/2076313506083323656
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5857703812409507&output=html&h=250&slotname=8780168897&adk=614257545&adf=1812589828&pi=t.ma~as.8780168897&w=300&lmt=1620063081&psa=0&format=300x250&url=https%3A%2F%2Foffice365-login.co.il%2F&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625235998765&bpp=1&bdt=168&idt=92&shv=r20210630&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1873812502054&frm=20&pv=1&ga_vid=229771899.1625235999&ga_sid=1625235999&ga_hid=1516855728&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=650&ady=198&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671&oid=3&pvsid=264524781967606&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=EVPx9mn2OM&p=https%3A//office365-login.co.il&dtd=113
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b69ad6a2aedf32661b7ece80733663b45deae93b0fcbadf095dd272f53dcea93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 02:16:20 GMT
x-content-type-options
nosniff
age
216619
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33890
x-xss-protection
0
last-modified
Thu, 17 Dec 2020 14:48:28 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 02:16:20 GMT
truncated
/ Frame AA26
221 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c7cba6ec2518a669ff163f7c3cbeaa1f8c3ef3d1ce27ca6c26268ae27b4ad95

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame AA26
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed67c6181226a3b031406fc39824fb7551e545ffe1bd3a97eededdbfc2edb2d7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame AA26
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CHeebo%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 10:48:51 GMT
x-content-type-options
nosniff
age
185868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 10:48:51 GMT
NGS6v5_NC0k9P9H2TbE.woff2
fonts.gstatic.com/s/heebo/v10/ Frame AA26
26 KB
27 KB
Font
General
Full URL
https://fonts.gstatic.com/s/heebo/v10/NGS6v5_NC0k9P9H2TbE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CHeebo%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
305f84b1a2b213b5c07fe806145b7ca9756a6d927a70d57fabade68c62bb90e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 00:59:14 GMT
x-content-type-options
nosniff
age
221245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27112
x-xss-protection
0
last-modified
Tue, 02 Feb 2021 19:03:17 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 00:59:14 GMT
NGS6v5_NC0k9P9H0TbFzsQ.woff2
fonts.gstatic.com/s/heebo/v10/ Frame AA26
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/heebo/v10/NGS6v5_NC0k9P9H0TbFzsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CHeebo%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ca223ef3fa939c18c01963a02338110facf649327c6a9ca7d2d5f2d2ebc2a50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 11:46:06 GMT
x-content-type-options
nosniff
age
182433
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8868
x-xss-protection
0
last-modified
Tue, 02 Feb 2021 19:07:56 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 11:46:06 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame AA26
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%7CHeebo%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 30 Jun 2021 07:58:29 GMT
x-content-type-options
nosniff
age
196090
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 30 Jun 2022 07:58:29 GMT
sodar
pagead2.googlesyndication.com/getconfig/
10 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210630&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5857703812409507&plah=office365-login.co.il&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
85e4e34271644834f63d4b70dec72b0710a3833de20f04b31c2c396a8627fcd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 02 Jul 2021 14:26:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8022
x-xss-protection
0
DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js
pagead2.googlesyndication.com/bg/ Frame 1681
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/DbygjneaO4DVyaaVGwd-ToFDSMFkJodatxAyqShhIKw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20210624/r20110914/elements/html/bg_fy2019.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 07:46:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
23981
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5767
x-xss-protection
0
last-modified
Tue, 22 Jun 2021 16:28:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Jul 2022 07:46:58 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210630/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5857703812409507&plah=office365-login.co.il&amaexp=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 14:26:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 02 Jul 2021 14:26:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame E925
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://office365-login.co.il/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://office365-login.co.il/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 02 Jul 2021 10:49:48 GMT
expires
Sat, 02 Jul 2022 10:49:48 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
13011
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame AFAC
783 B
532 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
de052a09a15464ec5bd89bc6007e001c7df3ca6c0b2d24d9349a93338898c048
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7pHSoIzyDNcCQ1hA5WQrgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://office365-login.co.il/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://office365-login.co.il/

Response headers

expires
Fri, 02 Jul 2021 14:26:39 GMT
date
Fri, 02 Jul 2021 14:26:39 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-7pHSoIzyDNcCQ1hA5WQrgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Rv7nlKTa26NWRBniUpDYjCI2pQiUJx6mVfJMAqoAWAE.js
pagead2.googlesyndication.com/bg/ Frame E925
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Rv7nlKTa26NWRBniUpDYjCI2pQiUJx6mVfJMAqoAWAE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46fee794a4dadba3564419e25290d88c2236a50894271ea655f24c02aa005801
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Jul 2021 09:38:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
17314
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13317
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 16:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Jul 2022 09:38:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210630&jk=264524781967606&bg=!-Pul-7_NAAbV4AdB1eA7ACkAdvg8WuWx4LF6Gi15Vbdrj4CHqx0Affz6XfXfDD7Tt_WWPPGfc-GKHAIAAABPUgAAAAdoAQcKANdMBuQPYuYCbgrbEfM6I2e-rDBPkmyoO5wqnUtahgpzWK7D3vWBR8WIb0geqw5pvTIN4DtNx2dLlbBTZvJQau0QlLejqvZffdNaNyRi62Ruxmkx5ukCyt6bhYS0Eac0ikmV0_mGfwX1z7nsGTJbCDRZFOt3iNewSzeUApC1vMYE2SCaCLKv4aBrrGo2l6TWz9EAfWXXSD-aHcd5oZmRZGO-OwvaVe-9mhVelviZk8aTD-AfboWm8qv89tet7f0_1Ny-lRNxqSyaHqJgzPtfugpvL1M7u_nx5JkCb5ecmft7grWKTzxLOoy_drJ4nIFHCQAwbB6IhGo1eoS-TVlEZu8W3lLaQhQ4tipGcpYmsAv-qhMTEILP7uyk6OSLKgFLwrC3teBQ3TacXsB49bG0oTcd8j6o_VIN0CSXn8ysSdkQnEx5q9fk68og9ZXlAPCTbSnHOLaKox-yucZ7hfswnOyHFd3HXPVCe1zRjyn1f79cJ8u20vtSiZ5l1VmWRyeEiRtZklSdVg3EiPR3dDiQqyOZ0O6U176CGksJuZJsm5Kqo_W2yDwwmWleXuINet3vkl3bieR4Gca3EQZHFpZlC42YpFvqYv-mbt4d_AMnoTCMkisoui270taatQhFEIVIBL1MyBOCPAqd8avMN0CbKXjHhIPaOw7C3fDrnNYGn7lwTfJ2bfgZy7hpOkx2xEh8NVTPZFQXOJx5IIn78VT7NaPioPe2b9hwzO7XgfPsbZ_BugW384TZzB9Hg_mjPkUNejhe8b5zxvfIsXWUoBEBu2_KWWTmwrxTC3-LHYr3kCDsxCxzg2dIpBABo_tor4D-UTm-XNGArjZ95NTbWAfcUwlYRRx5hB4brZ2dRGwQgTiRjjNUutwsKyfjANfflx4lzdrCNDK97Vjy0bUHES7SNiRor4jmnW2gbTxAoIZshiCeERTiJ7PIIUTod3Xz_aNSi5FqLEXL3y5GFfNGD-zW1v2mCUyrjNI7RX1CRRxwujmU4JAx-rSn21QG64-3aMAYhJmgzmnhoPQTr8k6RLhFCbv6M4KL7jKCnirjLoKYNPmgURY6Syzjh_iPM59pok_2qKIZ1CID00tEY66HZc6m9PwQtRihkXZzUhbG
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://office365-login.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 14:26:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
ws.sharethis.com/secure/ Frame 0C25
7 KB
2 KB
Document
General
Full URL
https://ws.sharethis.com/secure/index.html
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
3917548928197150addc288f30af88f2ab034ab333aea4b5d99ae97465563720

Request headers

:method
GET
:authority
ws.sharethis.com
:scheme
https
:path
/secure/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://office365-login.co.il/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://office365-login.co.il/

Response headers

content-type
text/html
content-length
2089
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 17:57:38 GMT
server
nginx/1.16.1
x-robots-tag
noindex, nofollow
date
Thu, 01 Jul 2021 23:57:46 GMT
etag
W/"60257012-1ade"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
mnDcS2WWmiY69TySdt8RpxyYpUp0aapF5m9BlusUNr8yuUCiD6TsAw==
age
52134
activeview
pagead2.googlesyndication.com/pcs/ Frame AA26
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqImDeDBkci5qW9k6GgbNdROeWouzbRbikD8Foy-7Ib0YaJWKPlmD-pCPIqE5vEbaHBqcCDVtaqx7jQOOXRaEpNzDFZptiVXKmPh1fKYUB1bRwliwMPNO6oKUHwQ&sai=AMfl-YQryJFJBUSiilZ0oI24v-us__aAAbP9cOQDuJ0VIYtMQzliKPxvIZjW57Jad8bpiUpQn1hgAwi1WnNi&sig=Cg0ArKJSzGUxl3wfkrPZEAE&id=lidar2&mcvt=1002&p=198,650,448,950&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210630&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=614257545&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1625235998879&dlt=605&rpt=37&isd=0&msd=0&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 02 Jul 2021 14:26:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
st.a9c2f47cfbd1f141fb724cef861110d7.js
ws.sharethis.com/secure/js/ Frame 0C25
88 KB
23 KB
Script
General
Full URL
https://ws.sharethis.com/secure/js/st.a9c2f47cfbd1f141fb724cef861110d7.js
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:f800:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
85a0afc2f45cecec31d8ccd1498cd8bfe428b3d79018efb1bf4da2cb3050b847

Request headers

Referer
https://ws.sharethis.com/secure/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Apr 2021 17:29:33 GMT
content-encoding
gzip
server
nginx/1.16.1
age
5691426
etag
W/"60257012-15e0f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-robots-tag
noindex, nofollow
content-length
23428
x-amz-cf-id
uvPO1eyv8du3PlLvyCvymPrFzF4e_b3Q6pzOwgFxKTPdTEOXf1VfrA==
expires
Wed, 27 Apr 2022 17:29:33 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 7CEC
28 B
54 B
XHR
General
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/7acefd5d/player_ias.vflset/en_US/base.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
120
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/7FxIRqhRa3w
X-YouTube-Client-Version
1.20210629.1.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtDOHFaNHZ1VDEwOCiexPyGBg%3D%3D
X-YouTube-Ad-Signals
dt=1625235998953&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C450%2C253&vis=1&wgl=true&ca_type=image&bid=ANyPxKrC8F1IIdZUdJ4Z915RwF7GnkozFB1C9mc1R8oSq78faxx55gLuNEPUTbm-ynGEg4qdn91gBEhqLHplRsuKv6JPiiyK5Q

Response headers

date
Fri, 02 Jul 2021 14:26:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Fri, 02 Jul 2021 14:26:41 GMT

Verdicts & Comments Add Verdict or Comment

114 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| stlib function| _$d function| _$d0 function| _$d_ function| _$d1 function| _$d2 function| _$de function| _$dt object| _all_services boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus string| customProduct string| stWidgetVersion object| stButtons object| stWidget boolean| sop_pview_logged object| ShareThisEvent object| stLight boolean| st_showing object| adsbygoogle string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| jQuery19105532060641825693 object| html5 object| Modernizr function| yepnope function| init_hash boolean| showHoverbarReskinned boolean| isEsiLoaded boolean| stShowNewMobileWidget boolean| isMobileButtonLoaded boolean| stRecentServices boolean| iswhatsappCustomButton boolean| isKikCustomButton boolean| stIsLoggedIn object| servicesLoggedIn object| stFastShareObj boolean| useFastShare object| stButtonsLib function| Shareable function| shareLog string| __stPubGA object| async_buttons function| foursquareCallback function| __stgetPubGA function| plusoneCallback boolean| openWidget object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb string| baseURL object| GoogleGcLKhOms object| google_image_requests string| messageSet

8 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: C8qZ4vuT108
.doubleclick.net/ Name: IDE
Value: AHWqTUnIExX3ISKb8z-4RBMTIuau7Q1ZFtm_twEpaf2AfSNUqfHxPUhETZhwZcX3
.youtube.com/ Name: YSC
Value: Ov-T1qT_ElE
.office365-login.co.il/ Name: _gat
Value: 1
.office365-login.co.il/ Name: _gid
Value: GA1.3.264103022.1625235999
.office365-login.co.il/ Name: __gads
Value: ID=7fbd801dca7da42e-2207ff3d56c9002b:T=1625235998:RT=1625235998:S=ALNI_MaVaLoo914hM2KfNYruU95E-dHlhw
.office365-login.co.il/ Name: _ga
Value: GA1.3.229771899.1625235999

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
c.sharethis.mgr.consensu.org
count-server.sharethis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
l.sharethis.com
office365-login.co.il
pagead2.googlesyndication.com
partner.googleadservices.com
static.doubleclick.net
tpc.googlesyndication.com
w.sharethis.com
ws.sharethis.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
142.250.185.66
18.198.109.212
2600:9000:20eb:e00:c:a9b7:ddc0:93a1
2600:9000:20eb:f800:3:c04e:c780:93a1
2606:4700:3031::ac43:ccde
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:802::200a
2a00:1450:4001:809::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::2016
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2001
35.174.194.37
00f8fcc97db3d00d2e70589631ddc43e7fb7bef87c3dedc3933f6551a11b2c4f
013bec3910ad3d4838f46d1a0095d9e6f0ea3e676e786daf0147dce032b651b6
0335381d4e7109a9ce4bc3e137e192d5a4d8182963f9ad988f1f24e03a99e0d4
04a0455a609f9a317ec86003bf3cf26130193dedf5b2b6d16f660ea1b616b4b8
0dbca08e779a3b80d5c9a6951b077e4e814348c16426875ab71032a9286120ac
0e3f83554765fa48514ce0a169441466f92010d01cdc716003e02317bffc6993
101952754cb8c2ae6e1b8b8cba16dc2a9b47e6e808bd563a8b87d0561daf7d85
1608463daf92a71b2a1c6ee7042cc0a1b6bf99f1a1816787c554536948a50ae4
18355c68390338e3c804dead124a3df2bf019fc57f46597225bc8c957496936f
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
28e9420a6d03a70b837b51c9fbe1bb1f819a3d4aa71bffa07f7c3e79d7dcf878
2ab2d37103d429a8d794024db503039481ea04c9b8995f95fd4a3675754537ac
305f84b1a2b213b5c07fe806145b7ca9756a6d927a70d57fabade68c62bb90e4
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3488c49147b809d1e457c14a37bf3a79b0455fd159c121325e8f737eea45eb75
3917548928197150addc288f30af88f2ab034ab333aea4b5d99ae97465563720
3c107239496609ede285e80b91336c653f68e65956a25b489ef9b4d9591d07ea
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4118e3905681f28cf8dc9eb48bd5aabd36bff99666193810868d9182ba9686da
4635b48f19fd4496699f611a687ab8e77121776112be215a5b35e8a0986ca48c
46fee794a4dadba3564419e25290d88c2236a50894271ea655f24c02aa005801
49aea8d1206dbb5e3c8a7d4db9274d2efa2111d8b53acb901efc378b1feca381
4ca223ef3fa939c18c01963a02338110facf649327c6a9ca7d2d5f2d2ebc2a50
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
516630dc137782b6ea784ed6891b487b8a2fff9be9ed921977008453039cc1fe
54e0095946406ad3449ee0bd4f1e6e08403f97b767f4611be9e9c2e1c9ef5b33
57da1975a1a566cf1da2db57ab91d84b0a92b174e4c1da8ab4d60ef2c600de60
592a848da6f427ea5d9169179bd309484f531d3c23c5aaf858afa22fc28d40c8
65a3573a374b60552bfaf599cbda271a4301bbad1b489f65f091c3208f1e759e
67231783b72037d61d496716be579bc104b5edb9f62bac875ab9d03e3247bca3
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6838d0791382d1504f9baa2c1b9a296e9233b62f52025bc6637dd0b5913da50c
71008215cb62c211dcfc83974988e24793e527ded21a5a3443caf7f2732aaaab
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
75b0a7bd1689b8f44e349e382ac54c3004d8559c347546ec7f3aea716cad758f
789d25597a48ee75857b4f804d9bc81fe5c0484b6f05cf76c3c6335948c41cb0
80a5d0b2983eac432da573ad8ed1bbe0910d95d373b24959854c9b311b43717a
82ebc46237f684fc9b9d1206e7c06e1f89993df7262d24b451f724717178643d
85a0afc2f45cecec31d8ccd1498cd8bfe428b3d79018efb1bf4da2cb3050b847
85e4e34271644834f63d4b70dec72b0710a3833de20f04b31c2c396a8627fcd4
8a9a19e56cdf55a52ccdc15ae0f7bc04cf281e9039c1f33383266fe60df71b51
8bc62c9ef81390af989b3829ace60aae916e299dab9df7ec5e49db2d07a956b6
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
9c7cba6ec2518a669ff163f7c3cbeaa1f8c3ef3d1ce27ca6c26268ae27b4ad95
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
a029ad1de22249db15e4a05e5e168cf70b256ce05cdef7f7e7927c2df030f57b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a271908459f412648865c52f284ec5fdc1dac8b6074d32f75a72d8103867f2fd
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6121ec11f6f973764c805699924fc8de985509e321254c5b23e5a859aaf5e03
a9c4d712b7b51877f33026f56e511bc1236649c28d616677946a646a2a944702
aff0fe9c5bb0b48251cc524c2f70eb71353076fb39203f634c9dbe0dd1f6226e
b69ad6a2aedf32661b7ece80733663b45deae93b0fcbadf095dd272f53dcea93
bf5883ce5f30c835f5f46139cb23f16db3d4edcc851b798409173fd12449c3b4
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c3328d94071c26637fa9de964b25c26388df0391ea89295527c6451e881ab526
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9b9e10132c1000cef53bc06b39c845b1d522ca85222ff94f07bdc31fb3d16f1
de052a09a15464ec5bd89bc6007e001c7df3ca6c0b2d24d9349a93338898c048
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3addf610b495fe6cfd73ebfac82f86b7ec7acd54f18e3a8e3c79528302c47c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6c3d5fa60e4bf93e81d7df8456be46e03d60e70378e9af123c010a610e49192
ed67c6181226a3b031406fc39824fb7551e545ffe1bd3a97eededdbfc2edb2d7
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b585f00c353f0e026de26046a1ea23f05f0cb480d6dcc70cd76ea8c56e3b56
f3bc548fe0ec38e954e193e2048fcd89948a61e9b321e69476b807cfb530215b
f7c1a447dd5df632e09cb03fc8e264c6ca815e6bf90e8732c8534152bce49328