urlscan.io logo urlscan.io
SecurityTrails logo

naaflooring.com Open in urlscan Pro
209.59.138.203  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://deti-na-planete.ru/sites/default/files/ctools/inc/
Effective URL: https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Submission: On June 30 via manual from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 6 countries across 8 domains to perform 38 HTTP transactions. The main IP is 209.59.138.203, located in Lansing, United States and belongs to LIQUIDWEB - Liquid Web, L.L.C, US. The main domain is naaflooring.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 18th 2019. Valid for: 3 months.
This is the only time naaflooring.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Leumi (Banking)

Domain & IP information

IP Address AS Autonomous System
1 1 81.177.139.72 8342 (RTCOMM-AS)
1 3 209.59.138.203 32244 (LIQUIDWEB)
5 199.203.28.165 1680 (NV-ASN CE...)
12 199.203.32.11 1680 (NV-ASN CE...)
2 199.203.32.123 1680 (NV-ASN CE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 212.179.26.77 8551 (BEZEQ-INT...)
2 5 199.203.28.172 1680 (NV-ASN CE...)
1 52.16.205.165 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
38 11
1    81.177.139.72 (Moscow, Russian Federation)

ASN8342 (RTCOMM-AS, RU)
deti-na-planete.ru
3    209.59.138.203 (Lansing, United States)

ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US)
PTR: host.emixweb.com
naaflooring.com
5    199.203.28.165 (Israel)

ASN1680 (NV-ASN CELLCOM ltd., IL)
hb2.bankleumi.co.il
12    199.203.32.11 (Rehovot, Israel)

ASN1680 (NV-ASN CELLCOM ltd., IL)
PTR: odap-199-203-32-11.bb.netvision.net.il
cache.bankleumi.co.il
2    199.203.32.123 (Rehovot, Israel)

ASN1680 (NV-ASN CELLCOM ltd., IL)
PTR: odap-199-203-32-123.bb.netvision.net.il
accessibilitys.bankleumi.co.il
1    2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    212.179.26.77 (Tel Aviv, Israel)

ASN8551 (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone, IL)
PTR: bzq-179-26-77.cust.bezeqint.net
content.leumi.co.il
5    199.203.28.172 (Israel)

ASN1680 (NV-ASN CELLCOM ltd., IL)
sdc.bankleumi.co.il
1    52.16.205.165 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-16-205-165.eu-west-1.compute.amazonaws.com
10stat.com
2    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
Domain Requested by
12 cache.bankleumi.co.il naaflooring.com
hb2.bankleumi.co.il
5 sdc.bankleumi.co.il 2 redirects hb2.bankleumi.co.il
naaflooring.com
5 hb2.bankleumi.co.il naaflooring.com
3 naaflooring.com 1 redirects naaflooring.com
2 www.google-analytics.com www.googletagmanager.com
cache.bankleumi.co.il
2 accessibilitys.bankleumi.co.il naaflooring.com
accessibilitys.bankleumi.co.il
1 stats.g.doubleclick.net cache.bankleumi.co.il
1 10stat.com naaflooring.com
1 content.leumi.co.il hb2.bankleumi.co.il
1 www.googletagmanager.com naaflooring.com
1 deti-na-planete.ru 1 redirects
38 11

This site contains links to these domains. Also see Links.

Domain
www.leumi.co.il
Subject Issuer Validity Valid
naaflooring.com
Let's Encrypt Authority X3		 2019-06-18 -
2019-09-16		 3 months crt.sh
hb2.bankleumi.co.il
DigiCert SHA2 Extended Validation Server CA		 2018-05-09 -
2019-08-08		 a year crt.sh
cache.bankleumi.co.il
Thawte RSA CA 2018		 2018-07-25 -
2020-09-22		 2 years crt.sh
accessibilitys.bankleumi.co.il
Thawte RSA CA 2018		 2018-09-04 -
2020-09-03		 2 years crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh
content.leumi.co.il
Thawte RSA CA 2018		 2018-05-28 -
2020-07-26		 2 years crt.sh
sdc.bankleumi.co.il
Thawte RSA CA 2018		 2018-08-15 -
2020-11-11		 2 years crt.sh
10stat.com
Entrust Certification Authority - L1K		 2017-08-21 -
2019-08-21		 2 years crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-06-11 -
2019-09-03		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Frame ID: 1B1483107E7AE9DBE63CF5A6DE0D882F
Requests: 36 HTTP requests in this frame

Frame: https://accessibilitys.bankleumi.co.il/CommFrame/Activation?ver=2.1.5.0
Frame ID: 96E296DA081F7053CB359E074395774B
Requests: 1 HTTP requests in this frame

Frame: https://content.leumi.co.il/LoginPromotion/37570/?referer=bankleumi
Frame ID: 73C2A251DECA69719897016C03319357
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://deti-na-planete.ru/sites/default/files/ctools/inc/ HTTP 302
    https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

38
Requests

79 %
HTTPS

27 %
IPv6

8
Domains

11
Subdomains

11
IPs

6
Countries

370 kB
Transfer

597 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://deti-na-planete.ru/sites/default/files/ctools/inc/ HTTP 302
    https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/https://hb2.bankleumi.co.il/InternalSite/Images/CustomUpdate/Leumi/bsrmu.gif HTTP 301
  • https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/https:/hb2.bankleumi.co.il/InternalSite/Images/CustomUpdate/Leumi/bsrmu.gif
Request Chain 30
  • https://sdc.bankleumi.co.il/dcsftqx3e00000s1wv4e5ao3q_3l6o/dcs.gif?&dcsdat=1561888359660&dcssip=naaflooring.com&dcsuri=/wp-content/plugins/LayerSlider/static/public/inc/leumi/&WT.tz=2&WT.bh=11&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=%D7%91%D7%A0%D7%A7%20%D7%9C%D7%90%D7%95%D7%9E%D7%99%20-%20%D7%9B%D7%A0%D7%99%D7%A1%D7%94%20%D7%9C%D7%97%D7%A9%D7%91%D7%95%D7%A0%D7%9A%20-%20LIBI_U5%20-%203&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%20enabled&WT.slv=Not%20enabled&WT.tv=9.3.0&WT.dl=0&WT.ssl=1&WT.es=naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/&WT.vt_f_a=2&WT.vt_f=2 HTTP 303
  • https://sdc.bankleumi.co.il/dcsftqx3e00000s1wv4e5ao3q_3l6o/dcs.gif?dcsredirect=1&dcsdat=1561888359660&dcssip=naaflooring.com&dcsuri=/wp-content/plugins/LayerSlider/static/public/inc/leumi/&WT.tz=2&WT.bh=11&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=%D7%91%D7%A0%D7%A7%20%D7%9C%D7%90%D7%95%D7%9E%D7%99%20-%20%D7%9B%D7%A0%D7%99%D7%A1%D7%94%20%D7%9C%D7%97%D7%A9%D7%91%D7%95%D7%A0%D7%9A%20-%20LIBI_U5%20-%203&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%20enabled&WT.slv=Not%20enabled&WT.tv=9.3.0&WT.dl=0&WT.ssl=1&WT.es=naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/&WT.vt_f_a=2&WT.vt_f=2
Request Chain 31
  • https://sdc.bankleumi.co.il/dcsftqx3e00000s1wv4e5ao3q_3l6o/dcs.gif?&dcsdat=1561888360165&dcssip=naaflooring.com&dcsuri=/wp-content/plugins/LayerSlider/static/public/inc/leumi/&WT.tz=2&WT.bh=11&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=%D7%91%D7%A0%D7%A7%20%D7%9C%D7%90%D7%95%D7%9E%D7%99%20-%20%D7%9B%D7%A0%D7%99%D7%A1%D7%94%20%D7%9C%D7%97%D7%A9%D7%91%D7%95%D7%A0%D7%9A%20-%20LIBI_U5%20-%203&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%20enabled&WT.slv=Not%20enabled&WT.tv=9.3.0&WT.dl=0&WT.ssl=1&WT.es=naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/&WT.vt_f_a=2&WT.vt_f=2&WT.service_av=login&WT.channel=pc&WT.action=login&WT.service=login&WT.si_p=login%20screen%20loaded&WT.status=succes&WT.message=none&WT.reg_status=unknown HTTP 303
  • https://sdc.bankleumi.co.il/dcsftqx3e00000s1wv4e5ao3q_3l6o/dcs.gif?dcsredirect=1&dcsdat=1561888360165&dcssip=naaflooring.com&dcsuri=/wp-content/plugins/LayerSlider/static/public/inc/leumi/&WT.tz=2&WT.bh=11&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=%D7%91%D7%A0%D7%A7%20%D7%9C%D7%90%D7%95%D7%9E%D7%99%20-%20%D7%9B%D7%A0%D7%99%D7%A1%D7%94%20%D7%9C%D7%97%D7%A9%D7%91%D7%95%D7%A0%D7%9A%20-%20LIBI_U5%20-%203&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%20enabled&WT.slv=Not%20enabled&WT.tv=9.3.0&WT.dl=0&WT.ssl=1&WT.es=naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/&WT.vt_f_a=2&WT.vt_f=2&WT.service_av=login&WT.channel=pc&WT.action=login&WT.service=login&WT.si_p=login%20screen%20loaded&WT.status=succes&WT.message=none&WT.reg_status=unknown

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Redirect Chain
  • http://deti-na-planete.ru/sites/default/files/ctools/inc/
  • https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
26 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.59.138.203 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.emixweb.com
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash
72528201851acb36be12e56b4815cb065a153f6365928dda0806af3cea0c1794

Request headers

:method
GET
:authority
naaflooring.com
:scheme
https
:path
/wp-content/plugins/LayerSlider/static/public/inc/leumi/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 30 Jun 2019 09:52:29 GMT
server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
cache-control
max-age=600
expires
Sun, 30 Jun 2019 10:02:29 GMT
vary
Accept-Encoding,User-Agent
content-encoding
gzip
content-length
8163
content-type
text/html; charset=UTF-8

Redirect headers

Date
Sun, 30 Jun 2019 09:52:29 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
20
Connection
keep-alive
Server
Jino.ru/mod_pizza
Location
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Vary
Accept-Encoding
Content-Encoding
gzip
general_functions.js
hb2.bankleumi.co.il/InternalSite/scripts/CustomUpdate/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb2.bankleumi.co.il/InternalSite/scripts/CustomUpdate/general_functions.js
Requested by
Host: naaflooring.com
URL: https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.203.28.165 , Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/7.5, Bank NOYFB Server 1.01 / ASP.NET, ASP.NET
Resource Hash
26ede7f84f70004e44fa205aa02404cebb86c09563bfe8910c7238e19f906403
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 30 Jun 2019 09:52:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Nov 2015 12:35:08 GMT
Server
Microsoft-IIS/7.5, Bank NOYFB Server 1.01
X-Powered-By
ASP.NET, ASP.NET
ETag
"0664de24628d11:0"
Vary
Accept-Encoding,*
Content-Type
application/x-javascript
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
5074
loginResStyle.css
cache.bankleumi.co.il/nLogin/css/Leumi/ 		22 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cache.bankleumi.co.il/nLogin/css/Leumi/loginResStyle.css
Requested by
Host: naaflooring.com
URL: https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.203.32.11 Rehovot, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
odap-199-203-32-11.bb.netvision.net.il
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
3c89eff23d70598243da0d37abe80834fcf8ad2118486aef63185cc6962ce0d3

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 30 Jun 2019 09:52:32 GMT
ETag
"035a72e4247d31:0"
Last-Modified
Tue, 17 Oct 2017 12:19:30 GMT
Server
Microsoft-IIS/8.5
Age
3543
X-Powered-By
ASP.NET
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
22817
Typograph.css
cache.bankleumi.co.il/nLogin/css/Leumi/ 		3 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cache.bankleumi.co.il/nLogin/css/Leumi/Typograph.css
Requested by
Host: naaflooring.com
URL: https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.203.32.11 Rehovot, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
odap-199-203-32-11.bb.netvision.net.il
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
8e6c8c811dc3cf6ea32a7a2e6481534ff453a225620787460845853b975c3f54

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 30 Jun 2019 09:52:32 GMT
ETag
"e9dd6ef3a8d8d41:0"
Last-Modified
Tue, 12 Mar 2019 07:55:25 GMT
Server
Microsoft-IIS/8.5
Age
1407
X-Powered-By
ASP.NET
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3502
head
accessibilitys.bankleumi.co.il/loader/ 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accessibilitys.bankleumi.co.il/loader/head
Requested by
Host: naaflooring.com
URL: https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.203.32.123 Rehovot, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
odap-199-203-32-123.bb.netvision.net.il
Software
User1st-Server /
Resource Hash
1e4a0ef4a045cea12db0ef0e8651fe1e4493dfef748ad25e0bf351fbaae0f3ac
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 30 Jun 2019 09:52:32 GMT
Last-Modified
Sun, 30 Jun 2019 09:52:32 GMT
Server
User1st-Server
X-AspNet-Version
4.0.30319
Strict-Transport-Security
max-age=16070400; includeSubDomains
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/x-javascript; charset=utf-8
Access-Control-Allow-Origin
http://satelliteqa.user1st.info
Cache-Control
public, max-age=86400
Access-Control-Allow-Headers
X-Requested-With, Accept, Access-Control-Allow-Origin, Content-Type
Content-Length
23827
Expires
Mon, 01 Jul 2019 09:52:32 GMT
jquery-1.10.2.min.js
hb2.bankleumi.co.il/InternalSite/scripts/CustomUpdate/ 		110 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb2.bankleumi.co.il/InternalSite/scripts/CustomUpdate/jquery-1.10.2.min.js
Requested by
Host: naaflooring.com
URL: https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.203.28.165 , Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/7.5, Bank NOYFB Server 1.01 / ASP.NET, ASP.NET
Resource Hash
a5113f75e3e1ddadebaef59226f84c4d89f11fcef8e628953663a139b1cca3f7
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 30 Jun 2019 09:52:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 26 Nov 2015 12:35:08 GMT
Server
Microsoft-IIS/7.5, Bank NOYFB Server 1.01
X-Powered-By
ASP.NET, ASP.NET
ETag
"0664de24628d11:0"
Vary
Accept-Encoding,*
Content-Type
application/x-javascript
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
34953
LogoLeumi.png
cache.bankleumi.co.il/nLogin/images/15Sstyle/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache.bankleumi.co.il/nLogin/images/15Sstyle/LogoLeumi.png
Requested by
Host: naaflooring.com
URL: https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.203.32.11 Rehovot, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
odap-199-203-32-11.bb.netvision.net.il
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d2c69abc4c8e0890c756f1065f0d9093bd4ee21e65fffaa96b09b6cafc1137ae

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 30 Jun 2019 09:52:32 GMT
ETag
"8e6ec3414728d11:0"
Last-Modified
Thu, 26 Nov 2015 12:37:48 GMT
Server
Microsoft-IIS/8.5
Age
2527
X-Powered-By
ASP.NET
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
9708
help.png
cache.bankleumi.co.il/nLogin/images/15Sstyle/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache.bankleumi.co.il/nLogin/images/15Sstyle/help.png
Requested by
Host: naaflooring.com
URL: https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.203.32.11 Rehovot, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
odap-199-203-32-11.bb.netvision.net.il
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
198cdf3907bb618bea848112d142eee20ed1d794895311cb28a3dc2c0ceb151d

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 30 Jun 2019 09:52:32 GMT
ETag
"8e5c49414728d11:0"
Last-Modified
Thu, 26 Nov 2015 12:37:47 GMT
Server
Microsoft-IIS/8.5
Age
2527
X-Powered-By
ASP.NET
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1385
icon_mobile.png
cache.bankleumi.co.il/nLogin/images/15Sstyle/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache.bankleumi.co.il/nLogin/images/15Sstyle/icon_mobile.png
Requested by
Host: naaflooring.com
URL: https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.203.32.11 Rehovot, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
odap-199-203-32-11.bb.netvision.net.il
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
acbac7c6928dcc03d0186dddf1fe83ffceb86efec178d63d2f571cf011e1139b

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 30 Jun 2019 09:52:33 GMT
ETag
"ae3b9a414728d11:0"
Last-Modified
Thu, 26 Nov 2015 12:37:47 GMT
Server
Microsoft-IIS/8.5
Age
2528
X-Powered-By
ASP.NET
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1830
VeriSign.png
cache.bankleumi.co.il/nLogin/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache.bankleumi.co.il/nLogin/images/VeriSign.png
Requested by
Host: naaflooring.com
URL: https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.203.32.11 Rehovot, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
odap-199-203-32-11.bb.netvision.net.il
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
711c41cd1ebfce2c755ef6acd504d9bfaebd4988923d5b469722a5bb28e9bbfb

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 30 Jun 2019 09:52:33 GMT
ETag
"5616a873030d11:0"
Last-Modified
Sun, 06 Dec 2015 14:15:15 GMT
Server
Microsoft-IIS/8.5
Age
2489
X-Powered-By
ASP.NET
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3916
js.js
hb2.bankleumi.co.il/InternalSite/scripts/CustomUpdate/Leumi/ 		31 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb2.bankleumi.co.il/InternalSite/scripts/CustomUpdate/Leumi/js.js
Requested by
Host: naaflooring.com
URL: https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.203.28.165 , Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/7.5, Bank NOYFB Server 1.01 / ASP.NET, ASP.NET
Resource Hash
565220008db9698f939577d60437b636e4faafc12cc9c0ff7c633e382ba87eed
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 30 Jun 2019 09:52:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Jul 2018 06:30:42 GMT
Server
Microsoft-IIS/7.5, Bank NOYFB Server 1.01
X-Powered-By
ASP.NET, ASP.NET
ETag
"0d5f384ce1cd41:0"
Vary
Accept-Encoding,*
Content-Type
application/x-javascript
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
7005
webtrends.js
hb2.bankleumi.co.il/InternalSite/scripts/CustomUpdate/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb2.bankleumi.co.il/InternalSite/scripts/CustomUpdate/webtrends.js
Requested by
Host: naaflooring.com
URL: https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.203.28.165 , Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/7.5, Bank NOYFB Server 1.01 / ASP.NET, ASP.NET
Resource Hash
3529c7306454cdc0a51be1d025a3af9f1b046c0594ca8d92f2494d43e2855d51
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 30 Jun 2019 09:52:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Apr 2013 08:28:32 GMT
Server
Microsoft-IIS/7.5, Bank NOYFB Server 1.01
X-Powered-By
ASP.NET, ASP.NET
ETag
"0b8b336b339ce1:0"
Vary
Accept-Encoding,*
Content-Type
application/x-javascript
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
4817
internal.js
hb2.bankleumi.co.il/InternalSite/scripts/CustomUpdate/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb2.bankleumi.co.il/InternalSite/scripts/CustomUpdate/internal.js
Requested by
Host: naaflooring.com
URL: https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.203.28.165 , Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/7.5, Bank NOYFB Server 1.01 / ASP.NET, ASP.NET
Resource Hash
eec4c1af8f55a9f9af53dbf60ff5afc54808a98430a0457c8e8b27052dfd67e8
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 30 Jun 2019 09:52:32 GMT
Content-Encoding
gzip
Last-Modified
Sun, 07 Aug 2016 07:09:47 GMT
Server
Microsoft-IIS/7.5, Bank NOYFB Server 1.01
X-Powered-By
ASP.NET, ASP.NET
ETag
"806f37ae7af0d11:0"
Vary
Accept-Encoding,*
Content-Type
application/x-javascript
Strict-Transport-Security
max-age=16070400; includeSubDomains
Accept-Ranges
bytes
Content-Length
2647
gtm.js
www.googletagmanager.com/ 		85 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5P8MD4L
Requested by
Host: naaflooring.com
URL: https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
839af5ca1d5b5aa4981770258f00f37670c6689fc812f6cdd78d3a615db6aa8b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 30 Jun 2019 09:52:33 GMT
content-encoding
br
last-modified
Sun, 30 Jun 2019 09:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
23842
x-xss-protection
0
expires
Sun, 30 Jun 2019 09:52:33 GMT
Activation
accessibilitys.bankleumi.co.il/CommFrame/ Frame 96E2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://accessibilitys.bankleumi.co.il/CommFrame/Activation?ver=2.1.5.0
Requested by
Host: accessibilitys.bankleumi.co.il
URL: https://accessibilitys.bankleumi.co.il/loader/head
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.203.32.123 Rehovot, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
odap-199-203-32-123.bb.netvision.net.il
Software
User1st-Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

Host
accessibilitys.bankleumi.co.il
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/

Response headers

Cache-Control
public, max-age=86400
Content-Type
text/html; charset=utf-8
Expires
Mon, 01 Jul 2019 09:52:33 GMT
Last-Modified
Sun, 30 Jun 2019 09:52:33 GMT
Server
User1st-Server
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
X-AspNet-Version
4.0.30319
Access-Control-Allow-Origin
http://satelliteqa.user1st.info
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Headers
X-Requested-With, Accept, Access-Control-Allow-Origin, Content-Type
Date
Sun, 30 Jun 2019 09:52:33 GMT
Content-Length
290
Strict-Transport-Security
max-age=16070400; includeSubDomains
bsrmu.gif
naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/https:/hb2.bankleumi.co.il/InternalSite/Images/CustomUpdate/Leumi/
Redirect Chain
  • https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/https://hb2.bankleumi.co.il/InternalSite/Images/CustomUpdate/Leumi/bsrmu.gif
  • https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/https:/hb2.bankleumi.co.il/InternalSite/Images/CustomUpdate/Leumi/bsrmu.gif
40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/https:/hb2.bankleumi.co.il/InternalSite/Images/CustomUpdate/Leumi/bsrmu.gif
Requested by
Host: naaflooring.com
URL: https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.59.138.203 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US),
Reverse DNS
host.emixweb.com
Software
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4 /
Resource Hash
63223be8b39de6bc7ba221d696b14742824d76e217db2afb7b4856b0ee17cd10

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 30 Jun 2019 09:52:34 GMT
content-encoding
gzip
server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
status
404
cache-control
no-cache, must-revalidate, max-age=0
link
<https://naaflooring.com/wp-json/>; rel="https://api.w.org/"
content-length
8899
expires
Wed, 11 Jan 1984 05:00:00 GMT

Redirect headers

date
Sun, 30 Jun 2019 09:52:33 GMT
server
Apache/2.4.39 (cPanel) OpenSSL/1.0.2r mod_bwlimited/1.4
location
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/https:/hb2.bankleumi.co.il/InternalSite/Images/CustomUpdate/Leumi/bsrmu.gif
vary
User-Agent
content-type
text/html; charset=UTF-8
status
301
cache-control
no-cache, must-revalidate, max-age=0
content-length
0
expires
Wed, 11 Jan 1984 05:00:00 GMT
detector-beacon.min.js
cache.bankleumi.co.il/eBanking/Themes/GeneralTopTabMenu/ScriptEBANK/ 		68 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cache.bankleumi.co.il/eBanking/Themes/GeneralTopTabMenu/ScriptEBANK/detector-beacon.min.js
Requested by
Host: naaflooring.com
URL: https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.203.32.11 Rehovot, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
odap-199-203-32-11.bb.netvision.net.il
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4869f83e076f8c57d96a544dea9ec04e96ef41a346a1a3e17a1cb93e9db0c4c4

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 30 Jun 2019 09:52:35 GMT
ETag
"0599f37d64d51:0"
Last-Modified
Tue, 07 May 2019 13:10:18 GMT
Server
Microsoft-IIS/8.5
Age
3557
X-Powered-By
ASP.NET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
69148
123img-desktop.jpg
cache.bankleumi.co.il/nLogin/images/15Sstyle/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache.bankleumi.co.il/nLogin/images/15Sstyle/123img-desktop.jpg
Requested by
Host: hb2.bankleumi.co.il
URL: https://hb2.bankleumi.co.il/InternalSite/scripts/CustomUpdate/jquery-1.10.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.203.32.11 Rehovot, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
odap-199-203-32-11.bb.netvision.net.il
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
711b592dc6ec82ecefd1b0a9573fb216d03d663fb4f91de48d464d4ff8cb5dec

Request headers

Referer
https://cache.bankleumi.co.il/nLogin/css/Leumi/loginResStyle.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 30 Jun 2019 09:52:35 GMT
ETag
"6e733b444728d11:0"
Last-Modified
Thu, 26 Nov 2015 12:37:52 GMT
Server
Microsoft-IIS/8.5
Age
2455
X-Powered-By
ASP.NET
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
81388
phone_desktop.png
cache.bankleumi.co.il/nLogin/images/15Sstyle/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache.bankleumi.co.il/nLogin/images/15Sstyle/phone_desktop.png
Requested by
Host: hb2.bankleumi.co.il
URL: https://hb2.bankleumi.co.il/InternalSite/scripts/CustomUpdate/jquery-1.10.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.203.32.11 Rehovot, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
odap-199-203-32-11.bb.netvision.net.il
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d3a3683045c55411a8fccfae6eaa4e1ea63199032533351401159ee9a003b31a

Request headers

Referer
https://cache.bankleumi.co.il/nLogin/css/Leumi/loginResStyle.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 30 Jun 2019 09:52:35 GMT
ETag
"6e494e424728d11:0"
Last-Modified
Thu, 26 Nov 2015 12:37:49 GMT
Server
Microsoft-IIS/8.5
Age
2435
X-Powered-By
ASP.NET
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1156
gray-bg3.png
cache.bankleumi.co.il/nLogin/images/15Sstyle/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache.bankleumi.co.il/nLogin/images/15Sstyle/gray-bg3.png
Requested by
Host: hb2.bankleumi.co.il
URL: https://hb2.bankleumi.co.il/InternalSite/scripts/CustomUpdate/jquery-1.10.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.203.32.11 Rehovot, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
odap-199-203-32-11.bb.netvision.net.il
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
d09e7b054ca9183c56a689c2e33f1567e4a34565c7e6ae82760c4b05f53c1f9c

Request headers

Referer
https://cache.bankleumi.co.il/nLogin/css/Leumi/loginResStyle.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 30 Jun 2019 09:52:35 GMT
ETag
"ea31e414728d11:0"
Last-Modified
Thu, 26 Nov 2015 12:37:47 GMT
Server
Microsoft-IIS/8.5
Age
2295
X-Powered-By
ASP.NET
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3846
tipografregularwebfont.woff
cache.bankleumi.co.il/nLogin/Fonts/Leumi/ 		0
0
tipografboldwebfont.woff
cache.bankleumi.co.il/nLogin/Fonts/Leumi/ 		0
0
Cookie set /
content.leumi.co.il/LoginPromotion/37570/ Frame 73C2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://content.leumi.co.il/LoginPromotion/37570/?referer=bankleumi
Requested by
Host: hb2.bankleumi.co.il
URL: https://hb2.bankleumi.co.il/InternalSite/scripts/CustomUpdate/general_functions.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.179.26.77 Tel Aviv, Israel, ASN8551 (BEZEQ-INTERNATIONAL-AS Bezeqint Internet Backbone, IL),
Reverse DNS
bzq-179-26-77.cust.bezeqint.net
Software
Microsoft-IIS/8.5 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' apps.blms.co.il www.leumitech.com hb2.bankleumi.co.il hb3.bankleumi.co.il trade.bankleumi.co.il mortgage.blms.co.il hb.unionbank.co.il ;
Strict-Transport-Security max-age=16070400; includeSubDomain

Request headers

Host
content.leumi.co.il
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/

Response headers

Cache-Control
no-cache
Content-Type
text/html;charset=UTF-8
Server
Microsoft-IIS/8.5
Strict-Transport-Security
max-age=16070400; includeSubDomain
Content-Security-Policy
frame-ancestors 'self' apps.blms.co.il www.leumitech.com hb2.bankleumi.co.il hb3.bankleumi.co.il trade.bankleumi.co.il mortgage.blms.co.il hb.unionbank.co.il ;
Set-Cookie
JSESSIONID=11A077630CD0F1727516C5B2FC60A83B; Path=/; Secure; HttpOnly VignettePortal-NavTreeState-ContentLeumi=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/ contentleumi=rd2900o00000000000000000000ffffac1d0059o443; path=/; Httponly; Secure
Date
Sun, 30 Jun 2019 09:52:36 GMT
Content-Length
2974
fbtypographeng-regularwebfont.woff
cache.bankleumi.co.il/nLogin/Fonts/Leumi/ 		0
0
fbtypographeng-boldwebfont.woff
cache.bankleumi.co.il/nLogin/Fonts/Leumi/ 		0
0
tipografregularwebfont.ttf
cache.bankleumi.co.il/nLogin/Fonts/Leumi/ 		0
0
tipografboldwebfont.ttf
cache.bankleumi.co.il/nLogin/Fonts/Leumi/ 		0
0
fbtypographeng-regularwebfont.ttf
cache.bankleumi.co.il/nLogin/Fonts/Leumi/ 		0
0
fbtypographeng-boldwebfont.ttf
cache.bankleumi.co.il/nLogin/Fonts/Leumi/ 		0
0
wtid.js
sdc.bankleumi.co.il/dcsftqx3e00000s1wv4e5ao3q_3l6o/ 		64 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sdc.bankleumi.co.il/dcsftqx3e00000s1wv4e5ao3q_3l6o/wtid.js
Requested by
Host: hb2.bankleumi.co.il
URL: https://hb2.bankleumi.co.il/InternalSite/scripts/CustomUpdate/webtrends.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.203.28.172 , Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
c2a2696d1a2a166fbe9054dd82c59b6225cf5bb885237a1953818fdfd2c0b9f5

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Sun, 30 Jun 2019 09:52:37 GMT
X-wtid
sent
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
Content-Type
application/x-javascript
Cache-Control
no-cache
Connection
close
Content-Length
64
Expires
-1
/
10stat.com/ 		43 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://10stat.com/?le=1&u=https%3A//naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/&r=
Requested by
Host: naaflooring.com
URL: https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
52.16.205.165 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-16-205-165.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Ubuntu) /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 30 Jun 2019 09:56:53 GMT
Server
Apache/2.4.25 (Ubuntu)
Connection
close
Accept-Ranges
bytes
Content-Length
43
Content-Type
image/jpeg
dcs.gif
sdc.bankleumi.co.il/dcsftqx3e00000s1wv4e5ao3q_3l6o/
Redirect Chain
  • https://sdc.bankleumi.co.il/dcsftqx3e00000s1wv4e5ao3q_3l6o/dcs.gif?&dcsdat=1561888359660&dcssip=naaflooring.com&dcsuri=/wp-content/plugins/LayerSlider/static/public/inc/leumi/&WT.tz=2&WT.bh=11&WT.u...
  • https://sdc.bankleumi.co.il/dcsftqx3e00000s1wv4e5ao3q_3l6o/dcs.gif?dcsredirect=1&dcsdat=1561888359660&dcssip=naaflooring.com&dcsuri=/wp-content/plugins/LayerSlider/static/public/inc/leumi/&WT.tz=2&...
43 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sdc.bankleumi.co.il/dcsftqx3e00000s1wv4e5ao3q_3l6o/dcs.gif?dcsredirect=1&dcsdat=1561888359660&dcssip=naaflooring.com&dcsuri=/wp-content/plugins/LayerSlider/static/public/inc/leumi/&WT.tz=2&WT.bh=11&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=%D7%91%D7%A0%D7%A7%20%D7%9C%D7%90%D7%95%D7%9E%D7%99%20-%20%D7%9B%D7%A0%D7%99%D7%A1%D7%94%20%D7%9C%D7%97%D7%A9%D7%91%D7%95%D7%A0%D7%9A%20-%20LIBI_U5%20-%203&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%20enabled&WT.slv=Not%20enabled&WT.tv=9.3.0&WT.dl=0&WT.ssl=1&WT.es=naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/&WT.vt_f_a=2&WT.vt_f=2
Requested by
Host: naaflooring.com
URL: https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.203.28.172 , Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
9327663db171e3c01e351f3f5562ee5ed8f3d6bde6a7da57d966997f1a4b7a57

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 30 Jun 2019 09:52:40 GMT
ETag
"093b4d76c65cb1:0"
Last-Modified
Wed, 06 Oct 2010 15:40:46 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
P3P
CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Sun, 30 Jun 2019 09:52:39 GMT
ETag
"093b4d76c65cb1:0"
Last-Modified
Wed, 06 Oct 2010 15:40:46 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
P3P
CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Location
/dcsftqx3e00000s1wv4e5ao3q_3l6o/dcs.gif?dcsredirect=1&dcsdat=1561888359660&dcssip=naaflooring.com&dcsuri=/wp-content/plugins/LayerSlider/static/public/inc/leumi/&WT.tz=2&WT.bh=11&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=%D7%91%D7%A0%D7%A7%20%D7%9C%D7%90%D7%95%D7%9E%D7%99%20-%20%D7%9B%D7%A0%D7%99%D7%A1%D7%94%20%D7%9C%D7%97%D7%A9%D7%91%D7%95%D7%A0%D7%9A%20-%20LIBI_U5%20-%203&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%20enabled&WT.slv=Not%20enabled&WT.tv=9.3.0&WT.dl=0&WT.ssl=1&WT.es=naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/&WT.vt_f_a=2&WT.vt_f=2
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
0
dcs.gif
sdc.bankleumi.co.il/dcsftqx3e00000s1wv4e5ao3q_3l6o/
Redirect Chain
  • https://sdc.bankleumi.co.il/dcsftqx3e00000s1wv4e5ao3q_3l6o/dcs.gif?&dcsdat=1561888360165&dcssip=naaflooring.com&dcsuri=/wp-content/plugins/LayerSlider/static/public/inc/leumi/&WT.tz=2&WT.bh=11&WT.u...
  • https://sdc.bankleumi.co.il/dcsftqx3e00000s1wv4e5ao3q_3l6o/dcs.gif?dcsredirect=1&dcsdat=1561888360165&dcssip=naaflooring.com&dcsuri=/wp-content/plugins/LayerSlider/static/public/inc/leumi/&WT.tz=2&...
43 B
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sdc.bankleumi.co.il/dcsftqx3e00000s1wv4e5ao3q_3l6o/dcs.gif?dcsredirect=1&dcsdat=1561888360165&dcssip=naaflooring.com&dcsuri=/wp-content/plugins/LayerSlider/static/public/inc/leumi/&WT.tz=2&WT.bh=11&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=%D7%91%D7%A0%D7%A7%20%D7%9C%D7%90%D7%95%D7%9E%D7%99%20-%20%D7%9B%D7%A0%D7%99%D7%A1%D7%94%20%D7%9C%D7%97%D7%A9%D7%91%D7%95%D7%A0%D7%9A%20-%20LIBI_U5%20-%203&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%20enabled&WT.slv=Not%20enabled&WT.tv=9.3.0&WT.dl=0&WT.ssl=1&WT.es=naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/&WT.vt_f_a=2&WT.vt_f=2&WT.service_av=login&WT.channel=pc&WT.action=login&WT.service=login&WT.si_p=login%20screen%20loaded&WT.status=succes&WT.message=none&WT.reg_status=unknown
Requested by
Host: naaflooring.com
URL: https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.203.28.172 , Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
9327663db171e3c01e351f3f5562ee5ed8f3d6bde6a7da57d966997f1a4b7a57

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 30 Jun 2019 09:52:40 GMT
ETag
"093b4d76c65cb1:0"
Last-Modified
Wed, 06 Oct 2010 15:40:46 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
P3P
CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43

Redirect headers

Date
Sun, 30 Jun 2019 09:52:39 GMT
ETag
"093b4d76c65cb1:0"
Last-Modified
Wed, 06 Oct 2010 15:40:46 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
P3P
CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
Location
/dcsftqx3e00000s1wv4e5ao3q_3l6o/dcs.gif?dcsredirect=1&dcsdat=1561888360165&dcssip=naaflooring.com&dcsuri=/wp-content/plugins/LayerSlider/static/public/inc/leumi/&WT.tz=2&WT.bh=11&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=%D7%91%D7%A0%D7%A7%20%D7%9C%D7%90%D7%95%D7%9E%D7%99%20-%20%D7%9B%D7%A0%D7%99%D7%A1%D7%94%20%D7%9C%D7%97%D7%A9%D7%91%D7%95%D7%A0%D7%9A%20-%20LIBI_U5%20-%203&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%20enabled&WT.slv=Not%20enabled&WT.tv=9.3.0&WT.dl=0&WT.ssl=1&WT.es=naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/&WT.vt_f_a=2&WT.vt_f=2&WT.service_av=login&WT.channel=pc&WT.action=login&WT.service=login&WT.si_p=login%20screen%20loaded&WT.status=succes&WT.message=none&WT.reg_status=unknown
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
0
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5P8MD4L
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 21:35:04 GMT
server
Golfe2
age
1504
date
Sun, 30 Jun 2019 09:27:37 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17707
expires
Sun, 30 Jun 2019 11:27:37 GMT
collect
www.google-analytics.com/j/ 		2 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j77&aip=1&a=488011786&t=pageview&_s=1&dl=https%3A%2F%2Fnaaflooring.com%2Fwp-content%2Fplugins%2FLayerSlider%2Fstatic%2Fpublic%2Finc%2Fleumi%2F&dp=%D7%93%D7%A3%20%D7%9C%D7%95%D7%92%D7%99%D7%9F&ul=en-us&de=UTF-8&dt=%D7%91%D7%A0%D7%A7%20%D7%9C%D7%90%D7%95%D7%9E%D7%99%20-%20%D7%9B%D7%A0%D7%99%D7%A1%D7%94%20%D7%9C%D7%97%D7%A9%D7%91%D7%95%D7%A0%D7%9A%20-%20LIBI_U5%20-%203&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAMABAAAAAC~&jid=1615679648&gjid=790357412&cid=896025153.1561888363&tid=UA-22095564-16&_gid=760547545.1561888363&_r=1&gtm=2wg6k25P8MD4L&cg1=%D7%93%D7%A3%20%D7%9C%D7%95%D7%92%D7%99%D7%9F&cg2=workflow&cd5=login&cd6=Web&cd8=https%3A%2F%2Fnaaflooring.com%2Fwp-content%2Fplugins%2FLayerSlider%2Fstatic%2Fpublic%2Finc%2Fleumi%2F&cd10=&cd26=%D7%93%D7%A3%20%D7%9C%D7%95%D7%92%D7%99%D7%9F&cd27=workflow&cd29=&cd30=&cd31=--&cd32=not%20available&cd34=not%20available&cd35=not%20available&cd36=not%20available&cd47=NA&cd68=not%20available&cd69=not%20available&z=1409483925
Requested by
Host: cache.bankleumi.co.il
URL: https://cache.bankleumi.co.il/eBanking/Themes/GeneralTopTabMenu/ScriptEBANK/detector-beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Origin
https://naaflooring.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Jun 2019 09:52:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://naaflooring.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j77&tid=UA-22095564-16&cid=896025153.1561888363&jid=1615679648&gjid=790357412&_gid=760547545.1561888363&_u=YEBAAMAAAAAAAC~&z=1987875953
Requested by
Host: cache.bankleumi.co.il
URL: https://cache.bankleumi.co.il/eBanking/Themes/GeneralTopTabMenu/ScriptEBANK/detector-beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
Origin
https://naaflooring.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 30 Jun 2019 09:52:43 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://naaflooring.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cls_empty.gif
cache.bankleumi.co.il/eBanking/Themes/GeneralTopTabMenu/Images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache.bankleumi.co.il/eBanking/Themes/GeneralTopTabMenu/Images/cls_empty.gif?v=2&p=db213195-fadf-431e-84a7-7a4838b143c6&e=jxis039b~2~-~Nu_-9rr0ys*s_1600x1200*sc_1600x1200~vn.2_15HXoNenINec15DXldee15kgLSDXm9eg15nXodeUINec15fXqdeR15XXoNeaIC0gTElCSV9VNSAtIDM%3D~~jxis066z~20~-~EdV9wYWdlKnRfMTI4MDIqcl8xMTYxKmRfMTk5KmZfMTE5NSp3XzEyMDA%3D~vn.2_15HXoNenINec15DXldee15kgLSDXm9eg15nXodeUINec15fXqdeR15XXoNeaIC0gTElCSV9VNSAtIDM%3D~~jxis069x~22~2%23uid~Nu_aHR0cHM6Ly93d3cuZ29vZ2xlLWFuYWx5dGljcy5jb20vai9jb2xsZWN0P3Y9MSZfdj1qNzcmYWlwPTEmYT00ODgwMTE3ODYmdD1wYWdldmlldyZfcz0xJmRsPWh0dHBzJTNBJTJGJTJGbmFhZmxvb3JpbmcuY29tJTJGd3AtY29udGVudCUyRnBsdWdpbnMlMkZMYXllclNsaWRlciUyRnN0YXRpYyUyRnB1YmxpYyUyRmluYyUyRmxldW1pJTJGJmRwPSVENyU5MyVENyVBMyUyMCVENyU5QyVENyU5NSVENyU5MiVENyU5OSVENyU5RiZ1bD1lbi11cyZkZT1VVEYtOCZkdD0lRDclOTElRDclQTAlRDclQTclMjAlRDclOUMlRDclOTAlRDclOTUlRDclOUUlRDclOTklMjAtJTIwJUQ3JTlCJUQ3JUEwJUQ3JTk5JUQ3JUExJUQ3JTk0JTIwJUQ3JTlDJUQ3JTk3JUQ3JUE5JUQ3JTkxJUQ3JTk1JUQ3JUEwJUQ3JTlBJTIwLSUyMExJQklfVTUlMjAtJTIwMyZzZD0yNC1iaXQmc3I9MTYwMHgxMjAwJnZwPTE2MDB4MTIwMCZqZT0wJl91PVlFQkFBTUFCQUFBQUFDfiZqaWQ9MTYxNTY3OTY0OCZnamlkPTc5MDM1NzQxMiZjaWQ9ODk2MDI1MTUzLjE1NjE4ODgzNjMmdGlkPVVBLTIyMDk1NTY0LTE2Jl9naWQ9NzYwNTQ3NTQ1LjE1NjE4ODgzNjMmX3I9MSZndG09MndnNmsyNVA4TUQ0TCZjZzE9JUQ3JTkzJUQ3JUEzJTIwJUQ3JTlDJUQ3JTk1JUQ3JTkyJUQ3JTk5JUQ3JTlGJmNnMj13b3JrZmxvdyZjZDU9bG9naW4mY2Q2PVdlYiZjZDg9aHR0cHMlM0ElMkYlMkZuYWFmbG9vcmluZy5jb20lMkZ3cC1jb250ZW50JTJGcGx1Z2lucyUyRkxheWVyU2xpZGVyJTJGc3RhdGljJTJGcHVibGljJTJGaW5jJTJGbGV1bWklMkYmY2QxMD0mY2QyNj0lRDclOTMlRDclQTMlMjAlRDclOUMlRDclOTUlRDclOTIlRDclOTklRDclOUYmY2QyNz13b3JrZmxvdyZjZDI5PSZjZDMwPSZjZDMxPS0tJmNkMzI9bm90JTIwYXZhaWxhYmxlJmNkMzQ9bm90JTIwYXZhaWxhYmxlJmNkMzU9bm90JTIwYXZhaWxhYmxlJmNkMzY9bm90JTIwYXZhaWxhYmxlJmNkNDc9TkEmY2Q2OD1ub3QlMjBhdmFpbGFibGUmY2Q2OT1ub3QlMjBhdmFpbGFibGUmej0xNDA5NDgzOTI1*uh_-szu6gh*d_31*s_5k~-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.203.32.11 Rehovot, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
odap-199-203-32-11.bb.netvision.net.il
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ed2993bc7b57397029b285cff5c42d15fc7078e0667b7b4949404eddc3a71944

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 30 Jun 2019 09:52:44 GMT
ETag
"0d2b34d64d51:0"
Last-Modified
Tue, 07 May 2019 13:10:12 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
cls_empty.gif
cache.bankleumi.co.il/eBanking/Themes/GeneralTopTabMenu/Images/ 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cache.bankleumi.co.il/eBanking/Themes/GeneralTopTabMenu/Images/cls_empty.gif?v=2&p=db213195-fadf-431e-84a7-7a4838b143c6&e=jxis06i2~22~2%23uid~Nu_aHR0cHM6Ly9zdGF0cy5nLmRvdWJsZWNsaWNrLm5ldC9qL2NvbGxlY3Q%2FdD1kYyZhaXA9MSZfcj0zJnY9MSZfdj1qNzcmdGlkPVVBLTIyMDk1NTY0LTE2JmNpZD04OTYwMjUxNTMuMTU2MTg4ODM2MyZqaWQ9MTYxNTY3OTY0OCZnamlkPTc5MDM1NzQxMiZfZ2lkPTc2MDU0NzU0NS4xNTYxODg4MzYzJl91PVlFQkFBTUFBQUFBQUFDfiZ6PTE5ODc4NzU5NTM%3D*uh_-mvdax1*d_87*s_5k~-
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.203.32.11 Rehovot, Israel, ASN1680 (NV-ASN CELLCOM ltd., IL),
Reverse DNS
odap-199-203-32-11.bb.netvision.net.il
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
ed2993bc7b57397029b285cff5c42d15fc7078e0667b7b4949404eddc3a71944

Request headers

Referer
https://naaflooring.com/wp-content/plugins/LayerSlider/static/public/inc/leumi/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 30 Jun 2019 09:52:44 GMT
ETag
"0d2b34d64d51:0"
Last-Modified
Tue, 07 May 2019 13:10:12 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
image/gif
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cache.bankleumi.co.il
URL
https://cache.bankleumi.co.il/nLogin/Fonts/Leumi/tipografregularwebfont.woff
Domain
cache.bankleumi.co.il
URL
https://cache.bankleumi.co.il/nLogin/Fonts/Leumi/tipografboldwebfont.woff
Domain
cache.bankleumi.co.il
URL
https://cache.bankleumi.co.il/nLogin/Fonts/Leumi/fbtypographeng-regularwebfont.woff
Domain
cache.bankleumi.co.il
URL
https://cache.bankleumi.co.il/nLogin/Fonts/Leumi/fbtypographeng-boldwebfont.woff
Domain
cache.bankleumi.co.il
URL
https://cache.bankleumi.co.il/nLogin/Fonts/Leumi/tipografregularwebfont.ttf
Domain
cache.bankleumi.co.il
URL
https://cache.bankleumi.co.il/nLogin/Fonts/Leumi/tipografboldwebfont.ttf
Domain
cache.bankleumi.co.il
URL
https://cache.bankleumi.co.il/nLogin/Fonts/Leumi/fbtypographeng-regularwebfont.ttf
Domain
cache.bankleumi.co.il
URL
https://cache.bankleumi.co.il/nLogin/Fonts/Leumi/fbtypographeng-boldwebfont.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Leumi (Banking)

130 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| openHelp_5 function| openWindow3 function| opWnVht function| launchApplet function| ReferToUnSecured function| goToApp function| initPage function| errorBloonsPlaceFix function| setVignetteUrl function| fn_iframe function| ClearFields function| checkEnter function| validate_field_heb function| valideNumericInput function| isHebrew function| hasHebrew function| hebDisplayMessage function| displayMessage function| notAllowHebrewChars function| checkFormFromHebrewChars boolean| boolBeenHere function| newPassSuitability function| isNumeric function| checkRsaField function| submit_form function| removeElementFromDom function| doPost function| tabClicked function| SendHref function| submit_onkey function| showStrength function| BackPage function| SendHref2 function| openWindow4 function| popUpV7_External function| openHelp_h function| popUp5 function| popUpScroll function| placeholderFix function| preventFocus function| reloadInput function| restorePlaceholder function| hasPlaceholderSupport function| addEvent function| getTargetObjEvent function| getLeft function| getTop function| getPosition function| isNetscape function| isIE function| isOpera object| dataLayer object| allowedParams string| gtmURL function| getGtmUrl function| GTMPushData function| GetgtmCookieGA function| GTMPushElementData object| User1st object| u1st_activation object| u1st_browserInfo boolean| u1st_runningHandlers object| u1st_domHandler object| u1st_domHandlerMO object| u1st_inlineFunctions function| _loadFE function| _loadBE boolean| u1st_messageReceived string| rmusop boolean| bLauNCTx function| aq4r function| vortiz function| rmuerr object| google_tag_manager object| u1st_pathDependentPatterns undefined| $ function| jQuery function| $Jq function| isMobileDevice string| hebErr string| reqErr string| smartReqErr string| numErr function| initFormValidation string| appWT number| PageMode string| capitalMarketUrl string| joinSmartSid object| timeout object| unexeptedError string| titleText number| OOBtimeOut string| tryAgain string| OobOtherDomain object| _config function| requiredValidation function| hebrewValidation function| isNotNumber function| numberValidation function| samePasswordValidation function| keypressClick function| OobWt string| channel function| getChannel function| getMobileDevice object| PanelManager boolean| loading object| formUtl object| elm object| focusElm function| WebTrends function| dcsMultiTrack function| dcsDebug object| _tag string| bsrmu3 string| bsrmu4 string| bsrmu5 string| bsrmu6 object| _detector string| gTempWtId function| inititsafterload string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

2 Cookies

Domain/Path Name / Value
.naaflooring.com/ Name: _cls_v
Value: 9825bdb4-7d58-4957-a824-85b182ac309b
.naaflooring.com/ Name: _cls_s
Value: e6bbab6d-fb48-40ca-bc06-525dc78302d4

1 Console Messages

Source Level URL
Text
console-api log URL: https://accessibilitys.bankleumi.co.il/loader/head(Line 1)
Message:
[User1st] Head - evaluate message issue.TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10stat.com
accessibilitys.bankleumi.co.il
cache.bankleumi.co.il
content.leumi.co.il
deti-na-planete.ru
hb2.bankleumi.co.il
naaflooring.com
sdc.bankleumi.co.il
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
cache.bankleumi.co.il
199.203.28.165
199.203.28.172
199.203.32.11
199.203.32.123
209.59.138.203
212.179.26.77
2a00:1450:4001:80b::200e
2a00:1450:4001:81f::2008
2a00:1450:400c:c0b::9a
52.16.205.165
81.177.139.72
198cdf3907bb618bea848112d142eee20ed1d794895311cb28a3dc2c0ceb151d
1e4a0ef4a045cea12db0ef0e8651fe1e4493dfef748ad25e0bf351fbaae0f3ac
26ede7f84f70004e44fa205aa02404cebb86c09563bfe8910c7238e19f906403
3529c7306454cdc0a51be1d025a3af9f1b046c0594ca8d92f2494d43e2855d51
3c89eff23d70598243da0d37abe80834fcf8ad2118486aef63185cc6962ce0d3
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4869f83e076f8c57d96a544dea9ec04e96ef41a346a1a3e17a1cb93e9db0c4c4
565220008db9698f939577d60437b636e4faafc12cc9c0ff7c633e382ba87eed
63223be8b39de6bc7ba221d696b14742824d76e217db2afb7b4856b0ee17cd10
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
711b592dc6ec82ecefd1b0a9573fb216d03d663fb4f91de48d464d4ff8cb5dec
711c41cd1ebfce2c755ef6acd504d9bfaebd4988923d5b469722a5bb28e9bbfb
72528201851acb36be12e56b4815cb065a153f6365928dda0806af3cea0c1794
839af5ca1d5b5aa4981770258f00f37670c6689fc812f6cdd78d3a615db6aa8b
8e6c8c811dc3cf6ea32a7a2e6481534ff453a225620787460845853b975c3f54
9327663db171e3c01e351f3f5562ee5ed8f3d6bde6a7da57d966997f1a4b7a57
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
a5113f75e3e1ddadebaef59226f84c4d89f11fcef8e628953663a139b1cca3f7
acbac7c6928dcc03d0186dddf1fe83ffceb86efec178d63d2f571cf011e1139b
c2a2696d1a2a166fbe9054dd82c59b6225cf5bb885237a1953818fdfd2c0b9f5
d09e7b054ca9183c56a689c2e33f1567e4a34565c7e6ae82760c4b05f53c1f9c
d2c69abc4c8e0890c756f1065f0d9093bd4ee21e65fffaa96b09b6cafc1137ae
d3a3683045c55411a8fccfae6eaa4e1ea63199032533351401159ee9a003b31a
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
ed2993bc7b57397029b285cff5c42d15fc7078e0667b7b4949404eddc3a71944
eec4c1af8f55a9f9af53dbf60ff5afc54808a98430a0457c8e8b27052dfd67e8