login.banknapoalln.cc Open in urlscan Pro
216.83.33.73 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://login.banknapoalln.cc/
Submission: On August 14 via automatic, source certstream-suspicious (August 14th 2023, 12:56:23 am UTC) — Scanned from DE

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 21 HTTP transactions. The main IP is 216.83.33.73, located in United States and belongs to BCPL-SG BGPNET Global ASN, SG. The main domain is login.banknapoalln.cc.
TLS certificate: Issued by R3 on August 13th 2023. Valid for: 3 months.

This is the only time login.banknapoalln.cc was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank Hapoalim (Banking)

Domain & IP information

	IP Address	AS Autonomous System
20	216.83.33.73 216.83.33.73	64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN)
1	45.60.207.1 45.60.207.1	19551 (INCAPSULA) (INCAPSULA)
21	2

20 216.83.33.73 (United States)

ASN64050 (BCPL-SG BGPNET Global ASN, SG)

login.banknapoalln.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.60.207.1 (United States)

ASN19551 (INCAPSULA, US)

login.bankhapoalim.co.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	banknapoalln.cc login.banknapoalln.cc	336 KB
1	bankhapoalim.co.il login.bankhapoalim.co.il — Cisco Umbrella Rank: 441292	2 KB
21	2

	Domain	Requested by
20	login.banknapoalln.cc	login.banknapoalln.cc
1	login.bankhapoalim.co.il	login.banknapoalln.cc
21	2

This site contains no links.

Subject Issuer	Validity	Valid
login.bankhap0alln.cc R3	`2023-08-13` - `2023-11-11`	3 months	crt.sh
login.bankhapoalim.co.il DigiCert SHA2 Extended Validation Server CA	`2022-11-15` - `2023-12-03`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://login.banknapoalln.cc/
Frame ID: C7C2705C089D7282B43949E32A91F308
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

בנק הפועלים - כניסה לחשבונך

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

338 kB
Transfer

628 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
login.banknapoalln.cc/ 67 KB
15 KB 1241ms
591ms Document
text/html 216.83.33.73
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.banknapoalln.cc/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

216.83.33.73 , United States, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

ac3923c9a863799d523fdab8bc20c7ee2e1bc0d012eb9693b26824eea8b84531

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Mon, 14 Aug 2023 00:32:30 GMT
etag: W/"64c7a87c-10af4"
last-modified: Mon, 31 Jul 2023 12:26:36 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 styles.004a7928836ed054.css
login.banknapoalln.cc/index_files/ 316 KB
74 KB 599ms
598ms Stylesheet
text/css 216.83.33.73
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css

Requested by

Host: login.banknapoalln.cc
URL: https://login.banknapoalln.cc/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

216.83.33.73 , United States, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

2ede51fe68e8a2726e60309e9af28ce18d40ca7efb19de40641d5d66584d0f31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.banknapoalln.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:32:31 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Mon, 31 Jul 2023 07:28:58 GMT
server: nginx
etag: W/"64c762ba-4ee5c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Mon, 14 Aug 2023 12:32:31 GMT

GET
H2 200 poalim-bold.afaa78f0219b396c.woff2
login.banknapoalln.cc/index_files/ 44 KB
44 KB 1698ms
1697ms Font
font/woff2 216.83.33.73
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.banknapoalln.cc/index_files/poalim-bold.afaa78f0219b396c.woff2

Requested by

Host: login.banknapoalln.cc
URL: https://login.banknapoalln.cc/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

216.83.33.73 , United States, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

19ccb677bfdda6fd06d103b274f6ff209a4833cdee04e66ec186963abbed181e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://login.banknapoalln.cc/
Origin: https://login.banknapoalln.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:32:31 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 31 Jul 2023 07:07:34 GMT
server: nginx
etag: "64c75db6-ae98"
content-type: font/woff2
accept-ranges: bytes
content-length: 44696

GET
H2 200 poalim-light.94c40d09d3a944c7.woff2
login.banknapoalln.cc/index_files/ 44 KB
44 KB 1698ms
1697ms Font
font/woff2 216.83.33.73
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.banknapoalln.cc/index_files/poalim-light.94c40d09d3a944c7.woff2

Requested by

Host: login.banknapoalln.cc
URL: https://login.banknapoalln.cc/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

216.83.33.73 , United States, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

1acaabb6c8ee4f0d8f99c74fea90c7672195649d3c56447063a34d5299c64f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://login.banknapoalln.cc/
Origin: https://login.banknapoalln.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:32:31 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 31 Jul 2023 07:07:34 GMT
server: nginx
etag: "64c75db6-ae58"
content-type: font/woff2
accept-ranges: bytes
content-length: 44632

GET
H2 200 poalim-regular.46327a7442c79f9e.woff2
login.banknapoalln.cc/index_files/ 43 KB
44 KB 1698ms
1697ms Font
font/woff2 216.83.33.73
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.banknapoalln.cc/index_files/poalim-regular.46327a7442c79f9e.woff2

Requested by

Host: login.banknapoalln.cc
URL: https://login.banknapoalln.cc/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

216.83.33.73 , United States, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

13a1b4a7b14c76d24ca6610a2eef91832e6bd23ec4751a20bccf9caedeaa2f3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://login.banknapoalln.cc/
Origin: https://login.banknapoalln.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:32:31 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 31 Jul 2023 07:07:34 GMT
server: nginx
etag: "64c75db6-adc0"
content-type: font/woff2
accept-ranges: bytes
content-length: 44480

GET
H2 200 poalimsans-medium-webfont_new.67327ee7a94acf21.woff2
login.banknapoalln.cc/index_files/ 0
141 B 1698ms
1697ms Font
font/woff2 216.83.33.73
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.banknapoalln.cc/index_files/poalimsans-medium-webfont_new.67327ee7a94acf21.woff2

Requested by

Host: login.banknapoalln.cc
URL: https://login.banknapoalln.cc/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

216.83.33.73 , United States, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://login.banknapoalln.cc/
Origin: https://login.banknapoalln.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:32:31 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 31 Jul 2023 07:07:34 GMT
server: nginx
etag: "64c75db6-0"
content-type: font/woff2
accept-ranges: bytes
content-length: 0

GET
H2 200 logo.3346d6f0406804d7.svg
login.banknapoalln.cc/index_files/ 2 KB
2 KB 2365ms
2364ms Image
image/svg+xml 216.83.33.73
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.banknapoalln.cc/index_files/logo.3346d6f0406804d7.svg

Requested by

Host: login.banknapoalln.cc
URL: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

216.83.33.73 , United States, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

0f39ee3bac769c1c7bcaa3013b8ae8cea45517c22aea30e572be79ac17070faf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:32:33 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 31 Jul 2023 06:59:34 GMT
server: nginx
etag: "64c75bd6-937"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 2359

GET
H2 200 support.d40c81f48cce7d01.svg
login.banknapoalln.cc/index_files/ 1 KB
1 KB 2365ms
2363ms Image
image/svg+xml 216.83.33.73
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.banknapoalln.cc/index_files/support.d40c81f48cce7d01.svg

Requested by

Host: login.banknapoalln.cc
URL: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

216.83.33.73 , United States, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

acbfcf66d3385bb4d17486072edebfbbd3d247fb072344f28b02fe339301f368

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:32:33 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 31 Jul 2023 06:59:32 GMT
server: nginx
etag: "64c75bd4-468"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 1128

GET
H2 200 secure-account.c3be546968f82799.svg
login.banknapoalln.cc/index_files/ 902 B
1 KB 2366ms
2364ms Image
image/svg+xml 216.83.33.73
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.banknapoalln.cc/index_files/secure-account.c3be546968f82799.svg

Requested by

Host: login.banknapoalln.cc
URL: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

216.83.33.73 , United States, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

004f2e4754fa91fc5e68cc42b43bec798e6f634a49024138eaf0821a9823a912

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:32:33 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 31 Jul 2023 06:59:32 GMT
server: nginx
etag: "64c75bd4-386"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 902

GET
H2 200 mistake.c8466751ff2fa3cd.svg
login.banknapoalln.cc/index_files/ 399 B
557 B 2367ms
2365ms Image
image/svg+xml 216.83.33.73
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.banknapoalln.cc/index_files/mistake.c8466751ff2fa3cd.svg

Requested by

Host: login.banknapoalln.cc
URL: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

216.83.33.73 , United States, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

aba3c743dec5725402d16cb868f9de3d2aaa326a155f919d6c574d49d0925cc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:32:33 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 31 Jul 2023 06:59:34 GMT
server: nginx
etag: "64c75bd6-18f"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 399

GET
H2 200 terms.87258e67eddd0616.svg
login.banknapoalln.cc/index_files/ 494 B
651 B 2367ms
2366ms Image
image/svg+xml 216.83.33.73
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.banknapoalln.cc/index_files/terms.87258e67eddd0616.svg

Requested by

Host: login.banknapoalln.cc
URL: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

216.83.33.73 , United States, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

34e1900f057ed5328e75081733ee773284dd1f7b0185ed6bca60460e14a26ad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:32:33 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 31 Jul 2023 06:59:34 GMT
server: nginx
etag: "64c75bd6-1ee"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 494

GET
H2 200 roles.a19c94d938dbd87b.svg
login.banknapoalln.cc/index_files/ 315 B
472 B 2368ms
2367ms Image
image/svg+xml 216.83.33.73
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.banknapoalln.cc/index_files/roles.a19c94d938dbd87b.svg

Requested by

Host: login.banknapoalln.cc
URL: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

216.83.33.73 , United States, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

a1613d6529962f6aa4fffa96c826204b9e5d8d010f1330301b9347c5fdf21c00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:32:33 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 31 Jul 2023 06:59:32 GMT
server: nginx
etag: "64c75bd4-13b"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 315

GET
H2 200 login-bg.c481e68402934b4a.jpg
login.banknapoalln.cc/index_files/ 101 KB
102 KB 2369ms
2368ms Image
image/jpeg 216.83.33.73
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.banknapoalln.cc/index_files/login-bg.c481e68402934b4a.jpg

Requested by

Host: login.banknapoalln.cc
URL: https://login.banknapoalln.cc/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

216.83.33.73 , United States, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

04b7557edbc28f452036aeb10c49a78b8ab769cfcdbb2c3fff2c01005bc0c72d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.banknapoalln.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:32:33 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 31 Jul 2023 07:01:24 GMT
server: nginx
etag: "64c75c44-1951f"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 103711
expires: Wed, 13 Sep 2023 00:32:33 GMT

GET
H2 200 login-info.6d29c1576d501131.svg
login.bankhapoalim.co.il/ng-portals/auth/he/ 668 B
2 KB 372ms
230ms Image
image/svg+xml 45.60.207.1
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.bankhapoalim.co.il/ng-portals/auth/he/login-info.6d29c1576d501131.svg

Requested by

Host: login.banknapoalln.cc
URL: https://login.banknapoalln.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.207.1 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f97a8355f3c25f081be45a01270fe845891a688194249759ff4181f3eade2980

Security Headers

Name	Value
Content-Security-Policy	report-uri /ng-portals/report-violation; block-all-mixed-content; default-src 'self' data: .bankhapoalim.co.il .poalimbeonline.co.il misc.poalim-site.co.il www.bcodes.co.il youtu.be www.youtube.com digital.isracard.co.il; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: www.bcodes.co.il; style-src 'self' 'unsafe-inline'; media-src 'self' blob:
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.banknapoalln.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:56:11 GMT
content-security-policy: report-uri /ng-portals/report-violation; block-all-mixed-content; default-src 'self' data: *.bankhapoalim.co.il *.poalimbeonline.co.il misc.poalim-site.co.il www.bcodes.co.il youtu.be www.youtube.com digital.isracard.co.il; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: www.bcodes.co.il; style-src 'self' 'unsafe-inline'; media-src 'self' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=16070400; includeSubDomains
via: HTTP/1.1 login.bankhapoalim.co.il:443
content-encoding: gzip
x-dns-prefetch-control: off
x-iinfo: 13-86420397-86419270 2NYN RT(1691974570849 32) q(0 0 0 1) r(2 2)
server-timing: dtSInfo;desc="0", dtRpid;desc="-53775603"
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 May 2023 09:22:37 GMT
etag: W/"29c-1882904bf48"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=0
feature-policy: autoplay 'self';accelerometer 'self';camera 'self';fullscreen 'self';geolocation 'self';gyroscope 'self'
permissions-policy: fullscreen=(self), autoplay=(self), accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self)
accept-ranges: bytes
x-robots-tag: noindex

GET
H2 200 eye-3.7ef89a9bc1f70eba.svg
login.banknapoalln.cc/index_files/ 575 B
733 B 2368ms
2367ms Image
image/svg+xml 216.83.33.73
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.banknapoalln.cc/index_files/eye-3.7ef89a9bc1f70eba.svg

Requested by

Host: login.banknapoalln.cc
URL: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

216.83.33.73 , United States, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

c394c633dfae55a91df2da2c3a4e0d9bb9638fd3298ba2fae95d2980809a0683

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:32:33 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 31 Jul 2023 06:59:34 GMT
server: nginx
etag: "64c75bd6-23f"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 575

GET
H2 200 cookies.7e2764121ad06e19.svg
login.banknapoalln.cc/index_files/ 7 KB
7 KB 2368ms
2367ms Image
image/svg+xml 216.83.33.73
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.banknapoalln.cc/index_files/cookies.7e2764121ad06e19.svg

Requested by

Host: login.banknapoalln.cc
URL: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

216.83.33.73 , United States, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

0b9018f0d2a3302b501d3458369e20fde74a607bbb167792b9ae8a248d736ee7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:32:34 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 31 Jul 2023 06:59:34 GMT
server: nginx
etag: "64c75bd6-1b37"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 6967

GET
H2 200 arrow-left-red_1.784aa4b0d9b61eb4.svg
login.banknapoalln.cc/index_files/ 584 B
742 B 2371ms
2369ms Image
image/svg+xml 216.83.33.73
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://login.banknapoalln.cc/index_files/arrow-left-red_1.784aa4b0d9b61eb4.svg

Requested by

Host: login.banknapoalln.cc
URL: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

216.83.33.73 , United States, ASN64050 (BCPL-SG BGPNET Global ASN, SG),

Reverse DNS

Software

nginx /

Resource Hash

554dd3598b4f533e1bb5b4a23fa1026643965fb2a39f85e7aa9dd2403553c11a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:32:34 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 31 Jul 2023 06:59:34 GMT
server: nginx
etag: "64c75bd6-248"
content-type: image/svg+xml
accept-ranges: bytes
content-length: 584

GET
H2 404 poalim-mobile-regular.556770fab42322eb.ttf
login.banknapoalln.cc/index_files/ 0
0 2368ms
2368ms Font
text/html 216.83.33.73
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.banknapoalln.cc/index_files/poalim-mobile-regular.556770fab42322eb.ttf
Requested by: Host: login.banknapoalln.cc
URL: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.83.33.73 , United States, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css
Origin: https://login.banknapoalln.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:32:34 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 404 poalim-mobile-light.ec4ed52c53df7bf0.ttf
login.banknapoalln.cc/index_files/ 0
0 2369ms
2369ms Font
text/html 216.83.33.73
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.banknapoalln.cc/index_files/poalim-mobile-light.ec4ed52c53df7bf0.ttf
Requested by: Host: login.banknapoalln.cc
URL: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.83.33.73 , United States, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css
Origin: https://login.banknapoalln.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:32:34 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 404 poalimsans-medium-webfont_new.e5a8cf2b0ba21640.woff
login.banknapoalln.cc/index_files/ 0
0 2352ms
2351ms Font
text/html 216.83.33.73
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.banknapoalln.cc/index_files/poalimsans-medium-webfont_new.e5a8cf2b0ba21640.woff
Requested by: Host: login.banknapoalln.cc
URL: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.83.33.73 , United States, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css
Origin: https://login.banknapoalln.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:32:36 GMT
server: nginx
content-length: 548
content-type: text/html

GET
H2 404 poalimsans-medium-webfont_new.b833c5a8994deed1.ttf
login.banknapoalln.cc/index_files/ 0
0 2100ms
2098ms Font
text/html 216.83.33.73
BCPL-SG BGPNET Gl...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.banknapoalln.cc/index_files/poalimsans-medium-webfont_new.b833c5a8994deed1.ttf
Requested by: Host: login.banknapoalln.cc
URL: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 216.83.33.73 , United States, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://login.banknapoalln.cc/index_files/styles.004a7928836ed054.css
Origin: https://login.banknapoalln.cc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 14 Aug 2023 00:32:38 GMT
server: nginx
content-length: 548
content-type: text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank Hapoalim (Banking)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| bnhpApp

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bankhapoalim.co.il/	1969-12-31 23:59:59	Name: nlbi_2405249 Value: h95ccYl/EHXAkrhHOJo9GwAAAAAURVZlkMHNcBGATt6g/8cL
.bankhapoalim.co.il/	1970-01-20 22:45:02	Name: visid_incap_2405249 Value: 946Z6JWSSceXl/WeWWKyvqp72WQAAAAAQUIPAAAAAAA+Oyl/1lCkBQmoGxLMc+lV
.bankhapoalim.co.il/	1969-12-31 23:59:59	Name: incap_ses_9197_2405249 Value: 4qikEIct0EKOF8tgAlCif6t72WQAAAAA4lToBKIGUeg8+3zwDBGVRA==

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://login.banknapoalln.cc/ Message: Failed to decode downloaded font: https://login.banknapoalln.cc/index_files/poalimsans-medium-webfont_new.67327ee7a94acf21.woff2
other	warning	URL: https://login.banknapoalln.cc/(Line 110) Message: Failed to decode downloaded font: https://login.banknapoalln.cc/index_files/poalimsans-medium-webfont_new.67327ee7a94acf21.woff2
network	error	URL: https://login.banknapoalln.cc/index_files/poalim-mobile-regular.556770fab42322eb.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://login.banknapoalln.cc/index_files/poalim-mobile-light.ec4ed52c53df7bf0.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://login.banknapoalln.cc/index_files/poalimsans-medium-webfont_new.e5a8cf2b0ba21640.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://login.banknapoalln.cc/index_files/poalimsans-medium-webfont_new.b833c5a8994deed1.ttf Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

login.bankhapoalim.co.il
login.banknapoalln.cc
216.83.33.73
45.60.207.1
004f2e4754fa91fc5e68cc42b43bec798e6f634a49024138eaf0821a9823a912
04b7557edbc28f452036aeb10c49a78b8ab769cfcdbb2c3fff2c01005bc0c72d
0b9018f0d2a3302b501d3458369e20fde74a607bbb167792b9ae8a248d736ee7
0f39ee3bac769c1c7bcaa3013b8ae8cea45517c22aea30e572be79ac17070faf
13a1b4a7b14c76d24ca6610a2eef91832e6bd23ec4751a20bccf9caedeaa2f3f
19ccb677bfdda6fd06d103b274f6ff209a4833cdee04e66ec186963abbed181e
1acaabb6c8ee4f0d8f99c74fea90c7672195649d3c56447063a34d5299c64f7c
2ede51fe68e8a2726e60309e9af28ce18d40ca7efb19de40641d5d66584d0f31
34e1900f057ed5328e75081733ee773284dd1f7b0185ed6bca60460e14a26ad3
554dd3598b4f533e1bb5b4a23fa1026643965fb2a39f85e7aa9dd2403553c11a
a1613d6529962f6aa4fffa96c826204b9e5d8d010f1330301b9347c5fdf21c00
aba3c743dec5725402d16cb868f9de3d2aaa326a155f919d6c574d49d0925cc8
ac3923c9a863799d523fdab8bc20c7ee2e1bc0d012eb9693b26824eea8b84531
acbfcf66d3385bb4d17486072edebfbbd3d247fb072344f28b02fe339301f368
c394c633dfae55a91df2da2c3a4e0d9bb9638fd3298ba2fae95d2980809a0683
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f97a8355f3c25f081be45a01270fe845891a688194249759ff4181f3eade2980

login.banknapoalln.cc Open in urlscan Pro 216.83.33.73 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

21 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

338 kBTransfer

628 kBSize

3 Cookies

0 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

3 Cookies

6 Console Messages

Security Headers

Indicators

login.banknapoalln.cc Open in urlscan Pro
216.83.33.73 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

338 kB
Transfer

628 kB
Size

3
Cookies

21 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!