cr.lnet.org.il Open in urlscan Pro
82.80.206.57 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=7...
Submission: On March 03 via automatic, source openphish (March 3rd 2021, 1:05:33 am UTC)

Summary HTTP 58 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 6 countries across 11 domains to perform 58 HTTP transactions. The main IP is 82.80.206.57, located in Kfar Saba, Israel and belongs to . The main domain is cr.lnet.org.il.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 10th 2020. Valid for: a year.

This is the only time cr.lnet.org.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	82.80.206.57 82.80.206.57	() ()
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1	15.237.76.117 15.237.76.117	16509 (AMAZON-02) (AMAZON-02)
7	18.195.42.228 18.195.42.228	16509 (AMAZON-02) (AMAZON-02)
20	205.255.100.241 205.255.100.241	() ()
2	178.249.97.23 178.249.97.23	11054 (LIVEPERSON) (LIVEPERSON)
6	104.17.208.240 104.17.208.240	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	178.249.97.98 178.249.97.98	11054 (LIVEPERSON) (LIVEPERSON)
1	2a00:1450:400... 2a00:1450:400c:c1b::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	208.89.12.87 208.89.12.87	11054 (LIVEPERSON) (LIVEPERSON)
58	13

10 82.80.206.57 (Kfar Saba, Israel)

ASN- ()
PTR: bzq-82-80-206-57.red.bezeqint.net

cr.lnet.org.il	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.237.76.117 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

smetrics.regions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.195.42.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 205.255.100.241 (United States)

ASN- ()

onlinebanking.regions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.249.97.23 (United Kingdom)

ASN11054 (LIVEPERSON, US)

lptag.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.17.208.240 (United States)

ASN13335 (CLOUDFLARENET, US)

siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
znebdjzidehxpwsol-regions.siteintercept.qualtrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.249.97.98 (United Kingdom)

ASN11054 (LIVEPERSON, US)
PTR: lo-lpcdn.lpsnmedia.net

lpcdn.lpsnmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.89.12.87 (United States)

ASN11054 (LIVEPERSON, US)
PTR: va.v.liveperson.net

va.v.liveperson.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	regions.com smetrics.regions.com onlinebanking.regions.com	483 KB
10	lnet.org.il cr.lnet.org.il	9 KB
7	ensighten.com nexus.ensighten.com	66 KB
6	qualtrics.com siteintercept.qualtrics.com znebdjzidehxpwsol-regions.siteintercept.qualtrics.com	70 KB
4	lpsnmedia.net lpcdn.lpsnmedia.net	62 KB
3	liveperson.net lptag.liveperson.net va.v.liveperson.net	107 KB
3	google-analytics.com www.google-analytics.com	38 KB
1	google.de www.google.de	107 B
1	google.com www.google.com	109 B
1	doubleclick.net stats.g.doubleclick.net	87 B
1	googletagmanager.com www.googletagmanager.com	39 KB
58	11

	Domain	Requested by
20	onlinebanking.regions.com	cr.lnet.org.il onlinebanking.regions.com
10	cr.lnet.org.il	cr.lnet.org.il lptag.liveperson.net
7	nexus.ensighten.com	cr.lnet.org.il nexus.ensighten.com
4	lpcdn.lpsnmedia.net	cr.lnet.org.il lptag.liveperson.net
4	siteintercept.qualtrics.com	cr.lnet.org.il
3	www.google-analytics.com	cr.lnet.org.il www.google-analytics.com www.googletagmanager.com
2	znebdjzidehxpwsol-regions.siteintercept.qualtrics.com	cr.lnet.org.il nexus.ensighten.com
2	lptag.liveperson.net	cr.lnet.org.il
1	va.v.liveperson.net	lptag.liveperson.net
1	www.google.de
1	www.google.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	smetrics.regions.com	cr.lnet.org.il
1	www.googletagmanager.com	cr.lnet.org.il
58	14

This site contains no links.

Subject Issuer	Validity	Valid
*.lnet.org.il Go Daddy Secure Certificate Authority - G2	`2020-09-10` - `2021-09-10`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
smetrics.regions.com DigiCert SHA2 High Assurance Server CA	`2020-04-06` - `2021-07-08`	a year	crt.sh
nexus.ensighten.com DigiCert SHA2 Secure Server CA	`2020-09-09` - `2021-10-11`	a year	crt.sh
onlinebanking.regions.com Sectigo RSA Extended Validation Secure Server CA	`2020-04-22` - `2021-04-22`	a year	crt.sh
*.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-05-30` - `2022-05-30`	2 years	crt.sh
*.qualtrics.com DigiCert SHA2 Secure Server CA	`2020-10-26` - `2021-11-26`	a year	crt.sh
*.lpsnmedia.net Sectigo RSA Organization Validation Secure Server CA	`2021-02-21` - `2022-02-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.v.liveperson.net Sectigo RSA Organization Validation Secure Server CA	`2020-04-13` - `2022-04-13`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
Frame ID: E4929E96FC6F1F69FB104938B590A278
Requests: 56 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.html?loc=https%3A%2F%2Fonlinebanking.regions.com&site=60208595&env=prod
Frame ID: 217D366707839913EFEAC524842B8F4E
Requests: 1 HTTP requests in this frame

Frame: https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.html?loc=https%3A%2F%2Fcr.lnet.org.il&site=60208595&env=prod
Frame ID: D6F9FEBC62AE3F2F5CFDCA89C224426D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

LivePerson (Live Chat) Expand

Overall confidence: 100%
Detected patterns

script /^https?:\/\/lptag\.liveperson\.net\/tag\/tag\.js/i

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

script /\/\/nexus\.ensighten\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

58
Requests

100 %
HTTPS

38 %
IPv6

11
Domains

14
Subdomains

13
IPs

6
Countries

874 kB
Transfer

2334 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Identity.php Show response
cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/ 22 KB
9 KB 370ms
77ms Document
text/html 82.80.206.57

General

Check archive.org

Show headers Download Go to

Full URL: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 82.80.206.57 Kfar Saba, Israel, ASN (),
Reverse DNS: bzq-82-80-206-57.red.bezeqint.net
Software: Microsoft-IIS/7.5 / PHP/5.3.28 ASP.NET
Resource Hash: ec22cbf61409ab4dc7c0442f82fc2fe552cc3d825f70b0ed9d4132fa01dc186a

Request headers

Host: cr.lnet.org.il
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/html
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: PHP/5.3.28 ASP.NET
Date: Wed, 03 Mar 2021 01:05:01 GMT
Content-Length: 8937

GET
H/1.1 404
Not Found example.css
cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/ 0
0 77ms
73ms Stylesheet
text/html 82.80.206.57

General

Check archive.org

Show headers Download Go to

Full URL: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/example.css
Requested by: Host: cr.lnet.org.il
URL: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 82.80.206.57 Kfar Saba, Israel, ASN (),
Reverse DNS: bzq-82-80-206-57.red.bezeqint.net
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:01 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 1245
Content-Type: text/html

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 16ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cr.lnet.org.il
URL: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3746
date: Wed, 03 Mar 2021 00:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 03 Mar 2021 02:02:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 25ms
21ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-108294743-4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bad340375602283b1eec94069839c17ce9e5177ce60c816ba45d8423c0c2bc86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 01:05:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39452
x-xss-protection: 0
last-modified: Wed, 03 Mar 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Mar 2021 01:05:02 GMT

GET
H2 200 s91524900803709 Show response
smetrics.regions.com/b/ss/regionsbankprod/10/JS-2.17.0/ 4 KB
4 KB 221ms
124ms Script
application/x-javascript 15.237.76.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetrics.regions.com/b/ss/regionsbankprod/10/JS-2.17.0/s91524900803709?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=25%2F0%2F2021%205%3A14%3A39%201%20360&cid.&regions_crossdevice.&id=2101947577000&as=1&.regions_crossdevice&.cid&d.&nsid=0&jsonv=1&.d&mid=39477775800738463424029032981839615537&aamlh=7&ce=UTF-8&ns=regions&cdp=2&pageName=olb%7Cauthentication%7Clocked&g=https%3A%2F%2Fonlinebanking.regions.com%2Fauthentication%2Flocked&r=https%3A%2F%2Flogin.regions.com%2F&cc=USD&ch=authentication&server=onlinebanking.regions.com&events=event1&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=olb&h1=D%3Dv1&c2=D%3Dv2&v2=locked&h2=D%3Dch&c3=D%3DpageName&v3=D%3DpageName&h3=locked&c4=D%3Dg&v4=D%3Dg&c5=D%3Dv5&v5=us&c6=D%3Dv6&v6=en&c7=D%3Dv7&v7=desktop%20layout%7C1366x624&c8=D%3Dv8&v8=olb%7Cworkflow%7Clockedout&c9=D%3Dv9&v9=100%7C100&v10=https%3A%2F%2Fonlinebanking.regions.com%2Fauthentication%2Flocked&v11=2101947577000&v12=D%3Dmid&v15=Repeat&v16=Less%20than%201%20day&v17=5%3A14%20AM%7CMonday&v18=enrolled&c19=D%3DpageName&c23=D%3Dv10&v68=1.3.9%7CJS-2.17.0%7CVI-4.4.0%7C20200127&c75=D%3Dv68&s=1366x768&c=24&j=1.6&v=N&k=Y&bw=1366&bh=624&mcorgid=DB9639725BD2FC5B0A495C65%40AdobeOrg&AQE=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.237.76.117 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-237-76-117.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

28d60a11088d49951c4e3654bd31849cc5b15095e5809909402deae8288f7027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-aam-tid: LoNlof/gRSo=
date: Wed, 03 Mar 2021 01:05:02 GMT
x-content-type-options: nosniff
x-c: main-1422.I3bac54.M0-478
p3p: CP="This is not a P3P policy"
vary: *
content-length: 3667
x-xss-protection: 1; mode=block
dcs: dcs-prod-va6-v077-0fc10dcc7.edge-va6.demdex.com 5.80.6.20210202104731 10ms (+0ms)
pragma: no-cache
last-modified: Thu, 04 Mar 2021 01:05:02 GMT
server: jag
xserver: anedge-5955cb7dcf-rgd2d
etag: 3467613793078444032-4621857968581475561
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 02 Mar 2021 01:05:02 GMT

GET
H2 200 e8af7c92967c2ae81a2f07a3b26377db.js Show response
nexus.ensighten.com/regions/regions-olb/code/ 2 KB
1 KB 110ms
63ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/regions/regions-olb/code/e8af7c92967c2ae81a2f07a3b26377db.js?conditionId0=4879482
Requested by: Host: cr.lnet.org.il
URL: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ca8905df65b1e9c1af40f45d7ac75f9de56da775613d11cb8446b5dc4416f927

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 01:05:02 GMT
content-encoding: gzip
last-modified: Tue, 30 Jun 2020 05:20:04 GMT
server: nginx
etag: W/"5efacb84-7bc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 aaed6ca3a40617bbda790c79347c4690.js Show response
nexus.ensighten.com/regions/regions-olb/code/ 24 B
247 B 110ms
63ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/regions/regions-olb/code/aaed6ca3a40617bbda790c79347c4690.js?conditionId0=423026
Requested by: Host: cr.lnet.org.il
URL: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1eeac0c64e470dee27f5a247a04d72fdc46f8b5e6809fdd865c01dc56a2853a8

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 01:05:02 GMT
last-modified: Thu, 05 Apr 2012 12:15:43 GMT
server: nginx
etag: "4f7d8cef-18"
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 24
expires: Wed, 03 Mar 2021 01:05:01 GMT

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/regions/regions-olb/ 392 B
534 B 117ms
64ms Script
text/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/regions/regions-olb/serverComponent.php?r=928.5866409881727&namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/regions-olb/code/&publishedOn=Thu%20Oct%2001%2006:12:39%20GMT%202020&ClientID=1202&PageID=https%3A%2F%2Fonlinebanking.regions.com%2Fauthentication%2Flocked
Requested by: Host: cr.lnet.org.il
URL: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13593dd719391b48f010caa53b734cbd914002cebc942a20fc86be2c371e1361

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 01:05:02 GMT
cache-control: no-cache, no-store
server: nginx
content-type: text/javascript
content-length: 392
expires: Wed, 03 Mar 2021 01:05:01 GMT

GET
H/1.1 200
OK combined.css.2f9fc3cbf27677fb33e871104adef761e91719dedc88a26629a28b2b1b5496a6.css
onlinebanking.regions.com/Themes/Desktop/Shared/Core/ 25 KB
7 KB 488ms
200ms Stylesheet
text/css 205.255.100.241

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.regions.com/Themes/Desktop/Shared/Core/combined.css.2f9fc3cbf27677fb33e871104adef761e91719dedc88a26629a28b2b1b5496a6.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.255.100.241 , United States, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

2f9fc3cbf27677fb33e871104adef761e91719dedc88a26629a28b2b1b5496a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Feb 2021 16:32:18 GMT
Server: Microsoft-IIS/10.0
ETag: "ef6b1e77930d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: no-cache
Strict-Transport-Security: max-age=157680000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 6338
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK combined.css.41afc67bd7a2c04dcda1f6df5a2211004da43ad2fa1679d70e08a2fbd5bc5389.css
onlinebanking.regions.com/Themes/Desktop/Shared/Core/ 147 KB
39 KB 404ms
115ms Stylesheet
text/css 205.255.100.241

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.regions.com/Themes/Desktop/Shared/Core/combined.css.41afc67bd7a2c04dcda1f6df5a2211004da43ad2fa1679d70e08a2fbd5bc5389.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.255.100.241 , United States, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

41afc67bd7a2c04dcda1f6df5a2211004da43ad2fa1679d70e08a2fbd5bc5389

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Feb 2021 16:32:18 GMT
Server: Microsoft-IIS/10.0
ETag: "ef6b1e77930d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: no-cache
Strict-Transport-Security: max-age=157680000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 39443
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK combined.css.4b9afaf41a028a1ac51511a17f0fa10947c9de458ced40f68ff529d0040525d3.css
onlinebanking.regions.com/Themes/Desktop/Shared/shared/ 35 KB
9 KB 404ms
115ms Stylesheet
text/css 205.255.100.241

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.regions.com/Themes/Desktop/Shared/shared/combined.css.4b9afaf41a028a1ac51511a17f0fa10947c9de458ced40f68ff529d0040525d3.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.255.100.241 , United States, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

4b9afaf41a028a1ac51511a17f0fa10947c9de458ced40f68ff529d0040525d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Feb 2021 16:32:38 GMT
Server: Microsoft-IIS/10.0
ETag: "ef1d7b82930d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: no-cache
Strict-Transport-Security: max-age=157680000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 8890
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK combined.css.ce5cba4bd4e352e9fd48b32b094cf65d6f8c71488f8193c4b140c6906516a5cd.css
onlinebanking.regions.com/Themes/Desktop/Shared/fiserv.ps.mfa/ 2 KB
1 KB 402ms
114ms Stylesheet
text/css 205.255.100.241

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.regions.com/Themes/Desktop/Shared/fiserv.ps.mfa/combined.css.ce5cba4bd4e352e9fd48b32b094cf65d6f8c71488f8193c4b140c6906516a5cd.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.255.100.241 , United States, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

ce5cba4bd4e352e9fd48b32b094cf65d6f8c71488f8193c4b140c6906516a5cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Feb 2021 16:32:26 GMT
Server: Microsoft-IIS/10.0
ETag: "a7fd5f7b930d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: no-cache
Strict-Transport-Security: max-age=157680000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 564
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK combined.css.b5a8f930ca4d73b71acfdaacc9f24e39919f8c6bcfaa37103d437141188dddab.css
onlinebanking.regions.com/Themes/Desktop/Shared/fiserv.ps.core/ 626 B
971 B 403ms
114ms Stylesheet
text/css 205.255.100.241

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.regions.com/Themes/Desktop/Shared/fiserv.ps.core/combined.css.b5a8f930ca4d73b71acfdaacc9f24e39919f8c6bcfaa37103d437141188dddab.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.255.100.241 , United States, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

b5a8f930ca4d73b71acfdaacc9f24e39919f8c6bcfaa37103d437141188dddab

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Feb 2021 16:32:23 GMT
Server: Microsoft-IIS/10.0
ETag: "6636f379930d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: no-cache
Strict-Transport-Security: max-age=157680000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 425
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found es5-shim.js
cr.lnet.org.il/Scripts/Desktop/Core/SkipAutoRegistration/polyfills/ 0
0 158ms
80ms Script
text/html 82.80.206.57

General

Check archive.org

Show headers Download Go to

Full URL: https://cr.lnet.org.il/Scripts/Desktop/Core/SkipAutoRegistration/polyfills/es5-shim.js
Requested by: Host: cr.lnet.org.il
URL: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 82.80.206.57 Kfar Saba, Israel, ASN (),
Reverse DNS: bzq-82-80-206-57.red.bezeqint.net
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:01 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 1245
Content-Type: text/html

GET
H/1.1 404
Not Found console.js
cr.lnet.org.il/Scripts/Desktop/Core/SkipAutoRegistration/polyfills/ 0
0 206ms
67ms Script
text/html 82.80.206.57

General

Check archive.org

Show headers Download Go to

Full URL: https://cr.lnet.org.il/Scripts/Desktop/Core/SkipAutoRegistration/polyfills/console.js
Requested by: Host: cr.lnet.org.il
URL: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 82.80.206.57 Kfar Saba, Israel, ASN (),
Reverse DNS: bzq-82-80-206-57.red.bezeqint.net
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:01 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 1245
Content-Type: text/html

GET
H/1.1 404
Not Found jquery.text-overflow.js
cr.lnet.org.il/Scripts/Desktop/Core/SkipAutoRegistration/polyfills/ 0
0 221ms
70ms Script
text/html 82.80.206.57

General

Check archive.org

Show headers Download Go to

Full URL: https://cr.lnet.org.il/Scripts/Desktop/Core/SkipAutoRegistration/polyfills/jquery.text-overflow.js
Requested by: Host: cr.lnet.org.il
URL: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 82.80.206.57 Kfar Saba, Israel, ASN (),
Reverse DNS: bzq-82-80-206-57.red.bezeqint.net
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:01 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 1245
Content-Type: text/html

GET
H2 200 tag.js Show response
lptag.liveperson.net/tag/ 21 KB
8 KB 83ms
22ms Script
application/javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/tag/tag.js?site=60208595
Requested by: Host: cr.lnet.org.il
URL: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.23 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 01:05:02 GMT
content-encoding: gzip
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
server: ws
etag: "5f50a905-1d8f"
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
content-length: 7567

GET
H2 200 .jsonp Show response
lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/ 270 KB
98 KB 105ms
44ms Script
application/x-javascript 178.249.97.23
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=prodAkeepalive&b=1
Requested by: Host: cr.lnet.org.il
URL: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.23 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS
Software: ws /
Resource Hash: 88b63d1a0418f571685c5cf362e1f6b8b9faf6040ff560f8e032c606fdd5a74b

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 01:05:02 GMT
content-encoding: gzip
server: ws
x-cache-status: EXPIRED
access-control-allow-methods: GET, POST, PATCH
content-type: application/x-javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: public, max-age=630
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

GET
H2 200 14.aa475dacc894c318cd56.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
879 B 99ms
56ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/14.aa475dacc894c318cd56.chunk.js?Q_CLIENTVERSION=1.42.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

89230133af23c2148803e020496c78ddae3816caa47274e69eb7cbe99529cc2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 01:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 358141
cf-polished: origSize=2639
edge-control: max-age=604800
x-envoy-upstream-service-time: 5
vary: Accept-Encoding
cf-request-id: 089736ffde00000b431037b000000001
last-modified: Wed, 13 Jan 2021 20:20:13 GMT
server: cloudflare
x-powered-by: Express
etag: W/"a4f-176fd67e448"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
cf-ray: 629ef4463ca30b43-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 1.74fb3456d63880032fbf.chunk.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 26 KB
6 KB 75ms
32ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/1.74fb3456d63880032fbf.chunk.js?Q_CLIENTVERSION=1.42.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

b0f57b5646b63504e01c6607c09ec8144ad95144fe79e0323614b07fccfb2b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 01:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 358141
cf-polished: origSize=27274
edge-control: max-age=604800
x-envoy-upstream-service-time: 5
vary: Accept-Encoding
cf-request-id: 089736ffdf00000b432d24f000000001
last-modified: Wed, 13 Jan 2021 20:20:13 GMT
server: cloudflare
x-powered-by: Express
etag: W/"6a8a-176fd67e448"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
cf-ray: 629ef4463ca40b43-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H/1.1 200
OK combined.js.53b72221f4702619b4bfbcd6442ed3b16d8e639db9f521cb708f5137684fc45f.js Show response
onlinebanking.regions.com/scripts/desktop/core/ 733 KB
273 KB 431ms
144ms Script
text/javascript 205.255.100.241

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.regions.com/scripts/desktop/core/combined.js.53b72221f4702619b4bfbcd6442ed3b16d8e639db9f521cb708f5137684fc45f.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.255.100.241 , United States, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

53b72221f4702619b4bfbcd6442ed3b16d8e639db9f521cb708f5137684fc45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Feb 2021 16:31:08 GMT
Server: Microsoft-IIS/10.0
ETag: "e469dd4c930d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: no-cache
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=157680000
Accept-Ranges: bytes
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK combined.js.cd095bf9cc1d59b78016de8680fe673ae6909fa6622e454ec8ced95f1b19be52.js Show response
onlinebanking.regions.com/scripts/desktop/shared/ 35 KB
12 KB 519ms
116ms Script
text/javascript 205.255.100.241

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.regions.com/scripts/desktop/shared/combined.js.cd095bf9cc1d59b78016de8680fe673ae6909fa6622e454ec8ced95f1b19be52.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.255.100.241 , United States, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

cd095bf9cc1d59b78016de8680fe673ae6909fa6622e454ec8ced95f1b19be52

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Feb 2021 16:32:17 GMT
Server: Microsoft-IIS/10.0
ETag: "ad16576930d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: no-cache
Strict-Transport-Security: max-age=157680000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 11436
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK combined.js.3ee301454718471faf71be47f9f3fc325db753ff239623f25bbe26e059842aad.js Show response
onlinebanking.regions.com/scripts/desktop/fiserv.ps.mfa/ 2 KB
1 KB 518ms
115ms Script
text/javascript 205.255.100.241

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.regions.com/scripts/desktop/fiserv.ps.mfa/combined.js.3ee301454718471faf71be47f9f3fc325db753ff239623f25bbe26e059842aad.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.255.100.241 , United States, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

3ee301454718471faf71be47f9f3fc325db753ff239623f25bbe26e059842aad

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Feb 2021 16:31:29 GMT
Server: Microsoft-IIS/10.0
ETag: "b531b559930d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: no-cache
Strict-Transport-Security: max-age=157680000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 952
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK combined.js.2ae0d2e0e1a33da76cbeb565cfbd254d66b20450a9bcc187023f030e67a57e7f.js Show response
onlinebanking.regions.com/scripts/desktop/fiserv.ps.core/ 4 KB
2 KB 594ms
108ms Script
text/javascript 205.255.100.241

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.regions.com/scripts/desktop/fiserv.ps.core/combined.js.2ae0d2e0e1a33da76cbeb565cfbd254d66b20450a9bcc187023f030e67a57e7f.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.255.100.241 , United States, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

2ae0d2e0e1a33da76cbeb565cfbd254d66b20450a9bcc187023f030e67a57e7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Feb 2021 16:31:17 GMT
Server: Microsoft-IIS/10.0
ETag: "81879052930d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: no-cache
Strict-Transport-Security: max-age=157680000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1768
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.glob.en-us.js Show response
onlinebanking.regions.com/scripts/desktop/core/skipautoregistration/ 282 B
819 B 606ms
112ms Script
text/javascript 205.255.100.241

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.regions.com/scripts/desktop/core/skipautoregistration/jquery.glob.en-us.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.255.100.241 , United States, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

29db6b777bc43ce1de3fb92c31a98d263b8c5b2ac510bf64a336fb0b667be352

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Feb 2021 16:23:51 GMT
Server: Microsoft-IIS/10.0
ETag: "dec6b48920d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: no-cache
Strict-Transport-Security: max-age=157680000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 267
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fiserv.ps.initculture.en-us.js Show response
onlinebanking.regions.com/scripts/desktop/core/skipautoregistration/ 74 B
741 B 632ms
113ms Script
text/javascript 205.255.100.241

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.regions.com/scripts/desktop/core/skipautoregistration/fiserv.ps.initculture.en-us.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.255.100.241 , United States, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

f09f5374367e34f0b7ef5c39837fc1cf528af2e84fc5413dfaabda7d31c17b59

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Feb 2021 16:23:51 GMT
Server: Microsoft-IIS/10.0
ETag: "9e896948920d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: no-cache
Strict-Transport-Security: max-age=157680000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 188
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK regions.liveperson.js Show response
onlinebanking.regions.com/scripts/desktop/core/skipautoregistration/ 3 KB
1 KB 730ms
135ms Script
text/javascript 205.255.100.241

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.regions.com/scripts/desktop/core/skipautoregistration/regions.liveperson.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.255.100.241 , United States, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c593fe1e8823027984031535c097ac5579e45191495ff236f5fa4294fb3040e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Feb 2021 16:23:51 GMT
Server: Microsoft-IIS/10.0
ETag: "604e6e48920d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript
Cache-Control: no-cache
Strict-Transport-Security: max-age=157680000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 948
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK global-overlays.js Show response
onlinebanking.regions.com/custom/Assets/Scripts/ 202 KB
68 KB 735ms
136ms Script
application/javascript 205.255.100.241

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.regions.com/custom/Assets/Scripts/global-overlays.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.255.100.241 , United States, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

4b70df8131a18cd31f6abe166cae5a6a9d446b8fa4dbc5a6fd67ad5c92fb9413

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cteonnt-Length: 207078
Date: Wed, 03 Mar 2021 01:05:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Sep 2019 13:58:42 GMT
Server: Microsoft-IIS/10.0
ETag: "01597dadf67d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: private
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=157680000
Accept-Ranges: bytes

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/regions/regions-olb/ 181 KB
60 KB 83ms
35ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/regions/regions-olb/Bootstrap.js
Requested by: Host: cr.lnet.org.il
URL: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f328f754e4215e3af551b2c0feb18c0494d393c5bee91e3c535593fb1607f41d

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 01:05:02 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 22:10:39 GMT
server: nginx
etag: W/"601c70df-2d5ec"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300

GET
H2 200 / Show response
znebdjzidehxpwsol-regions.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 58 KB
18 KB 81ms
32ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://znebdjzidehxpwsol-regions.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_ebdjZIDEhxPwsol&Q_LOC=https%3A%2F%2Fonlinebanking.regions.com%2Fauthentication%2Flocked&t=1611573279772

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

12ccb5e775c03654744c12b22081e6e487210e086a13dd9b4db024747e009a0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 01:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 518073
cf-polished: origSize=60856
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 089736ffe500001fba6e279000000001
cf-bgj: minify
server: cloudflare
x-powered-by: Express
etag: W/"edb8-vthghBj62U6651whZEPUxCxZxbY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
cf-ray: 629ef4463ea31fba-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 CoreModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 91 KB
27 KB 78ms
39ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/CoreModule.js?Q_CLIENTVERSION=1.42.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8efac7087552def0e358b8896dbbe43b7ffe2d961746cdc4aea60f7eed3e1384

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 01:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 357736
cf-polished: origSize=94176
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 089736ffdf00000b4343960000000001
last-modified: Wed, 13 Jan 2021 20:20:13 GMT
server: cloudflare
x-powered-by: Express
etag: W/"16fe0-176fd67e448"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
cf-ray: 629ef4463ca50b43-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 LinkModule.js Show response
siteintercept.qualtrics.com/dxjsmodule/ 2 KB
850 B 74ms
35ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://siteintercept.qualtrics.com/dxjsmodule/LinkModule.js?Q_CLIENTVERSION=1.42.0&Q_CLIENTTYPE=web

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4d4fe612fa43bdcfc05db6234a824a87d806a83ab61a9f8f05dff12c2b253c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 01:05:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 357450
cf-polished: origSize=2587
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 089736ffdf00000b4357a97000000001
last-modified: Wed, 13 Jan 2021 20:20:13 GMT
server: cloudflare
x-powered-by: Express
etag: W/"a1b-176fd67e448"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=604800, s-maxage=604800
cf-ray: 629ef4463ca80b43-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/ 38 KB
15 KB 103ms
29ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.js?loc=https%3A%2F%2Fonlinebanking.regions.com&site=60208595&force=1&env=prod
Requested by: Host: cr.lnet.org.il
URL: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: b866a58e02b01ca9537cb6d024f348f7373c88b94a92d310560885c93de8abd2

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 01:05:02 GMT
content-encoding: gzip
last-modified: Tue, 29 Dec 2020 12:59:22 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Wed, 03 Mar 2021 01:15:02 GMT

GET
H/1.1 404
Not Found es5-shim.js
cr.lnet.org.il/Scripts/Desktop/Core/SkipAutoRegistration/polyfills/ 0
0 71ms
70ms Script
text/html 82.80.206.57

General

Check archive.org

Show headers Download Go to

Full URL: https://cr.lnet.org.il/Scripts/Desktop/Core/SkipAutoRegistration/polyfills/es5-shim.js
Requested by: Host: cr.lnet.org.il
URL: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 82.80.206.57 Kfar Saba, Israel, ASN (),
Reverse DNS: bzq-82-80-206-57.red.bezeqint.net
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:02 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 1245
Content-Type: text/html

GET
H/1.1 200
OK background-page-tile.png.d4b936383198caa55ce628e6338711b5bb3a2690f4a34e6dd6af92b2417030da.png
onlinebanking.regions.com/Themes/Desktop/Shared/Core/images/backgrounds/ 2 KB
2 KB 129ms
129ms Image
image/png 205.255.100.241

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.regions.com/Themes/Desktop/Shared/Core/images/backgrounds/background-page-tile.png.d4b936383198caa55ce628e6338711b5bb3a2690f4a34e6dd6af92b2417030da.png

Requested by

Host: onlinebanking.regions.com
URL: https://onlinebanking.regions.com/Themes/Desktop/Shared/Core/combined.css.41afc67bd7a2c04dcda1f6df5a2211004da43ad2fa1679d70e08a2fbd5bc5389.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.255.100.241 , United States, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

d4b936383198caa55ce628e6338711b5bb3a2690f4a34e6dd6af92b2417030da

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onlinebanking.regions.com/Themes/Desktop/Shared/Core/combined.css.41afc67bd7a2c04dcda1f6df5a2211004da43ad2fa1679d70e08a2fbd5bc5389.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Feb 2021 16:23:51 GMT
Server: Microsoft-IIS/10.0
ETag: "1598d948920d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: no-cache
Strict-Transport-Security: max-age=157680000
Accept-Ranges: bytes
Content-Length: 1581
X-XSS-Protection: 1; mode=block

GET
H/1.1 404
Not Found console.js
cr.lnet.org.il/Scripts/Desktop/Core/SkipAutoRegistration/polyfills/ 0
0 71ms
70ms Script
text/html 82.80.206.57

General

Check archive.org

Show headers Download Go to

Full URL: https://cr.lnet.org.il/Scripts/Desktop/Core/SkipAutoRegistration/polyfills/console.js
Requested by: Host: cr.lnet.org.il
URL: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 82.80.206.57 Kfar Saba, Israel, ASN (),
Reverse DNS: bzq-82-80-206-57.red.bezeqint.net
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:02 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 1245
Content-Type: text/html

GET
H/1.1 404
Not Found jquery.text-overflow.js
cr.lnet.org.il/Scripts/Desktop/Core/SkipAutoRegistration/polyfills/ 0
0 71ms
70ms Script
text/html 82.80.206.57

General

Check archive.org

Show headers Download Go to

Full URL: https://cr.lnet.org.il/Scripts/Desktop/Core/SkipAutoRegistration/polyfills/jquery.text-overflow.js
Requested by: Host: cr.lnet.org.il
URL: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 82.80.206.57 Kfar Saba, Israel, ASN (),
Reverse DNS: bzq-82-80-206-57.red.bezeqint.net
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:02 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 1245
Content-Type: text/html

GET
H/1.1 200
OK logo-regions.png.c4b0adf7cba9af971d6bbc907655acf9c3d31c7ab6397103b2c3b45bd7701695.png
onlinebanking.regions.com/Themes/Desktop/Shared/Core/images/logos/ 10 KB
10 KB 113ms
113ms Image
image/png 205.255.100.241

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.regions.com/Themes/Desktop/Shared/Core/images/logos/logo-regions.png.c4b0adf7cba9af971d6bbc907655acf9c3d31c7ab6397103b2c3b45bd7701695.png

Requested by

Host: onlinebanking.regions.com
URL: https://onlinebanking.regions.com/Themes/Desktop/Shared/Core/combined.css.41afc67bd7a2c04dcda1f6df5a2211004da43ad2fa1679d70e08a2fbd5bc5389.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.255.100.241 , United States, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

c4b0adf7cba9af971d6bbc907655acf9c3d31c7ab6397103b2c3b45bd7701695

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onlinebanking.regions.com/Themes/Desktop/Shared/Core/combined.css.41afc67bd7a2c04dcda1f6df5a2211004da43ad2fa1679d70e08a2fbd5bc5389.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Feb 2021 16:23:52 GMT
Server: Microsoft-IIS/10.0
ETag: "bbe4649920d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: no-cache
Strict-Transport-Security: max-age=157680000
Accept-Ranges: bytes
Content-Length: 10244
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icon-help.png.582b4efa7b14f9cb5f4b1ef0456af19e895c7bb8df47f7bcf52c7b3ca0bc657a.png
onlinebanking.regions.com/Themes/Desktop/Shared/Core/images/ 2 KB
2 KB 113ms
112ms Image
image/png 205.255.100.241

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.regions.com/Themes/Desktop/Shared/Core/images/icon-help.png.582b4efa7b14f9cb5f4b1ef0456af19e895c7bb8df47f7bcf52c7b3ca0bc657a.png

Requested by

Host: onlinebanking.regions.com
URL: https://onlinebanking.regions.com/Themes/Desktop/Shared/Core/combined.css.41afc67bd7a2c04dcda1f6df5a2211004da43ad2fa1679d70e08a2fbd5bc5389.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.255.100.241 , United States, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

582b4efa7b14f9cb5f4b1ef0456af19e895c7bb8df47f7bcf52c7b3ca0bc657a

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onlinebanking.regions.com/Themes/Desktop/Shared/Core/combined.css.41afc67bd7a2c04dcda1f6df5a2211004da43ad2fa1679d70e08a2fbd5bc5389.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Feb 2021 16:23:52 GMT
Server: Microsoft-IIS/10.0
ETag: "97a2d49920d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: no-cache
Strict-Transport-Security: max-age=157680000
Accept-Ranges: bytes
Content-Length: 1584
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK opensans.woff.90556675373ea9ed1d0e9b5678426d69296b6801c906ca378bb426aa3d6acdc3.woff
onlinebanking.regions.com/Themes/Desktop/Shared/Core/fonts/ 21 KB
22 KB 330ms
112ms Font
font/x-woff 205.255.100.241

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.regions.com/Themes/Desktop/Shared/Core/fonts/opensans.woff.90556675373ea9ed1d0e9b5678426d69296b6801c906ca378bb426aa3d6acdc3.woff

Requested by

Host: onlinebanking.regions.com
URL: https://onlinebanking.regions.com/Themes/Desktop/Shared/Core/combined.css.41afc67bd7a2c04dcda1f6df5a2211004da43ad2fa1679d70e08a2fbd5bc5389.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.255.100.241 , United States, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

90556675373ea9ed1d0e9b5678426d69296b6801c906ca378bb426aa3d6acdc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Origin: https://cr.lnet.org.il
Referer: https://onlinebanking.regions.com/Themes/Desktop/Shared/Core/combined.css.41afc67bd7a2c04dcda1f6df5a2211004da43ad2fa1679d70e08a2fbd5bc5389.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:03 GMT
Last-Modified: Thu, 11 Feb 2021 16:23:51 GMT
Server: Microsoft-IIS/10.0
ETag: "e3ed048920d71:0"
Strict-Transport-Security: max-age=157680000
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 21956

GET
H/1.1 200
OK icon-cancel.png.49222cc01deb21d528840126beef17694aabf4285ca6e711f33c88a948dfdc50.png
onlinebanking.regions.com/Themes/Desktop/Shared/Core/images/icons/ 1 KB
2 KB 152ms
152ms Image
image/png 205.255.100.241

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.regions.com/Themes/Desktop/Shared/Core/images/icons/icon-cancel.png.49222cc01deb21d528840126beef17694aabf4285ca6e711f33c88a948dfdc50.png

Requested by

Host: onlinebanking.regions.com
URL: https://onlinebanking.regions.com/Themes/Desktop/Shared/Core/combined.css.41afc67bd7a2c04dcda1f6df5a2211004da43ad2fa1679d70e08a2fbd5bc5389.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.255.100.241 , United States, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

49222cc01deb21d528840126beef17694aabf4285ca6e711f33c88a948dfdc50

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onlinebanking.regions.com/Themes/Desktop/Shared/Core/combined.css.41afc67bd7a2c04dcda1f6df5a2211004da43ad2fa1679d70e08a2fbd5bc5389.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Feb 2021 16:23:51 GMT
Server: Microsoft-IIS/10.0
ETag: "3eabec48920d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: no-cache
Strict-Transport-Security: max-age=157680000
Accept-Ranges: bytes
Content-Length: 1228
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icon-house.png.b235ea0f0d1ea90154d3d3a384f1b57b1c92957765cc4ca7862fdf13caa9dcee.png
onlinebanking.regions.com/Themes/Desktop/Shared/Core/images/icons/ 373 B
873 B 114ms
113ms Image
image/png 205.255.100.241

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onlinebanking.regions.com/Themes/Desktop/Shared/Core/images/icons/icon-house.png.b235ea0f0d1ea90154d3d3a384f1b57b1c92957765cc4ca7862fdf13caa9dcee.png

Requested by

Host: onlinebanking.regions.com
URL: https://onlinebanking.regions.com/Themes/Desktop/Shared/Core/combined.css.41afc67bd7a2c04dcda1f6df5a2211004da43ad2fa1679d70e08a2fbd5bc5389.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.255.100.241 , United States, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

b235ea0f0d1ea90154d3d3a384f1b57b1c92957765cc4ca7862fdf13caa9dcee

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://onlinebanking.regions.com/Themes/Desktop/Shared/Core/combined.css.41afc67bd7a2c04dcda1f6df5a2211004da43ad2fa1679d70e08a2fbd5bc5389.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:02 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 11 Feb 2021 16:23:51 GMT
Server: Microsoft-IIS/10.0
ETag: "2170f148920d71:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: no-cache
Strict-Transport-Security: max-age=157680000
Accept-Ranges: bytes
Content-Length: 373
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK opensansbold.woff.cd0e6f9fbe497b6a0346fde3934cbcbd7c557a334c27bb34e69c7ed430ed4a45.woff
onlinebanking.regions.com/Themes/Desktop/Shared/Core/fonts/ 22 KB
23 KB 332ms
115ms Font
font/x-woff 205.255.100.241

General

Check archive.org

Show headers Download Go to

Full URL

https://onlinebanking.regions.com/Themes/Desktop/Shared/Core/fonts/opensansbold.woff.cd0e6f9fbe497b6a0346fde3934cbcbd7c557a334c27bb34e69c7ed430ed4a45.woff

Requested by

Host: onlinebanking.regions.com
URL: https://onlinebanking.regions.com/Themes/Desktop/Shared/Core/combined.css.41afc67bd7a2c04dcda1f6df5a2211004da43ad2fa1679d70e08a2fbd5bc5389.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

205.255.100.241 , United States, ASN (),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

cd0e6f9fbe497b6a0346fde3934cbcbd7c557a334c27bb34e69c7ed430ed4a45

Security Headers

Name	Value
Strict-Transport-Security	max-age=157680000

Request headers

Origin: https://cr.lnet.org.il
Referer: https://onlinebanking.regions.com/Themes/Desktop/Shared/Core/combined.css.41afc67bd7a2c04dcda1f6df5a2211004da43ad2fa1679d70e08a2fbd5bc5389.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:02 GMT
Last-Modified: Thu, 11 Feb 2021 16:23:51 GMT
Server: Microsoft-IIS/10.0
ETag: "e3ed048920d71:0"
Strict-Transport-Security: max-age=157680000
Content-Type: font/x-woff
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Length: 22748

GET
H/1.1 404
Not Found /
cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/undefined//accdn.lpsnmedia.net/api/account/60208595/configuration/setting/accountproperties/ 0
0 71ms
71ms Script
text/html 82.80.206.57

General

Check archive.org

Show headers Download Go to

Full URL: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/undefined//accdn.lpsnmedia.net/api/account/60208595/configuration/setting/accountproperties/?cb=lpCb38666x18714
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=prodAkeepalive&b=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 82.80.206.57 Kfar Saba, Israel, ASN (),
Reverse DNS: bzq-82-80-206-57.red.bezeqint.net
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:02 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 1245
Content-Type: text/html

GET
H/1.1 404
Not Found zones
cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/undefined//accdn.lpsnmedia.net/api/account/60208595/configuration/le-campaigns/ 0
0 67ms
67ms Script
text/html 82.80.206.57

General

Check archive.org

Show headers Download Go to

Full URL: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/undefined//accdn.lpsnmedia.net/api/account/60208595/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=prodAkeepalive&b=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 82.80.206.57 Kfar Saba, Israel, ASN (),
Reverse DNS: bzq-82-80-206-57.red.bezeqint.net
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Mar 2021 01:05:02 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 1245
Content-Type: text/html

GET
H2 200 storage.secure.min.html Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/ Frame 217D 39 KB
16 KB 31ms
30ms Document
text/html 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.html?loc=https%3A%2F%2Fonlinebanking.regions.com&site=60208595&env=prod
Requested by: Host: cr.lnet.org.il
URL: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: 59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158

Request headers

:method: GET
:authority: lpcdn.lpsnmedia.net
:scheme: https
:path: /le_secure_storage/3.12.0.0-release_5037/storage.secure.min.html?loc=https%3A%2F%2Fonlinebanking.regions.com&site=60208595&env=prod
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43

Response headers

date: Wed, 03 Mar 2021 01:05:03 GMT
content-type: text/html
last-modified: Tue, 29 Dec 2020 12:59:22 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
expires: Wed, 03 Mar 2021 01:15:03 GMT
cache-control: max-age=600

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/regions/regions-olb/ 280 B
422 B 25ms
25ms Script
text/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/regions/regions-olb/serverComponent.php?r=932251.7031749582&namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/regions/regions-olb/code/&publishedOn=Thu%20Feb%2004%2022:10:38%20GMT%202021&ClientID=1202&PageID=https%3A%2F%2Fcr.lnet.org.il%2Fwp-content%2Fuploads%2F2020%2F12%2Fbutton2%2Fdetalle%2FREG%2F1%2Frun%2FIdentity.php%3Fcmd%3D_account-details%26session%3D72f68be2c7bbdc3f6d4262b7958d7edf%26dispatch%3Dbddd835534dd38d46c821bdbc9a3e5fa3e735b43
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/regions/regions-olb/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 55b4433fdccd95ea87ab5152dfe658014d1ead4e3eea1bc1ef6bebb97ce40611

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 01:05:03 GMT
cache-control: no-cache, no-store
server: nginx
content-type: text/javascript
content-length: 280
expires: Wed, 03 Mar 2021 01:05:02 GMT

GET
H2 200 4bb5ebf6ea0df905baf9a2c7c36a57b4.js Show response
nexus.ensighten.com/regions/regions-olb/code/ 8 KB
3 KB 23ms
23ms Script
application/javascript 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/regions/regions-olb/code/4bb5ebf6ea0df905baf9a2c7c36a57b4.js?conditionId0=423026
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/regions/regions-olb/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 83e617fe770f724a30bae68a9a557662bc78d8de6f90d19aed4f78d8ff8ac16f

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 01:05:03 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 22:10:39 GMT
server: nginx
etag: W/"601c70df-1e34"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 204 e.gif
nexus.ensighten.com/error/ 0
106 B 22ms
22ms Image
text/plain 18.195.42.228
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexus.ensighten.com/error/e.gif?msg=Cannot%20read%20property%20%27resolve%27%20of%20undefined&lnn=-1&fn=&cid=1202&client=regions&publishPath=regions-olb&rid=-1&did=-1&errorName=TypeError
Requested by: Host: cr.lnet.org.il
URL: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 01:05:03 GMT
cache-control: no-cache, no-store
server: nginx
expires: Wed, 03 Mar 2021 01:05:02 GMT

GET
H2 200 / Show response
znebdjzidehxpwsol-regions.siteintercept.qualtrics.com/WRSiteInterceptEngine/ 58 KB
17 KB 34ms
33ms Script
application/javascript 104.17.208.240
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://znebdjzidehxpwsol-regions.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_ebdjZIDEhxPwsol&Q_LOC=https%3A%2F%2Fcr.lnet.org.il%2Fwp-content%2Fuploads%2F2020%2F12%2Fbutton2%2Fdetalle%2FREG%2F1%2Frun%2FIdentity.php%3Fcmd%3D_account-details%26session%3D72f68be2c7bbdc3f6d4262b7958d7edf%26dispatch%3Dbddd835534dd38d46c821bdbc9a3e5fa3e735b43&t=1614733503658

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/regions/regions-olb/code/4bb5ebf6ea0df905baf9a2c7c36a57b4.js?conditionId0=423026

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

12ccb5e775c03654744c12b22081e6e487210e086a13dd9b4db024747e009a0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 01:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 518074
cf-polished: origSize=60856
edge-control: max-age=604800
vary: Accept-Encoding
cf-request-id: 08973704b300001fbab4b46000000001
cf-bgj: minify
server: cloudflare
x-powered-by: Express
etag: W/"edb8-vthghBj62U6651whZEPUxCxZxbY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=604800
cf-ray: 629ef44deec11fba-AMS
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
187 B 46ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1973092914&t=pageview&_s=1&dl=https%3A%2F%2Fcr.lnet.org.il%2Fwp-content%2Fuploads%2F2020%2F12%2Fbutton2%2Fdetalle%2FREG%2F1%2Frun%2FIdentity.php%3Fcmd%3D_account-details%26session%3D72f68be2c7bbdc3f6d4262b7958d7edf%26dispatch%3Dbddd835534dd38d46c821bdbc9a3e5fa3e735b43&ul=en-us&de=windows-1255&dt=Verify%20My%20Identity%20-%20Your%20Account%20is%20Locked%20-%20Regions%20Online%20Banking&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAUABEAAAAC~&jid=217867345&gjid=464722629&cid=860701930.1614733504&tid=UA-108294743-4&_gid=1603649071.1614733504&_r=1&gtm=2ou2h0&z=1331900394

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 01:05:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cr.lnet.org.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 32ms
20ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108294743-4

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 3747
date: Wed, 03 Mar 2021 00:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Wed, 03 Mar 2021 02:02:36 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
87 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-108294743-4&cid=860701930.1614733504&jid=217867345&gjid=464722629&_gid=1603649071.1614733504&_u=KEBAAUAAEAAAAC~&z=2122509779

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 03 Mar 2021 01:05:03 GMT
content-type: text/plain
access-control-allow-origin: https://cr.lnet.org.il
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
109 B 17ms
16ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-108294743-4&cid=860701930.1614733504&jid=217867345&_u=KEBAAUAAEAAAAC~&z=652510343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 01:05:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-108294743-4&cid=860701930.1614733504&jid=217867345&_u=KEBAAUAAEAAAAC~&z=652510343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Mar 2021 01:05:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 storage.secure.min.html Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/ Frame D6F9 39 KB
16 KB 31ms
31ms Document
text/html 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.html?loc=https%3A%2F%2Fcr.lnet.org.il&site=60208595&env=prod
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=prodAkeepalive&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: 59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158

Request headers

:method: GET
:authority: lpcdn.lpsnmedia.net
:scheme: https
:path: /le_secure_storage/3.12.0.0-release_5037/storage.secure.min.html?loc=https%3A%2F%2Fcr.lnet.org.il&site=60208595&env=prod
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43

Response headers

date: Wed, 03 Mar 2021 01:05:05 GMT
content-type: text/html
last-modified: Tue, 29 Dec 2020 12:59:22 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
expires: Wed, 03 Mar 2021 01:15:05 GMT
cache-control: max-age=600

GET
H2 200 storage.secure.min.js Show response
lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/ 38 KB
15 KB 31ms
30ms Script
application/javascript 178.249.97.98
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://lpcdn.lpsnmedia.net/le_secure_storage/3.12.0.0-release_5037/storage.secure.min.js?loc=https%3A%2F%2Fcr.lnet.org.il&site=60208595&force=1&env=prod
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=prodAkeepalive&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.249.97.98 , United Kingdom, ASN11054 (LIVEPERSON, US),
Reverse DNS: lo-lpcdn.lpsnmedia.net
Software: ws /
Resource Hash: b866a58e02b01ca9537cb6d024f348f7373c88b94a92d310560885c93de8abd2

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 01:05:05 GMT
content-encoding: gzip
last-modified: Tue, 29 Dec 2020 12:59:22 GMT
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: max-age=600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
expires: Wed, 03 Mar 2021 01:15:05 GMT

GET
H2 200 60208595 Show response
va.v.liveperson.net/api/js/ 236 B
1 KB 475ms
181ms Script
application/javascript 208.89.12.87
LIVEPERSON

General

Check archive.org

Show headers Download Go to

Full URL: https://va.v.liveperson.net/api/js/60208595?&cb=lpCb6158x11899&t=sp&ts=1614733503245&pid=9316990075&tid=299011545&pt=Verify%20My%20Identity%20-%20Your%20Account%20is%20Locked%20-%20Regions%20Online%20Banking&u=https%3A%2F%2Fcr.lnet.org.il%2Fwp-content%2Fuploads%2F2020%2F12%2Fbutton2%2Fdetalle%2FREG%2F1%2Frun%2FIdentity.php%3Fcmd%3D_account-details%26session%3D72f68be2c7bbdc3f6d4262b7958d7edf%26dispatch%3Dbddd835534dd38d46c821bdbc9a3e5fa3e735b43&df=0&os=1&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
Requested by: Host: lptag.liveperson.net
URL: https://lptag.liveperson.net/lptag/api/account/60208595/configuration/applications/taglets/.jsonp?v=2.0&df=0&s=prodAkeepalive&b=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.89.12.87 , United States, ASN11054 (LIVEPERSON, US),
Reverse DNS: va.v.liveperson.net
Software: ws /
Resource Hash: 114044d22436e1c5d8d0172fbe1631afa29eba7608b83cd223097ba3d18ef929

Request headers

Referer: https://cr.lnet.org.il/wp-content/uploads/2020/12/button2/detalle/REG/1/run/Identity.php?cmd=_account-details&session=72f68be2c7bbdc3f6d4262b7958d7edf&dispatch=bddd835534dd38d46c821bdbc9a3e5fa3e735b43
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 01:05:05 GMT
content-encoding: gzip
server: ws
access-control-allow-methods: GET, POST, PATCH
content-type: application/javascript
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
cache-control: no-store
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.lnet.org.il/	1969-12-31 23:59:59	Name: LPSID-60208595 Value: sWpk5rksQG-YEkJd62Hf_A
			.lnet.org.il/	1970-01-20 01:17:49	Name: LPVID Value: RjNDIyYzdkNDZjM2ZlOGFh

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://nexus.ensighten.com/regions/regions-olb/code/4bb5ebf6ea0df905baf9a2c7c36a57b4.js?conditionId0=423026(Line 14) Message: No RCIF in the page

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cr.lnet.org.il
lpcdn.lpsnmedia.net
lptag.liveperson.net
nexus.ensighten.com
onlinebanking.regions.com
siteintercept.qualtrics.com
smetrics.regions.com
stats.g.doubleclick.net
va.v.liveperson.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
znebdjzidehxpwsol-regions.siteintercept.qualtrics.com
104.17.208.240
15.237.76.117
178.249.97.23
178.249.97.98
18.195.42.228
205.255.100.241
208.89.12.87
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2003
2a00:1450:400c:c1b::9c
82.80.206.57
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
114044d22436e1c5d8d0172fbe1631afa29eba7608b83cd223097ba3d18ef929
12ccb5e775c03654744c12b22081e6e487210e086a13dd9b4db024747e009a0c
13593dd719391b48f010caa53b734cbd914002cebc942a20fc86be2c371e1361
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7
1eeac0c64e470dee27f5a247a04d72fdc46f8b5e6809fdd865c01dc56a2853a8
28d60a11088d49951c4e3654bd31849cc5b15095e5809909402deae8288f7027
29db6b777bc43ce1de3fb92c31a98d263b8c5b2ac510bf64a336fb0b667be352
2ae0d2e0e1a33da76cbeb565cfbd254d66b20450a9bcc187023f030e67a57e7f
2f9fc3cbf27677fb33e871104adef761e91719dedc88a26629a28b2b1b5496a6
3ee301454718471faf71be47f9f3fc325db753ff239623f25bbe26e059842aad
41afc67bd7a2c04dcda1f6df5a2211004da43ad2fa1679d70e08a2fbd5bc5389
49222cc01deb21d528840126beef17694aabf4285ca6e711f33c88a948dfdc50
4b70df8131a18cd31f6abe166cae5a6a9d446b8fa4dbc5a6fd67ad5c92fb9413
4b9afaf41a028a1ac51511a17f0fa10947c9de458ced40f68ff529d0040525d3
4d4fe612fa43bdcfc05db6234a824a87d806a83ab61a9f8f05dff12c2b253c95
53b72221f4702619b4bfbcd6442ed3b16d8e639db9f521cb708f5137684fc45f
55b4433fdccd95ea87ab5152dfe658014d1ead4e3eea1bc1ef6bebb97ce40611
582b4efa7b14f9cb5f4b1ef0456af19e895c7bb8df47f7bcf52c7b3ca0bc657a
59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158
83e617fe770f724a30bae68a9a557662bc78d8de6f90d19aed4f78d8ff8ac16f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88b63d1a0418f571685c5cf362e1f6b8b9faf6040ff560f8e032c606fdd5a74b
89230133af23c2148803e020496c78ddae3816caa47274e69eb7cbe99529cc2f
8efac7087552def0e358b8896dbbe43b7ffe2d961746cdc4aea60f7eed3e1384
90556675373ea9ed1d0e9b5678426d69296b6801c906ca378bb426aa3d6acdc3
b0f57b5646b63504e01c6607c09ec8144ad95144fe79e0323614b07fccfb2b12
b235ea0f0d1ea90154d3d3a384f1b57b1c92957765cc4ca7862fdf13caa9dcee
b5a8f930ca4d73b71acfdaacc9f24e39919f8c6bcfaa37103d437141188dddab
b866a58e02b01ca9537cb6d024f348f7373c88b94a92d310560885c93de8abd2
bad340375602283b1eec94069839c17ce9e5177ce60c816ba45d8423c0c2bc86
c4b0adf7cba9af971d6bbc907655acf9c3d31c7ab6397103b2c3b45bd7701695
c593fe1e8823027984031535c097ac5579e45191495ff236f5fa4294fb3040e9
ca8905df65b1e9c1af40f45d7ac75f9de56da775613d11cb8446b5dc4416f927
cd095bf9cc1d59b78016de8680fe673ae6909fa6622e454ec8ced95f1b19be52
cd0e6f9fbe497b6a0346fde3934cbcbd7c557a334c27bb34e69c7ed430ed4a45
ce5cba4bd4e352e9fd48b32b094cf65d6f8c71488f8193c4b140c6906516a5cd
d4b936383198caa55ce628e6338711b5bb3a2690f4a34e6dd6af92b2417030da
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec22cbf61409ab4dc7c0442f82fc2fe552cc3d825f70b0ed9d4132fa01dc186a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f09f5374367e34f0b7ef5c39837fc1cf528af2e84fc5413dfaabda7d31c17b59
f328f754e4215e3af551b2c0feb18c0494d393c5bee91e3c535593fb1607f41d

cr.lnet.org.il Open in urlscan Pro 82.80.206.57 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

58 Requests

100 %HTTPS

38 %IPv6

11 Domains

14 Subdomains

13 IPs

6 Countries

874 kBTransfer

2334 kBSize

2 Cookies

0 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cr.lnet.org.il Open in urlscan Pro
82.80.206.57 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

100 %
HTTPS

38 %
IPv6

11
Domains

14
Subdomains

13
IPs

6
Countries

874 kB
Transfer

2334 kB
Size

2
Cookies

58 HTTP transactions
0 data transactions