Report - nof-hashaked.co.il/

Report Overview

Submitted URL
nof-hashaked.co.il/
IP
185.56.74.12
ASN
#201660 Jetserver Ltd
Submitted
2022-09-06 19:16:08
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
56

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	499 B	12 kB	142.250.74.163
www.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	457 B	159 kB	142.250.74.163
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	604 B	717 B	142.251.1.157
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
www.nof-hashaked.co.il	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	33 kB	3.4 MB	185.56.74.12
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	816 B	7.9 kB	142.250.74.10
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	588 B	499 B	31.13.72.36
nof-hashaked.co.il	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	1.4 kB	185.56.74.12
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	417 B	1.2 kB	142.250.74.164
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	53 kB	34.120.237.76
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	35.163.147.190
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.3 kB	9.1 kB	142.250.74.3
s.w.org	748	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	396 B	615 B	192.0.77.48
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	367 B	21 kB	142.250.74.174
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	4.0 kB	142.250.74.98
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	789 B	569 B	216.239.34.36
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.8 kB	1.5 kB	142.250.74.3
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	2.2 kB	93.184.220.29
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	137 kB	142.250.74.72
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	28 kB	31.13.72.12

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-06	medium	nof-hashaked.co.il/	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.0.2	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.6.3	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=25.1.4	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-content/themes/betheme/assets/animations/animations.min.css?ver=25.1.4	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-content/themes/betheme/css/responsive.css?ver=25.1.4	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=25.1.4	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-content/themes/betheme-child/style.css?ver=6.0.2	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-content/themes/betheme/assets/animations/animations.min.js?ver=25.1.4	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-content/themes/betheme/js/parallax/translate3d.js?ver=25.1.4	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.7.0	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/lib/vc_accordion/vc-accordion.min.js?ver=6.7.0	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/lib/vc-tta-autoplay/vc-tta-autoplay.min.js?ver=6.7.0	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/lib/vc_tabs/vc-tabs.min.js?ver=6.7.0	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.7.0	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/css/js_composer_tta.min.css?ver=6.7.0	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.8	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=25.1.4	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-content/uploads/2021/08/almoni-neue-regular-aaa.woff	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-content/themes/betheme/fonts/mfn/icons.woff?31690507	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/wp-admin/admin-ajax.php	Phishing
2022-09-06	medium	www.nof-hashaked.co.il/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (56)

	URL	Size	First Seen	Last Seen
	www.nof-hashaked.co.il/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-26
Pretty URL www.nof-hashaked.co.il/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 10:10:59 Times Seen31844 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	www.nof-hashaked.co.il/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1	8.1 kB	2023-03-07	2024-04-26
Pretty URL www.nof-hashaked.co.il/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1 IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:30:33 Last Seen2024-04-26 03:48:06 Times Seen2797 Hash e3317d55ad904d30ea400a2da2a56686 b998595f2c96f76ba65a808ac4029d66021195b4 ecac4fc801141ce552220be4bb12969e2ee625e2cf08cf0edbac579a279b28f1 Loading...

	www.nof-hashaked.co.il/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9	6.5 kB	2023-03-07	2024-04-25
Pretty URL www.nof-hashaked.co.il/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 21:53:57 Times Seen15501 Hash 61449413a42d2daaa79dbe7298b40e21 d86c474164c603084397bdc50fb0e469d28b5772 f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a Loading...

	www.nof-hashaked.co.il/	167 B	2023-03-07	2023-03-26
Pretty URL www.nof-hashaked.co.il/ IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:23 Last Seen2023-03-26 08:10:15 Times Seen2 Hash eb7512b1fd2b4f0a857a324decb89e34 dffa5b990137dfe05af3022a91df85fb6bb00af7 b926ea45665376622456526b3e2d18ba1032c21f71af18e63a5e14c60f88711b Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 12:44:12 Times Seen37091547 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/10831602145/?random=1662491754047&cv=9&fst=1662491754047&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nof-hashaked.co.il%2F&tiba=%D7%A0%D7%95%D7%A3%20%D7%94%D7%A9%D7%A7%D7%93%20-%20%D7%91%D7%95%D7%97%D7%A8%D7%99%D7%9D%20%D7%9C%D7%92%D7%95%D7%A8%20%D7%A0%D7%9B%D7%95%D7%9F&auid=1049090072.1662491754&hn=www.google.com&async=1&rfmt=3&fmt=4	2.5 kB	2023-03-07	2023-03-07
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/10831602145/?random=1662491754047&cv=9&fst=1662491754047&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nof-hashaked.co.il%2F&tiba=%D7%A0%D7%95%D7%A3%20%D7%94%D7%A9%D7%A7%D7%93%20-%20%D7%91%D7%95%D7%97%D7%A8%D7%99%D7%9D%20%D7%9C%D7%92%D7%95%D7%A8%20%D7%A0%D7%9B%D7%95%D7%9F&auid=1049090072.1662491754&hn=www.google.com&async=1&rfmt=3&fmt=4 IP 142.250.74.98 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:23 Last Seen2023-03-07 13:14:23 Times Seen1 Hash 62168597ab0c2687621d70f61d677ec4 2a6f52a87211e0c542b10f88ff3d4249c6d2e480 7c8478124bbc3880b1de54787c27e58c7f6063e2d767231de797d365fa740ef2 Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/10831602145/?random=1662491754045&cv=9&fst=1662491754045&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nof-hashaked.co.il%2F&tiba=%D7%A0%D7%95%D7%A3%20%D7%94%D7%A9%D7%A7%D7%93%20-%20%D7%91%D7%95%D7%97%D7%A8%D7%99%D7%9D%20%D7%9C%D7%92%D7%95%D7%A8%20%D7%A0%D7%9B%D7%95%D7%9F&auid=1049090072.1662491754&hn=www.google.com&async=1&rfmt=3&fmt=4	2.5 kB	2023-03-07	2023-03-07
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/10831602145/?random=1662491754045&cv=9&fst=1662491754045&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nof-hashaked.co.il%2F&tiba=%D7%A0%D7%95%D7%A3%20%D7%94%D7%A9%D7%A7%D7%93%20-%20%D7%91%D7%95%D7%97%D7%A8%D7%99%D7%9D%20%D7%9C%D7%92%D7%95%D7%A8%20%D7%A0%D7%9B%D7%95%D7%9F&auid=1049090072.1662491754&hn=www.google.com&async=1&rfmt=3&fmt=4 IP 142.250.74.98 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:23 Last Seen2023-03-07 13:14:23 Times Seen1 Hash b73fff7acc69465b64c1ead3d76d187f bbf7c2c1e53130d0c3c3a54e7ecb1f44f8c4cc85 f4715fd814b5be88539074cb8e065aa943cde5784bc3af993b366a1839d857cd Loading...

	www.nof-hashaked.co.il/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1	21 kB	2023-03-07	2024-04-25
Pretty URL www.nof-hashaked.co.il/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 18:37:12 Times Seen3655 Hash 6aaf0a4e8eac131defea126f5b1b5fbf 24da0326af36303e5a1e9799a3c26f7a1077928c 240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5 Loading...

	www.nof-hashaked.co.il/	261 B	2023-03-07	2023-03-07
Pretty URL www.nof-hashaked.co.il/ IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:23 Last Seen2023-03-07 13:14:23 Times Seen1 Hash 3e5aaaaabb88f894c938140bf3c29b4f 8d5cfcd424f42be7b05a6f3057e18dfe7d1d0a16 9c9b9328eac281d488a6114529e18a3c8a364f6a4dd784a8d298dfeda8955262 Loading...

	www.nof-hashaked.co.il/	332 B	2023-03-07	2024-04-26
Pretty URL www.nof-hashaked.co.il/ IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:40 Last Seen2024-04-26 01:59:54 Times Seen9163 Hash 7d495bb1d6c246a2d57df3ab9332a3cc 6367d4f8addf48f2af1023b8176a2263bb424d01 df09a4f39d495e901a5479fce56c8ddec4f8a6acda1b3ceab7adc704fa439e32 Loading...

	www.nof-hashaked.co.il/	115 B	2023-03-07	2023-03-26
Pretty URL www.nof-hashaked.co.il/ IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:23 Last Seen2023-03-26 08:10:15 Times Seen2 Hash cc7045858f40ade05da8bd059482ef57 4ae8e91b4dfe3dd53a5840442167c43787f0accd 10b1e7ce44f59d9325f3b102eeed916484c124d2a007f28b881b44ee0a81b06b Loading...

	www.nof-hashaked.co.il/wp-content/themes/betheme/js/menu.js?ver=25.1.4	2.4 kB	2023-03-07	2024-04-25
Pretty URL www.nof-hashaked.co.il/wp-content/themes/betheme/js/menu.js?ver=25.1.4 IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-25 18:37:12 Times Seen851 Hash d2acee736603de298edf90c0c64694c5 7299c74c02a6363cf24dd55e27c7dd2351b33ba4 c22005bbdf738de61a4c2ee99c2b3c4fe52f336dfc8aa274860c58c845027d50 Loading...

	www.nof-hashaked.co.il/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.8	124 kB	2023-03-07	2024-04-23
Pretty URL www.nof-hashaked.co.il/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.8 IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:11 Last Seen2024-04-23 14:29:05 Times Seen2991 Hash e4bc260935352e71791596e3c8b0c205 336eff1507c4d4f88bbc8f9630f405e827357cde a5f70e90e97e6ac1952a1a116dba485b468fa98dca2977853768a946227c7bc0 Loading...

	www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js	398 kB	2023-03-07	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js IP 142.250.74.163 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:20:45 Last Seen2023-03-17 11:40:02 Times Seen1 Hash 4ba43a63c7e907af7ec62d08348f3b9b 5cf61ea391f9788c24e9e6eb8b715bcea22ecdf6 51d9c9160f4c0e20b5a69fa1b09a8947bf74235330d522fae8217ad19c17b93b Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAliQhAAAAAASVo9AUxSpCW9gRB2Otg_a32tlu&co=aHR0cHM6Ly93d3cubm9mLWhhc2hha2VkLmNvLmlsOjQ0Mw..&hl=en&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=8twjnlesoqx2	69 B	2023-03-07	2024-04-26
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAliQhAAAAAASVo9AUxSpCW9gRB2Otg_a32tlu&co=aHR0cHM6Ly93d3cubm9mLWhhc2hha2VkLmNvLmlsOjQ0Mw..&hl=en&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=8twjnlesoqx2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-26 12:42:41 Times Seen99556 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	www.nof-hashaked.co.il/	2.2 kB	2023-03-07	2023-03-07
Pretty URL www.nof-hashaked.co.il/ IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:23 Last Seen2023-03-07 13:14:23 Times Seen1 Hash 7d2abc39ae9ff5cf7493138d97168926 ec6a1a54c8fe5b194de3872335caac3e41f1817e 749a9c5d01763109bbfee4095c64d21037af32040d2d053608b5fe452da866ee Loading...

	www.nof-hashaked.co.il/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=25.1.4	53 kB	2023-03-07	2024-04-26
Pretty URL www.nof-hashaked.co.il/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=25.1.4 IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-26 09:28:59 Times Seen1534 Hash 0ba3e2243f42575817b07fcadacf8269 50ed3259514f428897730c9d429974bdc72eb988 6e6c69ba30da65996fe5cfd06a9248ad71966d7f05781b646d87358a7e202511 Loading...

	www.nof-hashaked.co.il/	294 B	2023-03-07	2023-03-26
Pretty URL www.nof-hashaked.co.il/ IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:23 Last Seen2023-03-26 08:10:15 Times Seen2 Hash 3181620a165b0fe41b1be5b27e8c5167 6b14704a1a017f15d365bff03090ee00614c60cb 43db2a4f6a0e1045c832645c49d2ec42bef5774eae72a798e3557fdfbc8d543c Loading...

	www.nof-hashaked.co.il/	486 B	2023-03-07	2023-03-07
Pretty URL www.nof-hashaked.co.il/ IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:23 Last Seen2023-03-07 13:14:23 Times Seen1 Hash ee632f1a01d4fffa43e1ee967c705539 bd5169d7c7473704b6527e6fa1d62cf8af8f4bf4 3688fcc75a52e148bcb62d04c75f8805f9c9138b820a9afc3c94d38bb193d6fe Loading...

	www.googletagmanager.com/gtag/js?id=G-6SJP05NXHF	211 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-6SJP05NXHF IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:23 Last Seen2023-03-07 13:14:23 Times Seen1 Hash ad700c2ab350cb5bf1c7a72d71ef9ce0 c0c54be01d73b7f196b6f7aa49e462803affb4a4 c761dd8612fe76082bde8c1b18b1379e3e5ee61db5b74a735474ae438bb1ef1c Loading...

	www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/lib/vc_tabs/vc-tabs.min.js?ver=6.7.0	4.2 kB	2023-03-07	2024-02-09
Pretty URL www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/lib/vc_tabs/vc-tabs.min.js?ver=6.7.0 IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:54 Last Seen2024-02-09 17:31:00 Times Seen52 Hash 29c01324a075bd6a647bdb106bc37cbc a712ede9a21c458f54acbe79d926169151aa47e8 d4a53910b71b1c9cf8ed4f07b943132834277859c3d3f87732102a191dc9f080 Loading...

	www.googletagmanager.com/gtag/js?id=UA-215931113-1&l=dataLayer&cx=c	108 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=UA-215931113-1&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:23 Last Seen2023-03-07 13:14:23 Times Seen1 Hash ff5a00acff9d059739704d157a607d2a 568f6f13b792f4d8c3ea79d03fdf10675cd15c4d 3e2854513b989f5a27acfd37e4cab842b4d44bdf37010306198e57d44ea138a5 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAliQhAAAAAASVo9AUxSpCW9gRB2Otg_a32tlu&co=aHR0cHM6Ly93d3cubm9mLWhhc2hha2VkLmNvLmlsOjQ0Mw..&hl=en&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=8twjnlesoqx2	35 kB	2023-03-07	2023-03-07
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LdAliQhAAAAAASVo9AUxSpCW9gRB2Otg_a32tlu&co=aHR0cHM6Ly93d3cubm9mLWhhc2hha2VkLmNvLmlsOjQ0Mw..&hl=en&v=duyHVVR9Brf6N2GewjkPRfsA&size=invisible&cb=8twjnlesoqx2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:23 Last Seen2023-03-07 13:14:23 Times Seen1 Hash e9e3b9146a4dca606187cd8e948b7ce6 dce6aaeb780d4fdfdbb92acc83d95a76a2dd8ae9 91addd1d9071cf383f4356ac7c9dd74226b496ffd82c46dad10ded566300a805 Loading...

	www.nof-hashaked.co.il/wp-content/themes/betheme/js/parallax/translate3d.js?ver=25.1.4	4.0 kB	2023-03-07	2024-04-15
Pretty URL www.nof-hashaked.co.il/wp-content/themes/betheme/js/parallax/translate3d.js?ver=25.1.4 IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2024-04-15 15:07:48 Times Seen633 Hash ea5cd057172e6bce5718f823cfcbb1bd 47ed4723d9da06b3c4aa26174dc2acf36480aeea c0a00439e0c82d42a9b64c694698665bd924252eb48e86b1c95a4d40dac471a4 Loading...

	www.nof-hashaked.co.il/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-26
Pretty URL www.nof-hashaked.co.il/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-26 10:10:59 Times Seen68662 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	www.nof-hashaked.co.il/wp-content/themes/betheme/js/plugins.js?ver=25.1.4	202 kB	2023-03-07	2024-02-29
Pretty URL www.nof-hashaked.co.il/wp-content/themes/betheme/js/plugins.js?ver=25.1.4 IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:38:33 Last Seen2024-02-29 11:16:49 Times Seen304 Hash 2ac7a818c533be6832a494683a075010 67b4d4a0c63dc1919d301d6d3a19811783aa0afc 54766cd48bb6d7cdd9c40489d6e8caa9ccba6c5d289e016b5576bceff9093613 Loading...

	www.nof-hashaked.co.il/wp-content/themes/betheme/js/scripts.js?ver=25.1.4	85 kB	2023-03-07	2023-11-27
Pretty URL www.nof-hashaked.co.il/wp-content/themes/betheme/js/scripts.js?ver=25.1.4 IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:23 Last Seen2023-11-27 17:45:52 Times Seen13 Hash a77482f32749dbf279033b93c3c2159e eb4857a4d1f07c08ee103acb3c4e5ede10098967 5cf987a731cb51942662b2886670ceb68fb3b4d617ab74bf227bd74749bbc50c Loading...

	www.nof-hashaked.co.il/	464 B	2023-03-07	2023-03-26
Pretty URL www.nof-hashaked.co.il/ IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:23 Last Seen2023-03-26 08:10:15 Times Seen2 Hash cb5a43f64a319a7615b3f59fd42270f8 ac881199ed0ad96c2e8753b0f2b481ec2ec052dc 7c27f3aebebda1bed07d86f2d09bd783c9065d28549a1652855f93c8b2968750 Loading...

	www.nof-hashaked.co.il/	2.3 kB	2023-03-07	2024-04-23
Pretty URL www.nof-hashaked.co.il/ IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:11 Last Seen2024-04-23 14:29:04 Times Seen1832 Hash be435481837b62187ea43999d905c91a 403a7bb5b4764bf8951e239b7ad591cd0eb62d7e fc772d0508e695b6dc294b8734e7693bbdc64bbeae89239a03bf32e8b56aea2b Loading...

	www.nof-hashaked.co.il/	136 B	2023-03-07	2023-03-07
Pretty URL www.nof-hashaked.co.il/ IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:23 Last Seen2023-03-07 13:14:23 Times Seen1 Hash 79ef0541513e01e33997965ec0cf9261 71cb1cce0f0416976d43b12848f608fadc1959c0 1406b7b62ceef4b9dcba35c46c8bb7c39dfa471496cd10b9b78f4af3be640492 Loading...

	www.nof-hashaked.co.il/	568 B	2023-03-07	2023-03-07
Pretty URL www.nof-hashaked.co.il/ IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:23 Last Seen2023-03-07 13:14:23 Times Seen1 Hash d44ab496a35849867640f4b26b136b76 eca3598aab1d922f170571deefdb0c09f52b48aa ff173ed2ead4e7358ab3b951e890d4e1aa5340362a149c8be6864b0d46e5d395 Loading...

	connect.facebook.net/signals/config/272712101589909?v=2.9.79&r=stable	300 kB	2023-03-07	2023-03-07
Pretty URL connect.facebook.net/signals/config/272712101589909?v=2.9.79&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:23 Last Seen2023-03-07 13:14:23 Times Seen1 Hash a609bcb2757f74479f8b07d0d76fbc23 9b982615e8d8f5e4e3b73ecca6c7ca5d0260084d af439db25ea8d7378bed4477980c4298ab0fb374f21640ff1dc0d87394302c97 Loading...

	www.nof-hashaked.co.il/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3	12 kB	2023-03-07	2024-04-26
Pretty URL www.nof-hashaked.co.il/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:48 Last Seen2024-04-26 02:50:51 Times Seen2053 Hash 3f3fc23f477a3849aa5677c585b2a2b4 ccf0865ebd37f76c450c7a377a86ff2448288db3 985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51 Loading...

	www.nof-hashaked.co.il/	1.8 kB	2023-03-07	2023-03-07
Pretty URL www.nof-hashaked.co.il/ IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:23 Last Seen2023-03-07 13:14:23 Times Seen1 Hash 7edf7ca50e71eeb5e8aad74c96052041 8091fa2d5b1a6598941fd61fa06011342c2c18ca 1931693a88668ed6c9be8866941bb97cb1ea8810c529ce9fcaf2b93d64fc8b7d Loading...

	www.nof-hashaked.co.il/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3	9.7 kB	2023-03-07	2024-04-26
Pretty URL www.nof-hashaked.co.il/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:47 Last Seen2024-04-26 02:50:49 Times Seen1720 Hash 490c29d6776fc430c23403fd845b34b0 817129906b7fef1011895a76f047c7693a852e21 29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4 Loading...

	www.nof-hashaked.co.il/	153 B	2023-03-07	2023-03-26
Pretty URL www.nof-hashaked.co.il/ IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:23 Last Seen2023-03-26 08:10:15 Times Seen2 Hash aed76dc482cd02741d5ffb34c36de129 2e6e66e44cf1045b134bc977aeee10cd72c763b2 cba1cb28794f4453ffae55307c50c9565de7e17c91ca096c1e03dc497bea0d56 Loading...

	www.nof-hashaked.co.il/	493 B	2023-03-07	2024-04-26
Pretty URL www.nof-hashaked.co.il/ IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:11 Last Seen2024-04-26 00:36:16 Times Seen4278 Hash f73f3cc147a181d5955eaba113c1c122 07a5ef5a63d37a99d17986786d75bdcb3cda6409 5aab3a40376dc0dffe15b2882b50d298e6c877683a4f25ddfcf77fbd16d47b56 Loading...

	www.nof-hashaked.co.il/wp-content/themes/betheme/assets/animations/animations.min.js?ver=25.1.4	1.8 kB	2023-03-07	2024-04-15
Pretty URL www.nof-hashaked.co.il/wp-content/themes/betheme/assets/animations/animations.min.js?ver=25.1.4 IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2024-04-15 15:07:48 Times Seen805 Hash 6d1ef4ab8b112c1e2642e61424bd46b4 9fb2f893a18752e5123314c41c453636ec77e390 d1bbd7ecc1eb2490fa89949a1af779e82a0817587e19a8396936ed86e430550b Loading...

	www.google.com/pagead/conversion_async.js	42 kB	2023-03-07	2023-03-17
Pretty URL www.google.com/pagead/conversion_async.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:19 Last Seen2023-03-17 12:30:23 Times Seen1 Hash 70049e468e315dbffce0c07753fca6f9 6c1cb5e25675de7746ed7dbb4d103aba9faabea0 94cc0d6d41e4b4bcde2f4f3d6292224215a698f20ffe7915c04cb55146537266 Loading...

	www.nof-hashaked.co.il/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2	19 kB	2023-03-07	2024-04-26
Pretty URL www.nof-hashaked.co.il/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-26 01:56:03 Times Seen38055 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	www.nof-hashaked.co.il/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1	12 kB	2023-03-07	2024-04-25
Pretty URL www.nof-hashaked.co.il/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1 IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:43 Last Seen2024-04-25 18:37:12 Times Seen459 Hash 1d376be55e51aea00d432f6659d3e0d1 cc5b9f6fa12d0a90b38d3d6e918401c9ad26332b 34934dc0d2652647955344d4d53218860096f14217c81c1eb5b02e54526835b6 Loading...

	www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.7.0	20 kB	2023-03-07	2024-04-25
Pretty URL www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.7.0 IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:11 Last Seen2024-04-25 04:54:54 Times Seen2561 Hash 596d6e5d8400fd1e913f9adc21071f93 fee2d7a4ac08d5a522c2298a5ad3ed30ac9e62ec 159faf7827be43b4c85a35fc941924a9de59a169d42d600b49161f60debf9dff Loading...

	www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/lib/vc_accordion/vc-accordion.min.js?ver=6.7.0	11 kB	2023-03-07	2024-04-04
Pretty URL www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/lib/vc_accordion/vc-accordion.min.js?ver=6.7.0 IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:54 Last Seen2024-04-04 15:35:35 Times Seen139 Hash 32e6b9092eda5deaa61499a3a7ac5faa 8100ba5504796113d1a823b4b7f85b9ef5fa158d b4521780a668674294942554c0cee44d73e052c8dfe9d1e4e6e238902600ad31 Loading...

	www.googletagmanager.com/gtag/js?id=AW-10831602145	161 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=AW-10831602145 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:23 Last Seen2023-03-07 13:14:23 Times Seen1 Hash 733613765a1c6a92b680fef0bcb7f22e cd0254f713f103d360eec829229e488a13bbbfbb 0f1cf3d71a7cfb5559fd41360461317819204399016e9ccbab1de0c3be2c06f9 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-04-25
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-25 19:24:16 Times Seen842 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	www.nof-hashaked.co.il/wp-content/plugins/wp-simple-firewall/resources/js/shield/notbot.js?ver=15.1.6&mtime=1658830546	3.8 kB	2023-03-07	2023-10-21
Pretty URL www.nof-hashaked.co.il/wp-content/plugins/wp-simple-firewall/resources/js/shield/notbot.js?ver=15.1.6&mtime=1658830546 IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:55 Last Seen2023-10-21 10:50:44 Times Seen17 Hash 6462c1744c2544c73e804d8243d2310b 5ee431d371babb4eb1213b660cfed1b6045a3fd2 fcde6f45b15a405776969db6f8fdf8e6b5dc7dd34cdd9ce7c15cddba4a591863 Loading...

	www.nof-hashaked.co.il/	155 B	2023-03-07	2023-03-26
Pretty URL www.nof-hashaked.co.il/ IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:23 Last Seen2023-03-26 08:10:15 Times Seen2 Hash e8d61b43edd326a8111ce389b829062f b56be06b66c3c862b4c1198b84caee7057ab5d34 16bae28fa161c0823059368809d9d2a5ea7ba5fe9b8d1eb2c9d958bf4772fa86 Loading...

	www.google.com/recaptcha/api.js?render=6LdAliQhAAAAAASVo9AUxSpCW9gRB2Otg_a32tlu&ver=3.0	884 B	2023-03-07	2023-03-07
Pretty URL www.google.com/recaptcha/api.js?render=6LdAliQhAAAAAASVo9AUxSpCW9gRB2Otg_a32tlu&ver=3.0 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:23 Last Seen2023-03-07 13:14:23 Times Seen1 Hash 83af154dd244ffe6e604e3d7160c9f2e 934b679f27826a6231faee8ec6b3979b6bbfdfe5 6be3acde066e4c003d72ac5ccf84574e5f402c7af1761c920a492c6a3d21837a Loading...

	www.nof-hashaked.co.il/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.3	999 B	2023-03-07	2024-04-26
Pretty URL www.nof-hashaked.co.il/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.3 IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:28 Last Seen2024-04-26 02:50:50 Times Seen11041 Hash 6a0e8318d42803736d2fafcc12238026 c955314a7e0a9a9871329b0f042c8f0b5df49a78 2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c Loading...

	www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/lib/vc-tta-autoplay/vc-tta-autoplay.min.js?ver=6.7.0	2.5 kB	2023-03-07	2024-04-04
Pretty URL www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/lib/vc-tta-autoplay/vc-tta-autoplay.min.js?ver=6.7.0 IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:54 Last Seen2024-04-04 15:35:33 Times Seen175 Hash ec326b42443a0157a582537ef34df2f5 ab66c9ec3093da4e360b62e13074caef8ca787d9 6c176a55f46c95137c6700b0777db49956705fe356f8ed5ffcb8b450f6d96b57 Loading...

	www.nof-hashaked.co.il/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.8	380 kB	2023-03-07	2024-04-20
Pretty URL www.nof-hashaked.co.il/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.8 IP 185.56.74.12 ASN #201660 Jetserver Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:19 Last Seen2024-04-20 18:59:05 Times Seen670 Hash ea5cf2c55fc416c211bb6bdfe2a5ea3d 53bf239da2028044e61ac2edd5d292ca00d09726 edc00efff9674105335e75964130281682159ea89058596862a28da1dcaff293 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 6d94fc1508196ffaed8d61f706fb4d23	16 kB	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 12:09:18 Last Seen2023-03-17 11:40:04 Times Seen1 Hash 6d94fc1508196ffaed8d61f706fb4d23 721b95b445f189034bee988a18213e7166776040 a9c1dd73fa7ed90838301c93418b2c92bf1274928fee89eb257d02e97173cae1 Loading...

	#2 Eval - 7d042ad59566eb46a07e7dfa52fb44d4	22 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 12:09:18 Last Seen2023-03-17 11:40:04 Times Seen1 Hash 7d042ad59566eb46a07e7dfa52fb44d4 49bed184491302bb72cf53187f3249bf37329d5c 2b178043315259c8c0c79d91143d9568ece94a693fae9da6cdfd15b371441570 Loading...

	#3 Eval - 17b4af346e22c3ee7f128581c25ada00	22 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 12:09:18 Last Seen2023-03-17 11:40:04 Times Seen1 Hash 17b4af346e22c3ee7f128581c25ada00 8c40061114d7fcd4edc691d66b3c57906e284a19 cd93a2e97e281c2ffd8a8cad4cded814970dbc8963ea8286919b51022ae4f566 Loading...

	#4 Eval - c62bbc87a0de3c2fbd60d38f5da3d14e	22 kB	2023-03-07	2023-03-07
Pretty Observations First Seen2023-03-07 13:14:23 Last Seen2023-03-07 13:14:23 Times Seen1 Hash c62bbc87a0de3c2fbd60d38f5da3d14e 84b9f00ac857707da5c114ac9084fc916bbf12b9 adaf68d24b2d9beec90a999c739dc0ee7bf65e67f8dd3401754bb9f8bf4ebbaa Loading...

	#5 Eval - d641e4c74da11e855f3d3814ea9a5240	64 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 12:09:18 Last Seen2023-03-17 11:40:04 Times Seen1 Hash d641e4c74da11e855f3d3814ea9a5240 cdd11a7ab50b3c9d11eff315951214b49b46c65f 39945446d246f3f25b4031c3e1013556170253a2778898fd73ac117b92a8ef08 Loading...

HTTP Transactions (120)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10021
Expires: Tue, 06 Sep 2022 22:02:57 GMT
Date: Tue, 06 Sep 2022 19:15:56 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 19:04:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UfCJXP-zXsTOOJT7ynVz0flsnLav9cJTYliS5kjJjge5AIuCmq_WEA==
Age: 694

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QPfYNgk3G6gt4xaHVLKwll1loA2uzMrKF_CbMYpKGcsHTjRkUApbzw==
age: 64839
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 19:15:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 06 Sep 2022 18:38:18 GMT
Cache-Control: max-age=3600
Expires: Tue, 06 Sep 2022 18:43:14 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fejybJJgGpNj6l9FDPgZ8wWVTlFGMXMhN3zot2TH0_A7vD4ijbkxoA==
Age: 2259

nof-hashaked.co.il/

185.56.74.12

301 Moved Permanently

0 B

URL HTTP/1.1
nof-hashaked.co.il/
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: shield-notbot-nonce=e493a42444; expires=Tue, 06-Sep-2022 19:16:11 GMT; Max-Age=15; path=/
content-type: text/html; charset=UTF-8
x-xss-protection: 1; mode=block
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
x-content-type-options: nosniff
content-security-policy: report-uri https://www.nof-hashaked.co.il
referrer-policy: strict-origin-when-cross-origin
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
feature-policy: display-capture 'self'
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-redirect-by: WordPress
location: https://www.nof-hashaked.co.il/
content-length: 0
date: Tue, 06 Sep 2022 19:15:57 GMT
server: LiteSpeed

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5981
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:15:57 GMT
Last-Modified: Tue, 06 Sep 2022 17:36:16 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.163.147.190

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.147.190:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ei5cno+8YVdpkzn6o2gTGg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: x1V5q/e+H4hH2pRdyvHZRFbfhs4=

www.nof-hashaked.co.il/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3

185.56.74.12

200 OK

848 B

URL HTTP/2
www.nof-hashaked.co.il/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text
Size
848 B (848 bytes)
Hash
c962ba8e7d42ff9da18392b41dad5151
7b89bc5e6ad161df2e6d7f7fb3ad894aa04b827f
322a4949c5bdd82eb80c13bbbd407ce30a7ad226685c54270d246cb6960e524e

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 10:55:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 848
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.0.2

185.56.74.12

200 OK

11 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.0.2
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (65536), with no line terminators
Size
11 kB (10900 bytes)
Hash
763e0b0069b9c761216dbdea68491759
17d6923d9cd08def13de1e54daf2baf43187cc35
db6e19d275816cbc71fbd71569eb65031f43c8a6f0b315441c384a26c7065f7c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style-rtl.min.css?ver=6.0.2 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: text/css
last-modified: Tue, 12 Jul 2022 19:38:43 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10900
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.6.3

185.56.74.12

200 OK

152 B

URL HTTP/2
www.nof-hashaked.co.il/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.6.3
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text
Size
152 B (152 bytes)
Hash
3ae045c00f92fc31d3585fe7f975412d
bb57516578144aad75ed4b9a06cbd4df41b6f519
076956289c202e94f3657469ef81a4d47dc69d2441d088de292918d6b07d30c9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.6.3 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: text/css
last-modified: Sun, 04 Sep 2022 10:55:59 GMT
accept-ranges: bytes
content-length: 152
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.0.2

185.56.74.12

200 OK

96 B

URL HTTP/2
www.nof-hashaked.co.il/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.0.2
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with CRLF, CR line terminators
Size
96 B (96 bytes)
Hash
6510ecad4ef6a328cabe2d4aa884c797
84caa6684e78b6dec70787f6764e1908f82c6966
4e0034001f2578d4a60ec43d8bbbef16c4f6b4b4275cf8b0ff62e4b76d48e24b

HTTP Headers

GET /wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=6.0.2 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: text/css
last-modified: Sun, 14 Aug 2022 09:02:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 96
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=25.1.4

185.56.74.12

200 OK

1.9 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=25.1.4
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text
Size
1.9 kB (1907 bytes)
Hash
ec9c4823adb01a097d655f555adca9af
f50a073e8be2d675bf6c5af96f50a8f048a2ed15
8295f041024bf84f41a8c3292c995448dc00824bca9c70a1307255587492b7ee

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.css?ver=25.1.4 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: text/css
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1907
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
62c739a1335c5cf0fd4e783db6cdf14b
4f4a2acf32a7b7d8d86f7d0b037cdd16d59704ff
de1d42a2f47b8a7f1fed1880f1b485f63a5e07ede87fee3194cabeab056cf6f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:15:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
62c739a1335c5cf0fd4e783db6cdf14b
4f4a2acf32a7b7d8d86f7d0b037cdd16d59704ff
de1d42a2f47b8a7f1fed1880f1b485f63a5e07ede87fee3194cabeab056cf6f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:15:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:15:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:15:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=AW-10831602145

142.250.74.72

200 OK

60 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=AW-10831602145
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1827)
Size
60 kB (60237 bytes)
Hash
109a8cc188c1bdc6688845f49ac6d545
39c17c3c1be5ebd58d426c16c0cad5189909b22e
cc829706f39a16bdc889db8a6f4f09a0865cca2ab74c4e64cfc98aff898c868c

HTTP Headers

GET /gtag/js?id=AW-10831602145 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Sep 2022 19:15:58 GMT
expires: Tue, 06 Sep 2022 19:15:58 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Sep 2022 18:30:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 60237
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-6SJP05NXHF

142.250.74.72

200 OK

75 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-6SJP05NXHF
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (15517)
Size
75 kB (74856 bytes)
Hash
54b3766ba59e7f58d772c08ed70b35b4
8e928de9f80f5fe4c69420389f89344083382a59
1cb75ddfb3b6aafb20b9cbaccb1386377378fadd0875f83d6d9362ee6b307372

HTTP Headers

GET /gtag/js?id=G-6SJP05NXHF HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Sep 2022 19:15:58 GMT
expires: Tue, 06 Sep 2022 19:15:58 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74856
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
21d1b5be072df45253749eeb3290be82
4ac9978797c085289b9fcc2fe9a57b619e1c78c9
9ea779e1ad86a4a7c403b574908e2dc60d079b366ab1cf439b34c73c9a9c64c9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:15:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.nof-hashaked.co.il/wp-content/themes/betheme/css/be.css?ver=25.1.4

185.56.74.12

200 OK

57 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/themes/betheme/css/be.css?ver=25.1.4
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (464)
Size
57 kB (57166 bytes)
Hash
b2986f667add5d071891cb9b5d2477ad
94b2a0b2953f117cfd0a48061b11d7e911609a7e
eb4debbf680b1237694b7148be26e223b53f2f1d3ab72f467a4230bac87d28a3

HTTP Headers

GET /wp-content/themes/betheme/css/be.css?ver=25.1.4 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: text/css
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 57166
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/themes/betheme/assets/animations/animations.min.css?ver=25.1.4

185.56.74.12

200 OK

4.4 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/themes/betheme/assets/animations/animations.min.css?ver=25.1.4
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (58528)
Size
4.4 kB (4424 bytes)
Hash
b5ffd053985dbe247067bad06178e26e
2a8ec57446cb9248a5d83bfcfb5bf749c1d8c1bb
ed07c1fef91e06ffad187b9081c3d9c5c3b32f5fbcf0e94face6b53c8ed2ce0f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/assets/animations/animations.min.css?ver=25.1.4 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: text/css
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4424
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/themes/betheme/css/responsive.css?ver=25.1.4

185.56.74.12

200 OK

10 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/themes/betheme/css/responsive.css?ver=25.1.4
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (612)
Size
10 kB (10283 bytes)
Hash
39780ee84dd1e7b62d933bc415b0637f
4ca650322e69aa8de355b92fc0dd346913ca5ba1
277f57a32f8a8bbbe7612b5aea7b3864910bb48ba8cf756756d9bac887aca518

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/css/responsive.css?ver=25.1.4 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: text/css
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10283
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=25.1.4

185.56.74.12

200 OK

12 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=25.1.4
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (364)
Size
12 kB (12408 bytes)
Hash
d4443a56a04ea5bcc4da6b5415d5dcb8
2e94433ae783e1f9da3908a22f6099770081457a
74ae64f6e08dd113867cbfc27e1cc2ed2bef5a762266a70e5f73f2d2b4582a1c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=25.1.4 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: text/css
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12408
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
62c739a1335c5cf0fd4e783db6cdf14b
4f4a2acf32a7b7d8d86f7d0b037cdd16d59704ff
de1d42a2f47b8a7f1fed1880f1b485f63a5e07ede87fee3194cabeab056cf6f9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:15:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?render=6LdAliQhAAAAAASVo9AUxSpCW9gRB2Otg_a32tlu&ver=3.0

142.250.74.164

200 OK

582 B

URL HTTP/2
www.google.com/recaptcha/api.js?render=6LdAliQhAAAAAASVo9AUxSpCW9gRB2Otg_a32tlu&ver=3.0
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (884), with no line terminators
Size
582 B (582 bytes)
Hash
0f7c85d5822cab11c6e924d28f2a5cce
d926fecf2abf015d7ce72950227e69aad780bd43
4d816b6fd2410ff8f7b1bf85638f3da844cb3e4e329976a0e8ec4e9a8ad1a588

HTTP Headers

GET /recaptcha/api.js?render=6LdAliQhAAAAAASVo9AUxSpCW9gRB2Otg_a32tlu&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Tue, 06 Sep 2022 19:15:58 GMT
date: Tue, 06 Sep 2022 19:15:58 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 582
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

185.56.74.12

200 OK

30 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (65447)
Size
30 kB (30273 bytes)
Hash
34f918ada1fe4f01c5a4b90065bbc37a
a731f6ce2d413805e39ae45994012b1bd5ea1e2b
eba158d5ab26a5a54a3dcfcea1072c636f44e92fc2eb30a3f27cd5be3f891dfc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30273
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

185.56.74.12

200 OK

4.0 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (11126)
Size
4.0 kB (3995 bytes)
Hash
7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/plugins/wp-simple-firewall/resources/js/shield/notbot.js?ver=15.1.6&mtime=1658830546

185.56.74.12

200 OK

1.3 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/plugins/wp-simple-firewall/resources/js/shield/notbot.js?ver=15.1.6&mtime=1658830546
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with CRLF line terminators
Size
1.3 kB (1294 bytes)
Hash
4e3f5cdfdfab1f11f2f89d3ed1d63652
38e4558eddfc7858113523d1e09e6380f4ae35be
318193af1709371678ca42d8c20ff23ffe5794f12e7b7885d3ba5fcb1f65e96e

HTTP Headers

GET /wp-content/plugins/wp-simple-firewall/resources/js/shield/notbot.js?ver=15.1.6&mtime=1658830546 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Tue, 26 Jul 2022 10:15:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1294
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2

185.56.74.12

200 OK

4.6 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (15660)
Size
4.6 kB (4619 bytes)
Hash
0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 20:41:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.8

185.56.74.12

200 OK

12 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.8
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
Unicode text, UTF-8 text, with very long lines (12602)
Size
12 kB (11758 bytes)
Hash
7d1694c1ffa2002c380123f7b2a10999
9a739260c33fa947ce26c045ad74810e35ae4125
167a0baefbb0e0cc23898b89754857039300983548b1cad1cb31ac710cab6cda

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.8 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: text/css
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11758
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/themes/betheme-child/style.css?ver=6.0.2

185.56.74.12

200 OK

209 B

URL HTTP/2
www.nof-hashaked.co.il/wp-content/themes/betheme-child/style.css?ver=6.0.2
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text
Size
209 B (209 bytes)
Hash
5f3e7875c728be456bf39dc3b793f708
18f5811685ce67c8d72f4c600006802e4c04727a
7d7d1c0e280bf428ece29fcf06aceb930039e8524a81a62860922e3b45497e76

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme-child/style.css?ver=6.0.2 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: text/css
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 209
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3

185.56.74.12

200 OK

2.8 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (9680), with no line terminators
Size
2.8 kB (2799 bytes)
Hash
8a91034fce0e4a2464d2170d38d31382
f00c20cfcbd136ee9aa20d07085c10f470548fe4
1a8f0bcd2b76caf977b08ed30bdd29eb77405ca4c1fe2315b41f8fe2542f1528

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 10:55:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2799
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3

185.56.74.12

200 OK

3.7 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
HTML document, ASCII text, with very long lines (12211), with no line terminators
Size
3.7 kB (3689 bytes)
Hash
b3777786fbf0ac18aa59c687154a9db8
3f24b0cfae49dc3e70f149edaf203a661cd59c88
8e3993f3b5eb33611a7c40d80d1cb048b4329ebb9ad0d9e8eb583e48fda70bb5

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 10:55:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3689
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:15:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.nof-hashaked.co.il/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1

185.56.74.12

200 OK

1.5 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
Unicode text, UTF-8 text
Size
1.5 kB (1495 bytes)
Hash
1dc80a70d7f75f57a900bdd70b0f7bd1
0f908d59bed54bce38cc0ede198ce93060dfff08
6783955ffbbbf01c4e4787b25cb01d3d925d8f04f0bcea548cdd0895e8504387

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/wpcf7-redirect/build/js/wpcf7r-fe.js?ver=1.1 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Sun, 14 Aug 2022 09:02:49 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1495
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1

185.56.74.12

200 OK

6.6 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
Unicode text, UTF-8 text, with very long lines (8189)
Size
6.6 kB (6637 bytes)
Hash
139a41f01d192d239e7dce15ca307983
62a3e7c0c77209832dc649bc5583e5e0b4918bf5
d796462a5d212cd93b315b43dafb6e77dbe1c3aa567964dc40c1ab0e2c28f405

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 20:41:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6637
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1

185.56.74.12

200 OK

3.8 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (11760)
Size
3.8 kB (3760 bytes)
Hash
cf07f8ed6f9f97c95566c2b77872c681
6b9c0b5521255b6b1dd77c1a0569224de7cc351c
c31ec4601e031d50be0b5732b8b22ed7055c990de764617f37093de9004ef206

HTTP Headers

GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.1 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 20:41:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3760
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/themes/betheme/js/menu.js?ver=25.1.4

185.56.74.12

200 OK

749 B

URL HTTP/2
www.nof-hashaked.co.il/wp-content/themes/betheme/js/menu.js?ver=25.1.4
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text
Size
749 B (749 bytes)
Hash
33c0b2d1963bf8d1aec85903f55372f2
1f8307e852a47838a785abdcde3dc260de017f1a
38df4b408528e6f2fe8651d3d3e06dd7fb197c650d1a9b67b40c61f968473c58

HTTP Headers

GET /wp-content/themes/betheme/js/menu.js?ver=25.1.4 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 749
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/themes/betheme/assets/animations/animations.min.js?ver=25.1.4

185.56.74.12

200 OK

550 B

URL HTTP/2
www.nof-hashaked.co.il/wp-content/themes/betheme/assets/animations/animations.min.js?ver=25.1.4
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (1733)
Size
550 B (550 bytes)
Hash
c3a756b391fe1e6045b1b664b050a5f4
d9deaddac95f6a841a9ac512a49b1ac2ae21faf7
72ec4f8eadcac76d82107ad78d3522f8d429477ad77ea5adc3572458ef382bf8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/assets/animations/animations.min.js?ver=25.1.4 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 550
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/themes/betheme/js/parallax/translate3d.js?ver=25.1.4

185.56.74.12

200 OK

1.2 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/themes/betheme/js/parallax/translate3d.js?ver=25.1.4
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text
Size
1.2 kB (1195 bytes)
Hash
798cccf140859289da4f850b3b2b3c16
5080ddcb8fc9eaabbfba56b933fa304f08590d29
a152cf3215e6c21eae0ae777ef888fe642cf51a13890632903be1ddbf5470afd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/js/parallax/translate3d.js?ver=25.1.4 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1195
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9

185.56.74.12

200 OK

2.4 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (6475), with no line terminators
Size
2.4 kB (2354 bytes)
Hash
4e773d7cec56bacab6d2db420be6f262
c95573d884c1caec0ec9c6f3e2a8c0fbf28d939a
5c8839d0b02f21e8d83d856bbf85a6b87fbedf9ba0b70711b11a1c378d5443e7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 20:41:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2354
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

185.56.74.12

200 OK

6.9 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Size
6.9 kB (6872 bytes)
Hash
1f5152610686781567fb3008c4429792
d0c0bddf5fb8603ed8e55c32f3093c2207f72471
75806ece853d0d76e655a433bd03548d3be6237ea1e4cacd5963f528bbe0d192

HTTP Headers

GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 20:41:04 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6872
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.3

185.56.74.12

200 OK

439 B

URL HTTP/2
www.nof-hashaked.co.il/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.3
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (999), with no line terminators
Size
439 B (439 bytes)
Hash
941c9d44f1c480a37006540de948ef9a
29bc99b84660341fc37d60774b3083025a19147c
d297692ee1e68d1e2499576903508be06859340a25eded15b2565631a592851e

HTTP Headers

GET /wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.6.3 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Sun, 04 Sep 2022 10:55:59 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 439
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.7.0

185.56.74.12

200 OK

5.4 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.7.0
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (19905)
Size
5.4 kB (5392 bytes)
Hash
5c4775770503a303920f7828b0c9ed93
eb423a78df0b4d1bc0490fc6232a9d8daa14b4f1
dd8a0879968f81cc079ac9ab03e98f5f119aa390d07bed57e621f911f0d28cb4

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.7.0 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5392
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/lib/vc_accordion/vc-accordion.min.js?ver=6.7.0

185.56.74.12

200 OK

2.5 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/lib/vc_accordion/vc-accordion.min.js?ver=6.7.0
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (10896)
Size
2.5 kB (2496 bytes)
Hash
ece78603c23f01d91a4940dd7ce4ef6c
c16659321197882e344831e6b6424812fea822a9
488d1c6727cc3387091b235ef43bc5d5a56845a9dfa8c3e8f8247ed30a8609e7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/vc_accordion/vc-accordion.min.js?ver=6.7.0 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2496
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/lib/vc-tta-autoplay/vc-tta-autoplay.min.js?ver=6.7.0

185.56.74.12

200 OK

864 B

URL HTTP/2
www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/lib/vc-tta-autoplay/vc-tta-autoplay.min.js?ver=6.7.0
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (2326)
Size
864 B (864 bytes)
Hash
54bbc23e366830b7b760fb30e8e0cb31
df8565ccac568f4fc0fc2af3354c0d63d206a22e
e0f9b190637e6369a8dce3ff0d81107bfd82aeceae09980bc427a85577bf9c20

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/vc-tta-autoplay/vc-tta-autoplay.min.js?ver=6.7.0 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 864
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/lib/vc_tabs/vc-tabs.min.js?ver=6.7.0

185.56.74.12

200 OK

1.2 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/lib/vc_tabs/vc-tabs.min.js?ver=6.7.0
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (3955)
Size
1.2 kB (1183 bytes)
Hash
c0de2a36720ca97af1f9625144c1a5bb
1c9917fe611f650913472b44c6c2a4b6281ed72b
eadf1582843c993d9e2e96a745b054d17fdb251465666a6d616354696d8fe47b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/vc_tabs/vc-tabs.min.js?ver=6.7.0 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1183
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.7.0

185.56.74.12

200 OK

42 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.7.0
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (65358)
Size
42 kB (42023 bytes)
Hash
5996a8ef5bfe35b3688970f8ff963c6b
e3a755e8f070b881c06df6045ce226bf6a06e8f9
0b9816a246fb58c845c701a78b0f35fa273bd0b712b70ecc1d61321765e97808

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=6.7.0 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: text/css
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 42023
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/plugins/revslider/public/assets/assets/dummy.png

185.56.74.12

200 OK

68 B

URL HTTP/2
www.nof-hashaked.co.il/wp-content/plugins/revslider/public/assets/assets/dummy.png
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
2a637d3d825673c0e3462fa4ed9a1c5c
81668d396da22832d75a986407ff10035e0d5899
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/assets/dummy.png HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: image/png
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 68
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2021/07/appartment-icon.png

185.56.74.12

200 OK

2.2 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/07/appartment-icon.png
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2209 bytes)
Hash
fa72ea13eb711647e7b8e150f2a26f60
cb399743c0fb8b0bd5bf5cdeec00e7eae6503cc6
bd2e6f40c723d6ec2dc5bde49695bdd70d1ac57751ab43ef0b26d21e29c2a6a8

HTTP Headers

GET /wp-content/uploads/2021/07/appartment-icon.png HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: image/png
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 2209
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2021/07/building-icon.png

185.56.74.12

200 OK

1.7 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/07/building-icon.png
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1652 bytes)
Hash
8377dba1003aee58a647e65d83c26edf
ace21d92eebdad01f8f225a65b2f07f5107a50dd
8d6f92a61e96296021e91af5b74430587b06046658c14709c406f44541b5ade2

HTTP Headers

GET /wp-content/uploads/2021/07/building-icon.png HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: image/png
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 1652
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2021/07/rooms-icon.png

185.56.74.12

200 OK

1.9 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/07/rooms-icon.png
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.9 kB (1876 bytes)
Hash
cd717213a496617a207b4c9a3c41522c
9bad35f9cbd2e83291a3e3ddac8bb439285c66d5
858bb21d5b494be509d8a08a8d9ab69365cdadbd9e1d716575ba42ddb400ab9b

HTTP Headers

GET /wp-content/uploads/2021/07/rooms-icon.png HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: image/png
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 1876
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2021/08/view-icon.png

185.56.74.12

200 OK

1.6 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/08/view-icon.png
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1566 bytes)
Hash
ba19d88df637a5895f6b0cb82ac02868
13eee09f95a30d3183e72414e56ae4958b5189bd
5c4543faf4c37cb181eea0a1670bab0f3b3df011be798ef6862431e4c698e6c0

HTTP Headers

GET /wp-content/uploads/2021/08/view-icon.png HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: image/png
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 1566
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/themes/betheme/rtl.css?ver=6.0.2

185.56.74.12

200 OK

6.9 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/themes/betheme/rtl.css?ver=6.0.2
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (785)
Size
6.9 kB (6874 bytes)
Hash
3add0f13aa1604e57f4b4ab926e3a7f9
830b4462828df0e2dab9c83362de63bbe8bef513
bcc2b92a60427dfb353187bd8f23873ed336837b1df3db3b423cbef4bbfbebf2

HTTP Headers

GET /wp-content/themes/betheme/rtl.css?ver=6.0.2 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: text/css
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6874
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/css/js_composer_tta.min.css?ver=6.7.0

185.56.74.12

200 OK

15 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/plugins/js_composer/assets/css/js_composer_tta.min.css?ver=6.7.0
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (65358)
Size
15 kB (14902 bytes)
Hash
2f171c02b6da29694fdbe238ffde036d
ae6cbb2dda32d31136cbf501943f47c9fd6fdf86
172ac265d58ab0dea4054c54c7a28107f5b1e3c721cbe735f15966d28aab3b1d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/js_composer/assets/css/js_composer_tta.min.css?ver=6.7.0 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: text/css
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 14902
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.8

185.56.74.12

200 OK

46 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.8
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (42889)
Size
46 kB (45555 bytes)
Hash
396092d07b6f1217d341d8b877384619
3222efd1a6cf1c450be458bef0a7d358518f3727
5069e1fea79039f98fd09a5ef17eb42867dd3de95602fd16244091d6e290227b

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.8 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 45555
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/themes/betheme/js/plugins.js?ver=25.1.4

185.56.74.12

200 OK

54 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/themes/betheme/js/plugins.js?ver=25.1.4
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (32019)
Size
54 kB (53850 bytes)
Hash
7f77b0c28f1ffe56a075fa82a04264e3
cda034f23950719d17d16604178255125f9b9285
342f6e66891b0d771171c83425e15e6cc20eb9889fa53cdef2fc7aea631fd1fb

HTTP Headers

GET /wp-content/themes/betheme/js/plugins.js?ver=25.1.4 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 53850
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.8

185.56.74.12

200 OK

95 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.8
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (64288)
Size
95 kB (94998 bytes)
Hash
bcc01b1d6942f9641bcecc9b13f98789
ced482e5295f3a25a1e417364853f4687b96dd62
74bf345225a343b914337802ac7308042bdbe2c075eeda2e791b31480ceff7ed

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.8 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 94998
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=25.1.4

185.56.74.12

200 OK

12 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=25.1.4
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text, with very long lines (634)
Size
12 kB (12378 bytes)
Hash
d8bfc3d742ffd06b97048893cf41f69e
9619ab317a12617272411c4c4a33f8ded73b7512
d52b1f1423552aab4f48e0a917e614c3a5318e0c47cba03472ea029858869540

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=25.1.4 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12378
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/themes/betheme/js/scripts.js?ver=25.1.4

185.56.74.12

200 OK

18 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/themes/betheme/js/scripts.js?ver=25.1.4
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
ASCII text
Size
18 kB (17457 bytes)
Hash
61ab3b9a2c14719ac118dfd9e981fdfc
9b5cbb8c42f3ee19d666ef86b26cc06fc6a45732
267e1d6becbff004d6505dc101fa5a6b4faaeec93fa8a40af7f1923cd6a6c72d

HTTP Headers

GET /wp-content/themes/betheme/js/scripts.js?ver=25.1.4 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: application/javascript
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 17457
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2021/08/logo-etz-hashaked.png

185.56.74.12

200 OK

9.1 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/08/logo-etz-hashaked.png
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
PNG image data, 250 x 49, 8-bit/color RGBA, non-interlaced\012- data
Size
9.1 kB (9139 bytes)
Hash
307adc5a9f500e70d0c380f1ebcceabc
c83b8facd18f821bad2669b8bff87aad60d9629e
9976fca5439aaef27d96b7f1f6e55e59125bbc67d6e775b3ac672d1edf0ce8cd

HTTP Headers

GET /wp-content/uploads/2021/08/logo-etz-hashaked.png HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: image/png
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 9139
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2021/07/gordon-logo.png

185.56.74.12

200 OK

5.0 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/07/gordon-logo.png
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
PNG image data, 269 x 86, 8-bit/color RGBA, non-interlaced\012- data
Size
5.0 kB (5016 bytes)
Hash
036a5d13967d2a743f3787b132858f3f
9220dcb01af642b4d366b9e801ca815bd4c67d27
d5519ce7c0e9358b4a154e96dcfdf2fe1e01b2dd1637b903633e2b88052dc5e0

HTTP Headers

GET /wp-content/uploads/2021/07/gordon-logo.png HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: image/png
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 5016
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2021/06/logo-150.png

185.56.74.12

200 OK

20 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/06/logo-150.png
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
PNG image data, 147 x 138, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (20288 bytes)
Hash
c07ddc844223e8cfb14398fbf7aba8a8
e3035874c8d7c2cb7274c74eb93954f5c977c96f
07e56b58f0e533a68c113ca3948ba6969c1f10355144babfc4f4d1ca62be34fa

HTTP Headers

GET /wp-content/uploads/2021/06/logo-150.png HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: image/png
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 20288
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8fc7316fab55e89a81536e926eab6f83
7fcab743b176312e76999b39a1b2a3b97dbeb10f
8178b9805611209f5c47dce32da555117870a90648e026d08cc691a4103169a7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:15:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.nof-hashaked.co.il/wp-content/uploads/2021/10/internal-5.jpg

185.56.74.12

200 OK

95 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/10/internal-5.jpg
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x675, components 3\012- data
Size
95 kB (94840 bytes)
Hash
667b26d684ad40def24270e0b22e9d7b
d51bc6598185fe492c24f57ee9c9d8bdf643b3bd
57870127f168514a19ec85eb55c22d2b065ad44bcfca05d434e682636479a4a7

HTTP Headers

GET /wp-content/uploads/2021/10/internal-5.jpg HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: image/jpeg
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 94840
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2021/08/internal-1.jpg

185.56.74.12

200 OK

90 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/08/internal-1.jpg
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x675, components 3\012- data
Size
90 kB (89694 bytes)
Hash
de4f78785df7a9ba520f115e0dd81b27
63c42b435b5277d30a5436d74678544ab104d2fc
a90ea9e12c8426317364a4d25f8490dd2eae99c3ea2cfca22f6e28abd492e828

HTTP Headers

GET /wp-content/uploads/2021/08/internal-1.jpg HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: image/jpeg
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 89694
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11303
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 19:15:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11303
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 19:15:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11303
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 19:15:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11303
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 19:15:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11303
Expires: Tue, 06 Sep 2022 22:24:22 GMT
Date: Tue, 06 Sep 2022 19:15:59 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6656 bytes)
Hash
983e705542fa78b4d5c876e0c1eada7e
5fc951e5236edd282d4975853ca35dab2e55fb17
fa6e478fc213f6cb6c9f33c96c51105262c857bfe313b3d310755be30b1feeb3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1756524-f0d1-4149-aa44-603b827f87d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6656
x-amzn-requestid: 2703eaf4-1a5a-41a6-859b-47255865efb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAX-3F2ZIAMFpLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d2b-6df026de5a9230ed429d08c1;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: FIIvB2jeQ_PBDzi8XRN0jnNxze3OwDbz8TBaIcadRvmQd2EFhCwX7Q==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:45:42 GMT
age: 77417
etag: "5fc951e5236edd282d4975853ca35dab2e55fb17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4426 bytes)
Hash
c81f3df885bdee8cac46ea9495e6b63b
fc766bca874a352a4acb569577d4cf6527f4f074
e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bSBSzzRMdrVdoV3Ld8hYWq2AwO7Mswcwa8Tk_AKa44j1SlrFugNqpg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:48:06 GMT
age: 77273
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=assistent%3A200&ver=6.0.2

142.250.74.10

400 Bad Request

6.5 kB

URL HTTP/2
fonts.googleapis.com/css?family=assistent%3A200&ver=6.0.2
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
6.5 kB (6546 bytes)
Hash
76eb097264ee309d7393731a37168d79
f3c0721150db621d7833ff6aa40d2b3327cd934f
a829b738e0013f3b5bc0f819ee1656ef0b2a51a5e5a71d0dd9f69bdf2aa90d62

HTTP Headers

GET /css?family=assistent%3A200&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 400 Bad Request
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Sep 2022 19:15:58 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7855 bytes)
Hash
8c23179b2131543088771e3fa84ff231
ae50ae4aecd962b698c19f2863857b51cea7fcec
660900ca69b1787a734c1dbe3d6b9b19656912b4bc4715964c4325edff57f008

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc4b02d0f-9da0-42dc-a234-02e974e7d286.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7855
x-amzn-requestid: d7c8054c-d7d3-4b76-815d-36c3a2e1f6a4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYn6FwzoAMF40g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166e32-3ededbf27f83503978e0d775;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:46:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 8OlwFzmUfQEPeP7pT-g5wRMq0I1jllBnRU0Nxk4kNkcVD_evLZYc7g==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:17:51 GMT
etag: "ae50ae4aecd962b698c19f2863857b51cea7fcec"
content-type: image/jpeg
age: 75488
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2021/08/internal-2.jpg

185.56.74.12

200 OK

82 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/08/internal-2.jpg
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x675, components 3\012- data
Size
82 kB (82092 bytes)
Hash
f724d107f6235e17bf66fbae1204d661
6e46b35da88608419a371fdd219478b9748f5c74
590ae1d3f9dbee88898382248daf1d6048554d8e2d45744dfa0abf56817c8a5f

HTTP Headers

GET /wp-content/uploads/2021/08/internal-2.jpg HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: image/jpeg
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 82092
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2021/10/internal-4.jpg

185.56.74.12

200 OK

91 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/10/internal-4.jpg
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1200x675, components 3\012- data
Size
91 kB (91113 bytes)
Hash
efb7065ba7883954840cbe1ab3953b52
a32052ef4eda29f012fdc5211422d56615294864
cf6c94a1918794d6e0832e85904a5103979f265e86bd4fae25958fa7a8d86af6

HTTP Headers

GET /wp-content/uploads/2021/10/internal-4.jpg HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: image/jpeg
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 91113
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8134 bytes)
Hash
5540d72831e7e7b9fc287f92c48d9f5e
ec19429fa76d9ad47a0578734b011b530b79ebbf
bc27a44853fd17cf51d6bba0db58a755c75a309d9b0cbcd454dfc9d62785f72f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F803e9506-f3ea-4e09-a966-608b8dabf3b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8134
x-amzn-requestid: 5f6027e8-842f-476a-85e5-cc8b848e4567
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X7FlpEoVIAMFuiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63144fbd-7095c29a04d2f5310b1b84c4;Sampled=0
x-amzn-remapped-date: Sun, 04 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Gf6IGDeM-y_nDO1C3m9xeyAJdkYRe2CN87Pi986A7B1qsjq5p9VkQw==
via: 1.1 d7782b26e589b8e1397d352f4daf0d58.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 07:41:25 GMT
age: 41674
etag: "ec19429fa76d9ad47a0578734b011b530b79ebbf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2021/08/photo-9.jpg

185.56.74.12

200 OK

108 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/08/photo-9.jpg
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x734, components 3\012- data
Size
108 kB (107736 bytes)
Hash
0575393b98060bd518a13a8f266c64d2
bb06b7ac06af5a62e4c8a81c21084939594b3d89
10aeb221b8b2701d9086d23f7a55e3db45da18a2bc3f2bd84a536984e8425c74

HTTP Headers

GET /wp-content/uploads/2021/08/photo-9.jpg HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: image/jpeg
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 107736
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2021/10/map-2.jpg

185.56.74.12

200 OK

94 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/10/map-2.jpg
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 946x957, components 3\012- data
Size
94 kB (94376 bytes)
Hash
9e9b2f6ed220f989cf4aaf6074513b13
9778cc006e9fdbab0eef468b2b03e80ab7bc0fa3
ba89958eaca8754384b982bc7918786c6886ab4767ca4acf37af441b698f51e8

HTTP Headers

GET /wp-content/uploads/2021/10/map-2.jpg HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: image/jpeg
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 94376
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2021/10/colaz-3.jpg

185.56.74.12

200 OK

109 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/10/colaz-3.jpg
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 539x949, components 3\012- data
Size
109 kB (109330 bytes)
Hash
548e9b517bba89f571c68c8d55353a63
89cf5c0d1a119256240d268fd2c0abed5d1e56a4
ba0f92faef03b6b5a4b1e50dc11955917da2cabd5b78b05c2c58b01a5b70fc1c

HTTP Headers

GET /wp-content/uploads/2021/10/colaz-3.jpg HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: image/jpeg
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 109330
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12683 bytes)
Hash
ec466c0d472e43c11d36bf6fce068205
720d3624a76d060b8e2699e9aa7a320e3efd4878
5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:36:52 GMT
age: 52747
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2021/10/photo-18.jpg

185.56.74.12

200 OK

175 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/10/photo-18.jpg
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x734, components 3\012- data
Size
175 kB (174936 bytes)
Hash
1e67e6ab3d049ba5174725d964bf978e
e65997f2e9b6ed4a8006f0380c457ed84bc1e68b
bbc501a3cc9f393052c45ca6885ee5ace82271485d6105bd04ec2542dee1bbbb

HTTP Headers

GET /wp-content/uploads/2021/10/photo-18.jpg HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: image/jpeg
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 174936
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2021/07/photo-6.jpg

185.56.74.12

200 OK

146 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/07/photo-6.jpg
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x734, components 3\012- data
Size
146 kB (146095 bytes)
Hash
2e4152a58ddf259fad57c816da2c6eae
0a6278190d4883fda906dd971b6ed6642ba43cf0
5b6ebd99d9512d5adde511f1d252e973a263a48cae5f7964b76df518888b16e9

HTTP Headers

GET /wp-content/uploads/2021/07/photo-6.jpg HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: image/jpeg
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 146095
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2021/08/internal-3.jpg

185.56.74.12

200 OK

471 B

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/08/internal-3.jpg
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
data
Size
471 B (471 bytes)
Hash
eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777

HTTP Headers

GET /wp-content/uploads/2021/08/internal-3.jpg HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: image/jpeg
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 114326
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

fonts.gstatic.com/s/assistant/v18/2sDPZGJYnIjSi6H75xkZZE1I0yCmYzzQtjhgIGaV3w.woff2

142.250.74.163

200 OK

11 kB

URL HTTP/2
fonts.gstatic.com/s/assistant/v18/2sDPZGJYnIjSi6H75xkZZE1I0yCmYzzQtjhgIGaV3w.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11224, version 1.0\012- data
Size
11 kB (11224 bytes)
Hash
404d8e6a3442dcccbb431d9744bb010c
29c191f415b8f1d16b9aaeda3dd57828cb442ac1
00e81dd39305ee972c430eaaaf8f70ef72e2cd7fd5ad72f485e416d5034058b8

HTTP Headers

GET /s/assistant/v18/2sDPZGJYnIjSi6H75xkZZE1I0yCmYzzQtjhgIGaV3w.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nof-hashaked.co.il
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11224
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Sep 2022 16:08:00 GMT
expires: Sun, 03 Sep 2023 16:08:00 GMT
cache-control: public, max-age=31536000
age: 270479
last-modified: Fri, 24 Jun 2022 19:46:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2021/08/map-photo-2.png

185.56.74.12

200 OK

445 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/08/map-photo-2.png
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
PNG image data, 532 x 555, 8-bit/color RGB, non-interlaced\012- data
Size
445 kB (444941 bytes)
Hash
74893c48ec7f232237a5ec00848a9d19
e3d0adb5ee4ca668df53def9952d59d954506558
373c6240ab4c8443b3a5c3b38de92096135b920bb115e6ec1eb5dbd84df3dbb9

HTTP Headers

GET /wp-content/uploads/2021/08/map-photo-2.png HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: image/png
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 444941
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:15:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.nof-hashaked.co.il/wp-content/uploads/2021/08/nof-hashaked-4.jpg

185.56.74.12

200 OK

852 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/08/nof-hashaked-4.jpg
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x1177, components 3\012- data
Size
852 kB (852015 bytes)
Hash
da813d88ca8ef3b941ae5ac8e639b7da
e4219e2a710c38874d153f35172367d179c60253
c686e5a8364b6ea365e434a559d0604cf087723bade7a7d66fb246355918167b

HTTP Headers

GET /wp-content/uploads/2021/08/nof-hashaked-4.jpg HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: image/jpeg
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 852015
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2020/05/estate3-sectionbg3.png

185.56.74.12

200 OK

831 B

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2020/05/estate3-sectionbg3.png
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
PNG image data, 1140 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
831 B (831 bytes)
Hash
43b9837617aa5e064dbce21197ac5159
f9e835daefa1f6524d3af592b7f408f8d8f49a8b
dc5904d487806e15da861c1a27448f7d3d8beba235b1a1dc356a23f3764c3f75

HTTP Headers

GET /wp-content/uploads/2020/05/estate3-sectionbg3.png HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:59 GMT
content-type: image/png
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 831
date: Tue, 06 Sep 2022 19:15:59 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2021/08/slide-3.jpg

185.56.74.12

200 OK

117 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/08/slide-3.jpg
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1080x600, components 3\012- data
Size
117 kB (116909 bytes)
Hash
655622f6c706078f0a2de07a71c6af18
68c5d84bf10e8e0c0269c6fa9db5bbe0c25db91f
69e07663b3099e9c9ffd162d79cdbc3c140c091fd8d27e00074b9c003e7c405f

HTTP Headers

GET /wp-content/uploads/2021/08/slide-3.jpg HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:59 GMT
content-type: image/jpeg
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 116909
date: Tue, 06 Sep 2022 19:15:59 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2021/07/slide-2.jpg

185.56.74.12

200 OK

94 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/07/slide-2.jpg
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1080x600, components 3\012- data
Size
94 kB (93948 bytes)
Hash
90870e4f478c5670060d6c5ed26d95fc
7d8e6ce5a59b28103836e872d5f6e734273468ad
36a4832419e45bf50f4221110e3083d7c51d02183cf9e64c9015ce9858a4e8e3

HTTP Headers

GET /wp-content/uploads/2021/07/slide-2.jpg HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:59 GMT
content-type: image/jpeg
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 93948
date: Tue, 06 Sep 2022 19:15:59 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2021/08/almoni-neue-regular-aaa.woff

185.56.74.12

200 OK

59 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/08/almoni-neue-regular-aaa.woff
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
Web Open Font Format, CFF, length 59272, version 0.0\012- data
Size
59 kB (59272 bytes)
Hash
d76e675dc43c2ec50aaa0450167d3712
d265e5c029ad73860d001cae4e0f4bd1d04d8dad
cbe26f6153bff4b3f11877b7a56ce1040809f72d707863694c1473c158e24606

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2021/08/almoni-neue-regular-aaa.woff HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 19:15:59 GMT
content-type: font/woff
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 59272
date: Tue, 06 Sep 2022 19:15:59 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2021/07/ino-bg.jpg

185.56.74.12

200 OK

52 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/07/ino-bg.jpg
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1394x800, components 3\012- data
Size
52 kB (51873 bytes)
Hash
cccda223f6411adcb46d3f67d30989c8
1480c9e5f09f23333eef8f01f05f0a1207628314
e1b355a232c919fa2bf70de863fe7ae5605d4c4142c7dd138677119afd88c1e5

HTTP Headers

GET /wp-content/uploads/2021/07/ino-bg.jpg HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:59 GMT
content-type: image/jpeg
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 51873
date: Tue, 06 Sep 2022 19:15:59 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/themes/betheme/fonts/mfn/icons.woff?31690507

185.56.74.12

200 OK

81 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/themes/betheme/fonts/mfn/icons.woff?31690507
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
Web Open Font Format, TrueType, length 81448, version 1.0\012- data
Size
81 kB (81448 bytes)
Hash
743706216bfe3fc0728d0bd15313ac92
d923ae95df3ea7676e8dc34f4de04abf2eefaaab
559a910060423ed485ddc062a9ab5318859bbfde26be3f73d9b83ac0b9dae677

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/fonts/mfn/icons.woff?31690507 HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://www.nof-hashaked.co.il/wp-content/themes/betheme/css/be.css?ver=25.1.4
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Tue, 13 Sep 2022 19:15:59 GMT
content-type: font/woff
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 81448
date: Tue, 06 Sep 2022 19:15:59 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

s.w.org/images/core/emoji/14.0.0/svg/25aa.svg

192.0.77.48

200 OK

184 B

URL HTTP/2
s.w.org/images/core/emoji/14.0.0/svg/25aa.svg
IP
192.0.77.48:0
ASN
#2635 AUTOMATTIC

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
184 B (184 bytes)
Hash
60c5854fe77ca7a4946b7c801c559f4a
fbabe686740bbd875754b379a712e0591d5fa85c
0787cdb9b8f56c020d4220f5d93befe312ced253a3f6f96cb4fa47df56a2708d

HTTP Headers

GET /images/core/emoji/14.0.0/svg/25aa.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 19:15:59 GMT
content-type: image/svg+xml
content-length: 184
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2021/08/logo-slider.png

185.56.74.12

200 OK

61 kB

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/08/logo-slider.png
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
PNG image data, 402 x 406, 8-bit/color RGBA, non-interlaced\012- data
Size
61 kB (60898 bytes)
Hash
aa1bf2fb3e1a29290725ce9f7f082838
3abd81ce364c0ad32102fe70e6a21550c23c8c0b
c82c1a0ae28789ba5241ccfb026d6118aad5cc967ac70c6e4df3cdd11a99cae0

HTTP Headers

GET /wp-content/uploads/2021/08/logo-slider.png HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444; _ga_6SJP05NXHF=GS1.1.1662491753.1.0.1662491753.0.0.0; _ga=GA1.1.224665137.1662491754; _gcl_au=1.1.1049090072.1662491754
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:59 GMT
content-type: image/png
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 60898
date: Tue, 06 Sep 2022 19:15:59 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js

142.250.74.163

200 OK

158 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with very long lines (579)
Size
158 kB (158056 bytes)
Hash
d63a69f898e1d00cfc7c871744ded8c4
e166540eccb571c95c8c1135c2168cf5df306991
ed7892ca1498d6dfc0ff8b354ab8c409eed81b1fa77b427467815d0c7f45021c

HTTP Headers

GET /recaptcha/releases/duyHVVR9Brf6N2GewjkPRfsA/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Origin: https://www.nof-hashaked.co.il
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 158056
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 21:31:14 GMT
expires: Sat, 02 Sep 2023 21:31:14 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:40:58 GMT
content-type: text/javascript
age: 337485
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
195accce5155b06c8155a77d9a93d052
5cda84923d0c591c65ba0f6f9b2d0975f5b23298
880b22b6e4fa06c20f09fa0e736386ffa6c62028bbd0b275ab5a0f8ee32c4941

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4518
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:15:59 GMT
Last-Modified: Tue, 06 Sep 2022 18:00:41 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20006 bytes)
Hash
56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Tue, 06 Sep 2022 18:41:12 GMT
expires: Tue, 06 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 2087
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (26737 bytes)
Hash
8e7e24fb3539746aa8b869558f589615
d8086d86bbd5cfacc3b6a5ef14aa917830e137dd
7304497ee417a664bdea67d7307ca36a36013556b927c3ea5bca6c04b66236ef

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 9M973Cwyy5j0dkwOPO9X+pqgaoeNdjnnaL0F4ScfdfZTkQmRo0rxPREyH0JFakqKtNZkoMZw267AjYMcuDuwGg==
priority: u=3,i
content-length: 26737
x-fb-trip-id: 1904183273
date: Tue, 06 Sep 2022 19:15:59 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
195accce5155b06c8155a77d9a93d052
5cda84923d0c591c65ba0f6f9b2d0975f5b23298
880b22b6e4fa06c20f09fa0e736386ffa6c62028bbd0b275ab5a0f8ee32c4941

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4518
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:15:59 GMT
Last-Modified: Tue, 06 Sep 2022 18:00:41 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

www.nof-hashaked.co.il/wp-content/plugins/revslider/public/assets/assets/transparent.png

185.56.74.12

200 OK

122 B

URL HTTP/2
www.nof-hashaked.co.il/wp-content/plugins/revslider/public/assets/assets/transparent.png
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
PNG image data, 300 x 200, 1-bit grayscale, non-interlaced\012- data
Size
122 B (122 bytes)
Hash
86c58b484b48eac285e131e8b55d2ce7
3d3ee4c137a6f36e5fbee31e21a4d08f2c38d20e
9603ffeb6772f1cf745e0097d5d6c046eaf16151e5bc521f20764bba5ddb7713

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/assets/transparent.png HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444; _ga_6SJP05NXHF=GS1.1.1662491753.1.0.1662491753.0.0.0; _ga=GA1.1.224665137.1662491754; _gcl_au=1.1.1049090072.1662491754
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:59 GMT
content-type: image/png
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 122
date: Tue, 06 Sep 2022 19:15:59 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
10585eccdd73117e0bc71ecaf1cd02cb
7bda7ff7308cac8c8824a5a558097a15a2325f5e
6303f8b80751e64006c77524615f10709b136b0606695feb0f51b964e0c2163d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:16:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

googleads.g.doubleclick.net/pagead/viewthroughconversion/10831602145/?random=1662491754045&cv=9&fst=1662491754045&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nof-hashaked.co.il%2F&tiba=%D7%A0%D7%95%D7%A3%20%D7%94%D7%A9%D7%A7%D7%93%20-%20%D7%91%D7%95%D7%97%D7%A8%D7%99%D7%9D%20%D7%9C%D7%92%D7%95%D7%A8%20%D7%A0%D7%9B%D7%95%D7%9F&auid=1049090072.1662491754&hn=www.google.com&async=1&rfmt=3&fmt=4

142.250.74.98

200 OK

1.1 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10831602145/?random=1662491754045&cv=9&fst=1662491754045&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nof-hashaked.co.il%2F&tiba=%D7%A0%D7%95%D7%A3%20%D7%94%D7%A9%D7%A7%D7%93%20-%20%D7%91%D7%95%D7%97%D7%A8%D7%99%D7%9D%20%D7%9C%D7%92%D7%95%D7%A8%20%D7%A0%D7%9B%D7%95%D7%9F&auid=1049090072.1662491754&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2498), with no line terminators
Size
1.1 kB (1081 bytes)
Hash
ab5b802fc2d918390df25b0bfec7e77b
a39cc340c5b19e10d21ac042e1c281160365920e
dcd16495f28c14f071ba7b7edfbf23c333ab9d8b8f54866efa228d8ac827bd35

HTTP Headers

GET /pagead/viewthroughconversion/10831602145/?random=1662491754045&cv=9&fst=1662491754045&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nof-hashaked.co.il%2F&tiba=%D7%A0%D7%95%D7%A3%20%D7%94%D7%A9%D7%A7%D7%93%20-%20%D7%91%D7%95%D7%97%D7%A8%D7%99%D7%9D%20%D7%9C%D7%92%D7%95%D7%A8%20%D7%A0%D7%9B%D7%95%D7%9F&auid=1049090072.1662491754&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 19:16:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1081
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Sep-2022 19:31:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/10831602145/?random=1662491754047&cv=9&fst=1662491754047&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nof-hashaked.co.il%2F&tiba=%D7%A0%D7%95%D7%A3%20%D7%94%D7%A9%D7%A7%D7%93%20-%20%D7%91%D7%95%D7%97%D7%A8%D7%99%D7%9D%20%D7%9C%D7%92%D7%95%D7%A8%20%D7%A0%D7%9B%D7%95%D7%9F&auid=1049090072.1662491754&hn=www.google.com&async=1&rfmt=3&fmt=4

142.250.74.98

200 OK

1.1 kB

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/10831602145/?random=1662491754047&cv=9&fst=1662491754047&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nof-hashaked.co.il%2F&tiba=%D7%A0%D7%95%D7%A3%20%D7%94%D7%A9%D7%A7%D7%93%20-%20%D7%91%D7%95%D7%97%D7%A8%D7%99%D7%9D%20%D7%9C%D7%92%D7%95%D7%A8%20%D7%A0%D7%9B%D7%95%D7%9F&auid=1049090072.1662491754&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2498), with no line terminators
Size
1.1 kB (1079 bytes)
Hash
078049f20f8790717cffda2c7daf3606
bc6e6fdabc68aa78a33c594e7e656aeb13d639c9
8974cf398fad55050dc1481b5a5621ef4f65062daf92ac44d80ab6a95fcf6f19

HTTP Headers

GET /pagead/viewthroughconversion/10831602145/?random=1662491754047&cv=9&fst=1662491754047&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nof-hashaked.co.il%2F&tiba=%D7%A0%D7%95%D7%A3%20%D7%94%D7%A9%D7%A7%D7%93%20-%20%D7%91%D7%95%D7%97%D7%A8%D7%99%D7%9D%20%D7%9C%D7%92%D7%95%D7%A8%20%D7%A0%D7%9B%D7%95%D7%9F&auid=1049090072.1662491754&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 19:16:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1079
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 06-Sep-2022 19:31:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-content/uploads/2021/10/bg-top-2.jpg

185.56.74.12

200 OK

472 B

URL HTTP/2
www.nof-hashaked.co.il/wp-content/uploads/2021/10/bg-top-2.jpg
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
data
Size
472 B (472 bytes)
Hash
10585eccdd73117e0bc71ecaf1cd02cb
7bda7ff7308cac8c8824a5a558097a15a2325f5e
6303f8b80751e64006c77524615f10709b136b0606695feb0f51b964e0c2163d

HTTP Headers

GET /wp-content/uploads/2021/10/bg-top-2.jpg HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: max-age=2628000, public
expires: Tue, 13 Sep 2022 19:15:58 GMT
content-type: image/jpeg
last-modified: Tue, 09 Nov 2021 09:01:58 GMT
accept-ranges: bytes
content-length: 152319
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
content-security-policy: report-uri https://www.nof-hashaked.co.il
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-6SJP05NXHF&gtm=2oe8v0&_p=323961385&cid=224665137.1662491754&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662491753&sct=1&seg=0&dl=https%3A%2F%2Fwww.nof-hashaked.co.il%2F&dt=%D7%A0%D7%95%D7%A3%20%D7%94%D7%A9%D7%A7%D7%93%20-%20%D7%91%D7%95%D7%97%D7%A8%D7%99%D7%9D%20%D7%9C%D7%92%D7%95%D7%A8%20%D7%A0%D7%9B%D7%95%D7%9F&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-6SJP05NXHF&gtm=2oe8v0&_p=323961385&cid=224665137.1662491754&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662491753&sct=1&seg=0&dl=https%3A%2F%2Fwww.nof-hashaked.co.il%2F&dt=%D7%A0%D7%95%D7%A3%20%D7%94%D7%A9%D7%A7%D7%93%20-%20%D7%91%D7%95%D7%97%D7%A8%D7%99%D7%9D%20%D7%9C%D7%92%D7%95%D7%A8%20%D7%A0%D7%9B%D7%95%D7%9F&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-6SJP05NXHF&gtm=2oe8v0&_p=323961385&cid=224665137.1662491754&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1662491753&sct=1&seg=0&dl=https%3A%2F%2Fwww.nof-hashaked.co.il%2F&dt=%D7%A0%D7%95%D7%A3%20%D7%94%D7%A9%D7%A7%D7%93%20-%20%D7%91%D7%95%D7%97%D7%A8%D7%99%D7%9D%20%D7%9C%D7%92%D7%95%D7%A8%20%D7%A0%D7%9B%D7%95%D7%9F&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Origin: https://www.nof-hashaked.co.il
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.nof-hashaked.co.il
date: Tue, 06 Sep 2022 19:16:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/wp-admin/admin-ajax.php

185.56.74.12

200 OK

160 B

URL HTTP/2
www.nof-hashaked.co.il/wp-admin/admin-ajax.php
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type
JSON data\012- data
Size
160 B (160 bytes)
Hash
a03c6e68995d9b0edb98a499a004f000
40cfb90a04923119e6f2bebf2997a769bff83483
f79e23f525b8b7496b6ced92b1ffc550071ccf66ffeffb86399dfd24dd7c58dc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

POST /wp-admin/admin-ajax.php HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Origin: https://www.nof-hashaked.co.il
Content-Length: 74
Connection: keep-alive
Cookie: shield-notbot-nonce=e493a42444
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
content-security-policy: report-uri https://www.nof-hashaked.co.il
access-control-allow-origin: null
access-control-allow-credentials: true
x-robots-tag: noindex
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
set-cookie: shield-notbot-nonce=e493a42444; expires=Tue, 06-Sep-2022 19:16:14 GMT; Max-Age=15; path=/; secure
icwp-wpsf-notbot=1662492059z89923f67c30ab897d79236c564212adffbf9a655; expires=Tue, 06-Sep-2022 19:20:59 GMT; Max-Age=299; path=/; secure
content-type: application/json; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
date: Tue, 06 Sep 2022 19:16:00 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
expect-ct: max-age=7776000, enforce
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
x-permitted-cross-domain-policies: none
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f53ebd30fa3351f320ca2c8764734ff1
9205e35b1cef1602414af2350ba6205f4129234c
d486cc21bbc47eac5718644e1b280d12a5a4bc92ec97a0e88f184bf6422cb6f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:16:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f53ebd30fa3351f320ca2c8764734ff1
9205e35b1cef1602414af2350ba6205f4129234c
d486cc21bbc47eac5718644e1b280d12a5a4bc92ec97a0e88f184bf6422cb6f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:16:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/pagead/1p-user-list/10831602145/?random=1662491754045&cv=9&fst=1662490800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nof-hashaked.co.il%2F&tiba=%D7%A0%D7%95%D7%A3%20%D7%94%D7%A9%D7%A7%D7%93%20-%20%D7%91%D7%95%D7%97%D7%A8%D7%99%D7%9D%20%D7%9C%D7%92%D7%95%D7%A8%20%D7%A0%D7%9B%D7%95%D7%9F&async=1&fmt=3&is_vtc=1&random=2194055218&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/10831602145/?random=1662491754045&cv=9&fst=1662490800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nof-hashaked.co.il%2F&tiba=%D7%A0%D7%95%D7%A3%20%D7%94%D7%A9%D7%A7%D7%93%20-%20%D7%91%D7%95%D7%97%D7%A8%D7%99%D7%9D%20%D7%9C%D7%92%D7%95%D7%A8%20%D7%A0%D7%9B%D7%95%D7%9F&async=1&fmt=3&is_vtc=1&random=2194055218&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/10831602145/?random=1662491754045&cv=9&fst=1662490800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nof-hashaked.co.il%2F&tiba=%D7%A0%D7%95%D7%A3%20%D7%94%D7%A9%D7%A7%D7%93%20-%20%D7%91%D7%95%D7%97%D7%A8%D7%99%D7%9D%20%D7%9C%D7%92%D7%95%D7%A8%20%D7%A0%D7%9B%D7%95%D7%9F&async=1&fmt=3&is_vtc=1&random=2194055218&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 19:16:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-215931113-1&cid=224665137.1662491754&jid=1064896959&gjid=195790028&_gid=703663276.1662491754&_u=YADAAUAAAAAAAC~&z=1801749727

142.251.1.157

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-215931113-1&cid=224665137.1662491754&jid=1064896959&gjid=195790028&_gid=703663276.1662491754&_u=YADAAUAAAAAAAC~&z=1801749727
IP
142.251.1.157:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-215931113-1&cid=224665137.1662491754&jid=1064896959&gjid=195790028&_gid=703663276.1662491754&_u=YADAAUAAAAAAAC~&z=1801749727 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Content-Type: text/plain
Content-Length: 0
Origin: https://www.nof-hashaked.co.il
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.nof-hashaked.co.il
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Sep 2022 19:16:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/pagead/1p-user-list/10831602145/?random=1662491754047&cv=9&fst=1662490800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nof-hashaked.co.il%2F&tiba=%D7%A0%D7%95%D7%A3%20%D7%94%D7%A9%D7%A7%D7%93%20-%20%D7%91%D7%95%D7%97%D7%A8%D7%99%D7%9D%20%D7%9C%D7%92%D7%95%D7%A8%20%D7%A0%D7%9B%D7%95%D7%9F&async=1&fmt=3&is_vtc=1&random=1839420551&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/pagead/1p-user-list/10831602145/?random=1662491754047&cv=9&fst=1662490800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nof-hashaked.co.il%2F&tiba=%D7%A0%D7%95%D7%A3%20%D7%94%D7%A9%D7%A7%D7%93%20-%20%D7%91%D7%95%D7%97%D7%A8%D7%99%D7%9D%20%D7%9C%D7%92%D7%95%D7%A8%20%D7%A0%D7%9B%D7%95%D7%9F&async=1&fmt=3&is_vtc=1&random=1839420551&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/10831602145/?random=1662491754047&cv=9&fst=1662490800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.nof-hashaked.co.il%2F&tiba=%D7%A0%D7%95%D7%A3%20%D7%94%D7%A9%D7%A7%D7%93%20-%20%D7%91%D7%95%D7%97%D7%A8%D7%99%D7%9D%20%D7%9C%D7%92%D7%95%D7%A8%20%D7%A0%D7%9B%D7%95%D7%9F&async=1&fmt=3&is_vtc=1&random=1839420551&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 06 Sep 2022 19:16:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f53ebd30fa3351f320ca2c8764734ff1
9205e35b1cef1602414af2350ba6205f4129234c
d486cc21bbc47eac5718644e1b280d12a5a4bc92ec97a0e88f184bf6422cb6f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 19:16:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.facebook.com/tr/?id=272712101589909&ev=PageView&dl=https%3A%2F%2Fwww.nof-hashaked.co.il%2F&rl=&if=false&ts=1662491754548&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.2.1662491754547.1592730740&it=1662491754127&coo=false&rqm=GET

31.13.72.36

200 OK

44 B

URL HTTP/2
www.facebook.com/tr/?id=272712101589909&ev=PageView&dl=https%3A%2F%2Fwww.nof-hashaked.co.il%2F&rl=&if=false&ts=1662491754548&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.2.1662491754547.1592730740&it=1662491754127&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
44 B (44 bytes)
Hash
b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

HTTP Headers

GET /tr/?id=272712101589909&ev=PageView&dl=https%3A%2F%2Fwww.nof-hashaked.co.il%2F&rl=&if=false&ts=1662491754548&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.2.1662491754547.1592730740&it=1662491754127&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/gif
date: Tue, 06 Sep 2022 19:16:00 GMT
expires: Tue, 06 Sep 2022 19:16:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie: 
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf271bbd-cebf-41d8-a0c3-8f16d4423a79.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7152 bytes)
Hash
8ce50dfa23e7f34ff68cc6426c2823f7
b1685694999272feb4d9fc39296418cd95480678
4df89827b1b34bb577f28f281ed85067a2e34dd48923b9bae1561e81f67be49b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdf271bbd-cebf-41d8-a0c3-8f16d4423a79.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 7152
x-amzn-requestid: 2571ff54-e2f8-4072-8a26-3d0dd4cd3523
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWsfHz_IAMFaXQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-6a598849314cdc433f9f82f7;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XjbO8y9D7PhQcN0XaBkmhcjzWCMRczO80wxAJa4gUFQZPrS6eb3Z3A==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:48:59 GMT
age: 77226
etag: "b1685694999272feb4d9fc39296418cd95480678"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:400%7CAssistant:600&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:400%7CAssistant:600&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:400%7CAssistant:600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nof-hashaked.co.il/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 19:15:58 GMT
date: Tue, 06 Sep 2022 19:15:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.nof-hashaked.co.il/

185.56.74.12

200 OK

0 B

URL HTTP/2
www.nof-hashaked.co.il/
IP
185.56.74.12:0
ASN
#201660 Jetserver Ltd

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.nof-hashaked.co.il
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
set-cookie: shield-notbot-nonce=e493a42444; expires=Tue, 06-Sep-2022 19:16:12 GMT; Max-Age=15; path=/; secure
content-type: text/html; charset=UTF-8
x-xss-protection: 1; mode=block
expect-ct: max-age=7776000, enforce
access-control-allow-origin: null
access-control-allow-methods: GET,PUT,POST,DELETE
access-control-allow-headers: Content-Type, Authorization
x-content-security-policy: img-src *; media-src * data:;
x-content-type-options: nosniff
content-security-policy: report-uri https://www.nof-hashaked.co.il
referrer-policy: strict-origin-when-cross-origin
cross-origin-embedder-policy-report-only: unsafe-none; report-to="default"
cross-origin-embedder-policy: unsafe-none; report-to="default"
cross-origin-opener-policy-report-only: same-origin; report-to="default"
cross-origin-opener-policy: same-origin; report-to="default"
cross-origin-resource-policy: cross-origin
x-frame-options: SAMEORIGIN
permissions-policy: geolocation=(self), microphone=(), accelerometer=(), gyroscope=(), magnetometer=()
feature-policy: display-capture 'self'
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=63072000; includeSubDomains; preload
link: <https://www.nof-hashaked.co.il/wp-json/>; rel="https://api.w.org/", <https://www.nof-hashaked.co.il/wp-json/wp/v2/pages/185>; rel="alternate"; type="application/json", <https://www.nof-hashaked.co.il/>; rel=shortlink
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Sep 2022 19:15:58 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (56)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP