Security Report Summary
D
| Site: | https://www.bankjerusalem.co.il/ | ||
|---|---|---|---|
| IP Address: | 176.100.166.89 | ||
| Report Time: | 07 Jul 2026 16:51:26 UTC | ||
| Headers: |
|
||
| Advanced: |
|
Missing Headers
| Content-Security-Policy | Content Security Policy is an effective measure to protect your site from XSS attacks. By whitelisting sources of approved content, you can prevent the browser from loading malicious assets. |
|---|---|
| X-Content-Type-Options | X-Content-Type-Options stops a browser from trying to MIME-sniff the content type and forces it to stick with the declared content-type. The only valid value for this header is "X-Content-Type-Options: nosniff". |
| Referrer-Policy | Referrer Policy is a new header that allows a site to control how much information the browser includes with navigations away from a document and should be set by all sites. |
| Permissions-Policy | Permissions Policy is a new header that allows a site to control which features and APIs can be used in the browser. |
Raw Headers
| HTTP/1.1 | 200 OK |
|---|---|
| Content-Type | text/html; charset=utf-8 |
| Transfer-Encoding | chunked |
| Connection | keep-alive |
| Set-Cookie | __uzma=b4049509-8bb0-43bc-afdf-954e6343346e; HttpOnly; path=/; Expires=Tue, 05-Jan-27 16:51:25 GMT; Max-Age=15724800; SameSite=Lax |
| Set-Cookie | __uzmb=1783443085; HttpOnly; path=/; Expires=Tue, 05-Jan-27 16:51:25 GMT; Max-Age=15724800; SameSite=Lax |
| Set-Cookie | __uzme=0143; HttpOnly; path=/; Expires=Tue, 05-Jan-27 16:51:25 GMT; Max-Age=15724800; SameSite=Lax |
| Set-Cookie | __uzmc=641831066226; HttpOnly; path=/; Expires=Tue, 05-Jan-27 16:51:25 GMT; Max-Age=15724800; SameSite=Lax |
| Set-Cookie | __uzmd=1783443085; HttpOnly; path=/; Expires=Tue, 05-Jan-27 16:51:25 GMT; Max-Age=15724800; SameSite=Lax |
| Set-Cookie | __uzmf=7f9000b4049509-8bb0-43bc-afdf-954e6343346e1-17834430859440-004fe57d28a91c7760f10; HttpOnly; path=/; Expires=Tue, 05-Jan-27 16:51:25 GMT; Max-Age=15724800; SameSite=Lax |
| Set-Cookie | uzmx=7f9000b0675a22-0890-429c-9eb6-b21b8857ea731-17834430859440-a1cdce317f78533410; Domain=.bankjerusalem.co.il; HttpOnly; path=/; Expires=Tue, 05-Jan-27 16:51:25 GMT; Max-Age=15724800; SameSite=Lax |
| Cache-Control | max-age=0, no-cache, no-store |
| X-Frame-Options | sameorigin |
| Date | Tue, 07 Jul 2026 16:51:25 GMT |
| Set-Cookie | AWS=rd1o00000000000000000000ffff0a320818o443; expires=Tue, 07-Jul-2026 19:51:28 GMT; path=/; Httponly; Secure |
| Set-Cookie | TS0192bae2=01f303b1aaa8212ad1fd38a8de4cf50acfe83bc577172b2b989aab92fccb27f681bea955744e9c7d7bd214ad2c8dbc1d1f04f583a123811cdbd329c270b99f5f6274510b20; Path=/; Domain=.www.bankjerusalem.co.il |
| Pragma | no-cache |
| Set-Cookie | lLEHd=0839133988ab280083563d3ef35e5b3de3f67bdb811133160f173579e9857d2e4b28ba613750aece5c8dc507612006a1; Path=/; Expires=Wed, 08 Jul 2026 16:51:28 GMT |
| Set-Cookie | WyJ3LZJS=08b30e08980a100043c6c5266b0afeceaef243908f80089b; Path=/; Expires=Wed, 08 Jul 2026 16:51:28 GMT; HttpOnly |
| Set-Cookie | GOX3GQ=08b30e0898063000a81b651483b3503bf71dc953c5151c2c025cffa566321e892e3653e50438df05eab6845980ec33eb8c34e735b4f945c5; Path=/; Expires=Wed, 08 Jul 2026 16:51:28 GMT; HttpOnly |
| Set-Cookie | FrwvB6=08b30e08980d180028762be9a8cdeac08218c66a425a1df3dedd8c21235896d2; Path=/; Expires=Wed, 08 Jul 2026 16:51:28 GMT |
| Set-Cookie | 2rH0gT=08b30e0898021000e1cd3a2e6334b59515d4b0616d658c6a; Path=/ |
| Set-Cookie | GQNCPH=08b30e08980518009983d805a9de8d80b0f04f46e251d478f62abe6f29dd9aa3; Path=/ |
| Set-Cookie | irNxCcQ=08b30e089810300083f7f8586cde91c7ee446be9aba7a419f7913616d1646f55e387a1c826c3de317a17685b5aecaf7f246780520ce56ee2; Path=/; Expires=Wed, 08 Jul 2026 16:51:28 GMT |
| Set-Cookie | TSea60b24d027=086229b7b6ab2000039be8abc3162b407428c27c3e9a6baafb1defc7f39c90c79004009b7152e79b085afcc19911300025a62d984cfb0c6e1b274df80039688ecbd33209d445968038b49a30bbbfa33853229ef50714ea174687770117c79f2d; Path=/ |
| rdwr_response | allowed |
| Strict-Transport-Security | max-age=31536000 |
| Content-Encoding | gzip |
Upcoming Headers
| Cross-Origin-Embedder-Policy | Cross-Origin Embedder Policy allows a site to prevent assets being loaded that do not grant permission to load them via CORS or CORP. |
|---|---|
| Cross-Origin-Opener-Policy | Cross-Origin Opener Policy allows a site to opt-in to Cross-Origin Isolation in the browser. |
| Cross-Origin-Resource-Policy | Cross-Origin Resource Policy allows a resource owner to specify who can load the resource. |
Additional Information
| X-Frame-Options | X-Frame-Options tells the browser whether you want to allow your site to be framed or not. By preventing a browser from framing your site you can defend against attacks like clickjacking. |
|---|---|
| Strict-Transport-Security | HTTP Strict Transport Security is an excellent feature to support on your site and strengthens your implementation of TLS by getting the User Agent to enforce the use of HTTPS. |