Submitted URL: https://links.responder.co.il/?k=64347a7553ab22f410fa517e96fd55ba&lid=24598027&sid=481101951
Effective URL: https://maya-nisan.ravpage.co.il/Dawn%20Phenomenon
Submission: On December 01 via manual from DE — Scanned from DE

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 15 HTTP transactions. The main IP is 149.126.77.102, located in Frankfurt am Main, Germany and belongs to INCAPSULA, US. The main domain is maya-nisan.ravpage.co.il.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA H2 2021 on November 15th 2021. Valid for: 6 months.
This is the only time maya-nisan.ravpage.co.il was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.213.215.123 16509 (AMAZON-02)
1 149.126.77.102 19551 (INCAPSULA)
4 149.126.77.134 19551 (INCAPSULA)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
15 6
Domain Requested by
3 js.nagich.co.il maya-nisan.ravpage.co.il
js.nagich.co.il
3 www.google-analytics.com maya-nisan.ravpage.co.il
www.google-analytics.com
2 connect.facebook.net maya-nisan.ravpage.co.il
connect.facebook.net
2 www.youtube.com maya-nisan.ravpage.co.il
www.youtube.com
1 simagescdn2.ravpages.co.il css.ravpages.co.il
1 resourcescdn2.ravpages.co.il css.ravpages.co.il
1 css.ravpages.co.il maya-nisan.ravpage.co.il
1 js.ravpages.co.il maya-nisan.ravpage.co.il
1 maya-nisan.ravpage.co.il
1 links.responder.co.il 1 redirects
15 10

This site contains links to these domains. Also see Links.

Domain
forms.gle
www.responder.co.il
Subject Issuer Validity Valid
imperva.com
GlobalSign Atlas R3 DV TLS CA H2 2021
2021-11-15 -
2022-05-17
6 months crt.sh
*.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-09-09 -
2021-12-08
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-11 -
2022-06-10
a year crt.sh

This page contains 1 frames:

Primary Page: https://maya-nisan.ravpage.co.il/Dawn%20Phenomenon
Frame ID: 207FB20FF91DDB8C5DF8AF43A73D3C1F
Requests: 15 HTTP requests in this frame

Screenshot

Page Title

תסמונת השחר

Page URL History Show full URLs

  1. https://links.responder.co.il/?k=64347a7553ab22f410fa517e96fd55ba&lid=24598027&sid=481101951 HTTP 302
    https://maya-nisan.ravpage.co.il/Dawn%20Phenomenon Page URL

Page Statistics

15
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

10
Subdomains

6
IPs

3
Countries

463 kB
Transfer

1357 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://links.responder.co.il/?k=64347a7553ab22f410fa517e96fd55ba&lid=24598027&sid=481101951 HTTP 302
    https://maya-nisan.ravpage.co.il/Dawn%20Phenomenon Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Dawn%20Phenomenon
maya-nisan.ravpage.co.il/
Redirect Chain
  • https://links.responder.co.il/?k=64347a7553ab22f410fa517e96fd55ba&lid=24598027&sid=481101951
  • https://maya-nisan.ravpage.co.il/Dawn%20Phenomenon
34 KB
7 KB
Document
General
Full URL
https://maya-nisan.ravpage.co.il/Dawn%20Phenomenon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.102 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.102.ip.incapdns.net
Software
Apache/2.4.41 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1f /
Resource Hash
91c19111110eeb60a848c0e4a520c7eff4a19c0be104b3b8468c1ed028d68c0d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 01 Dec 2021 13:01:43 GMT
server
Apache/2.4.41 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1f
cache-control
max-age=0, must-revalidate, public
last-modified
Thu, 14 Oct 2021 06:18:55 GMT
etag
lcts=1638291135&__rxc__=1532355884&force_timestamp=1522256570_6e18d99137408a7b8f522f61ac431c7e
vary
Accept-Encoding
content-encoding
gzip
content-length
6843
content-type
text/html; charset=UTF-8
x-cdn
Imperva
x-iinfo
1003-104978004-104978005 NNNN CT(37 37 0) RT(1638363702832 0) q(0 0 1 0) r(1 1) U5

Redirect headers

Content-Type
text/html
Date
Wed, 01 Dec 2021 13:01:42 GMT
Location
https://maya-nisan.ravpage.co.il/Dawn%20Phenomenon
Server
Apache/2.4.7 (Ubuntu)
X-Powered-By
PHP/5.5.9-1ubuntu4.29
Content-Length
0
Connection
keep-alive
xsites__output__4395ab6b0ca612db4ebd6c4dc4fc680a_433d4e56f37a71ca02a3f2a4afa0191e_1633671069.js
js.ravpages.co.il/xsite_resources/js/static/cached/xsites/output/102021/
417 KB
96 KB
Script
General
Full URL
https://js.ravpages.co.il/xsite_resources/js/static/cached/xsites/output/102021/xsites__output__4395ab6b0ca612db4ebd6c4dc4fc680a_433d4e56f37a71ca02a3f2a4afa0191e_1633671069.js?rxc=1532355884
Requested by
Host: maya-nisan.ravpage.co.il
URL: https://maya-nisan.ravpage.co.il/Dawn%20Phenomenon
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.134 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.134.ip.incapdns.net
Software
/
Resource Hash
4f284fa4d947f2decf30aa3670d200464a86f8295db6c54946f7d9cc0125eddb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maya-nisan.ravpage.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 13:01:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Oct 2021 19:53:14 GMT
X-CDN
Imperva
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
application/javascript
Access-Control-Allow-Origin
*
X-Iinfo
12-257075893-0 0CNN RT(1638363702780 12) q(0 -1 -1 0) r(0 -1)
Cache-Control
max-age=60480000, public
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
Content-Length
97013
Expires
Wed, 01 Nov 2023 13:01:42 GMT
xsites__output__7853a2a26a961f39844327cce9d0ae0c_d751713988987e9331980363e24189ce_1633671069_secure.css
css.ravpages.co.il/xsite_resources/js/static/cached/xsites/output/102021/
147 KB
17 KB
Stylesheet
General
Full URL
https://css.ravpages.co.il/xsite_resources/js/static/cached/xsites/output/102021/xsites__output__7853a2a26a961f39844327cce9d0ae0c_d751713988987e9331980363e24189ce_1633671069_secure.css?cc=8&webp&rxc=1532355884
Requested by
Host: maya-nisan.ravpage.co.il
URL: https://maya-nisan.ravpage.co.il/Dawn%20Phenomenon
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.134 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.134.ip.incapdns.net
Software
/
Resource Hash
42957a70f70db9a829867b653f2c5886212a90172d9f58611a1fe0bff936eec2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maya-nisan.ravpage.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 13:01:42 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Nov 2021 11:12:23 GMT
X-CDN
Imperva
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
text/css;charset=UTF-8
Access-Control-Allow-Origin
*
X-Iinfo
12-257075892-257073045 2CNN RT(1638363702779 10) q(0 0 0 0) r(0 0) U18
Cache-Control
max-age=60480000, public
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
Content-Length
16940
Expires
Wed, 01 Nov 2023 13:01:42 GMT
iframe_api
www.youtube.com/
980 B
1 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: maya-nisan.ravpage.co.il
URL: https://maya-nisan.ravpage.co.il/Dawn%20Phenomenon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31d6060a5464abf6ac8703dd385b044c553e59ae032ee50a0ea0bbae193238e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maya-nisan.ravpage.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 13:01:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdexiF0ssZ_nH8Dr-M3QgbdVRvO77RECMA"
expires
Wed, 01 Dec 2021 13:01:43 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: maya-nisan.ravpage.co.il
URL: https://maya-nisan.ravpage.co.il/Dawn%20Phenomenon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maya-nisan.ravpage.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
36
date
Wed, 01 Dec 2021 13:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 01 Dec 2021 15:01:07 GMT
assistant-v1-latin_hebrew-regular.woff2
resourcescdn2.ravpages.co.il/xsite_resources/fonts/google-fonts/assistant/
19 KB
20 KB
Font
General
Full URL
https://resourcescdn2.ravpages.co.il/xsite_resources/fonts/google-fonts/assistant/assistant-v1-latin_hebrew-regular.woff2?rxc=1532355884
Requested by
Host: css.ravpages.co.il
URL: https://css.ravpages.co.il/xsite_resources/js/static/cached/xsites/output/102021/xsites__output__7853a2a26a961f39844327cce9d0ae0c_d751713988987e9331980363e24189ce_1633671069_secure.css?cc=8&webp&rxc=1532355884
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.134 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.134.ip.incapdns.net
Software
/
Resource Hash
3ccce96c6c03f7bb4143e662070bee6ecb4a57326205c1b72a330cff5159bb75

Request headers

Referer
https://css.ravpages.co.il/
Origin
https://maya-nisan.ravpage.co.il
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 13:01:42 GMT
Last-Modified
Tue, 21 Sep 2021 16:53:10 GMT
X-CDN
Imperva
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
application/octet-stream; charset=binary
Access-Control-Allow-Origin
*
X-Iinfo
9-80166584-0 0CNN RT(1638363702888 11) q(0 -1 -1 6) r(1 -1)
Cache-Control
max-age=60480000, public
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
Content-Length
19676
Expires
Wed, 01 Nov 2023 13:01:42 GMT
Roboto-Light.woff
simagescdn2.ravpages.co.il/xsite_resources/fonts/dada-fonts/
120 KB
120 KB
Font
General
Full URL
https://simagescdn2.ravpages.co.il/xsite_resources/fonts/dada-fonts/Roboto-Light.woff?rxc=1532355884
Requested by
Host: css.ravpages.co.il
URL: https://css.ravpages.co.il/xsite_resources/js/static/cached/xsites/output/102021/xsites__output__7853a2a26a961f39844327cce9d0ae0c_d751713988987e9331980363e24189ce_1633671069_secure.css?cc=8&webp&rxc=1532355884
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
149.126.77.134 Frankfurt am Main, Germany, ASN19551 (INCAPSULA, US),
Reverse DNS
149.126.77.134.ip.incapdns.net
Software
/
Resource Hash
ac11e0faa99228dfcec2d11f40c61eaa74d867f7d57fc4697a18438d1b5fa577

Request headers

Referer
https://css.ravpages.co.il/
Origin
https://maya-nisan.ravpage.co.il
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 13:01:42 GMT
Last-Modified
Tue, 21 Sep 2021 16:53:10 GMT
X-CDN
Imperva
Access-Control-Allow-Methods
POST, GET, OPTIONS, DELETE, PUT
Content-Type
application/octet-stream; charset=binary
Access-Control-Allow-Origin
*
X-Iinfo
13-325339924-0 0CNN RT(1638363702895 10) q(0 -1 -1 1) r(0 -1)
Cache-Control
max-age=60480000, public
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
Content-Length
122568
Expires
Wed, 01 Nov 2023 13:01:42 GMT
sdk.js
connect.facebook.net/he_IL/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/he_IL/sdk.js
Requested by
Host: maya-nisan.ravpage.co.il
URL: https://maya-nisan.ravpage.co.il/Dawn%20Phenomenon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
33c9c91daf6e6eb2ccd3bff4b3c52455b215d8d841810210dff5bc89b4bea731
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maya-nisan.ravpage.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
jDIJWOsCggyWUrKNWQy8EA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Wed, 01 Dec 2021 13:14:24 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1688
x-fb-rlafr
0
x-fb-debug
hJJ/WcwS9uwfHiGyc23aOJ/nYHoIiLUp98rVZjcVMLwDoV6303udt/yUYE/C/jBl3AKME7NQuG0OLHFiLXsJAQ==
x-fb-trip-id
2050670934
x-fb-content-md5
2f34967b80bede3ac1c42ae2136c55cd
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 01 Dec 2021 13:01:43 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"df4fc1536264f398b30ef3f8fe4cd157"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
accessibility.js
js.nagich.co.il/
123 KB
44 KB
Script
General
Full URL
https://js.nagich.co.il/accessibility.js
Requested by
Host: maya-nisan.ravpage.co.il
URL: https://maya-nisan.ravpage.co.il/Dawn%20Phenomenon
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3cff1171b510ec120be695169a69bab4342e83e784926eaaf9b472e2ebd743ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maya-nisan.ravpage.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 13:01:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
84664
x-powered-by
ASP.NET
access-control-allow-methods
GET
last-modified
Tue, 27 Oct 2020 09:55:41 GMT
server
cloudflare
etag
W/"80cc3d5447acd61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HfptKLZ6y%2BgIxdqr%2FrMdIj04nOnnZ%2FRuyYHTsOkaUxMmx1UVmW9uCU1TXPfmeDdrYnPBnI5Rsz4PfkLBji%2FwDSxblWC9Fo72abkmRMn4h64JY1%2BMSLO0pE4F1XM7s9FrKQCEJs0apBB5DZgnGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2604800
access-control-allow-credentials
true
cf-ray
6b6c817a48aad6d5-FRA
collect
www.google-analytics.com/j/
2 B
213 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=701448415&t=pageview&_s=1&dl=https%3A%2F%2Fravpage.co.il%2Fv1%2Ff0c8e182be5e54864f7ab98b0a9131b960AA5A88%2Fmaya-nisan.ravpage.co.il%2FDawn%252520Phenomenon&ul=en-us&de=UTF-8&dt=maya-nisan.ravpage.co.il%2FDawn%252520Phenomenon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=442340137&gjid=511223388&cid=1704792508.1638363703&tid=UA-110933292-25&_gid=603590812.1638363703&_r=1&_slc=1&z=1773367802
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://maya-nisan.ravpage.co.il/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 01 Dec 2021 13:01:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://maya-nisan.ravpage.co.il
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/3ce4f9b8/www-widgetapi.vflset/
147 KB
48 KB
Script
General
Full URL
https://www.youtube.com/s/player/3ce4f9b8/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a499c62bd4a1555dc2be24483a7de1cb92605c2dee544ce0435a7add53b52c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maya-nisan.ravpage.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 12:16:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
2709
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49040
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 01:17:55 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 01 Dec 2022 12:16:34 GMT
sdk.js
connect.facebook.net/he_IL/
285 KB
81 KB
Script
General
Full URL
https://connect.facebook.net/he_IL/sdk.js?hash=e159141827068e05b7f462a460115bc6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/he_IL/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
56914f258f5032971ff400cbbe2c264f5b0b933390b3273600151de51cdcd8ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://maya-nisan.ravpage.co.il/
Origin
https://maya-nisan.ravpage.co.il
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
n+4jT52FGeCAZ8kIs7uGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Thu, 01 Dec 2022 11:54:24 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82929
x-fb-rlafr
0
x-fb-debug
w58WMFyV6McmwkOJdFnAZD11NAjTjwg+hUhomr3aSzCgoN7cZCsRzWHHuwVDd3230SOYbngyvckCyJUNoGzJgw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
86b57232ab29c7bb251c79dcf018bb63
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 01 Dec 2021 13:01:43 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"0130cbb40da01b4708abf82cdcc496ec"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
default.css
js.nagich.co.il//style/
11 KB
3 KB
XHR
General
Full URL
https://js.nagich.co.il//style/default.css
Requested by
Host: js.nagich.co.il
URL: https://js.nagich.co.il/accessibility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
116ec5c6f82674cd1b04981d3ec325c8620ffbb413f06bd1b0cb911e99ddcc73

Request headers

Accept
*/*
Referer
https://maya-nisan.ravpage.co.il/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 13:01:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
76725
x-powered-by
ASP.NET
access-control-allow-methods
GET
last-modified
Sun, 09 May 2021 14:33:43 GMT
server
cloudflare
etag
W/"807da04fe044d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ph6k6uuh9Ux8KKj9Erxg%2F6%2BBl44TURvlf9%2F93umI8ThdhxvEMbDWmMtjwIyZB2mL1n0n3OuPIDyT2hpX6376GjLSOYNphljWDvLIB1qM2DASf5sayB8PflglyVyBY3Jbv3gmEvD1Pd65ELXG%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2604800
access-control-allow-credentials
true
cf-ray
6b6c817b0ea24e74-FRA
btncolor.css
js.nagich.co.il//style/
103 B
422 B
XHR
General
Full URL
https://js.nagich.co.il//style/btncolor.css
Requested by
Host: js.nagich.co.il
URL: https://js.nagich.co.il/accessibility.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:314 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
442db94f47e657604fde817ff431f353d5ae4994e08a59496ce8fed479362119

Request headers

Accept
*/*
Referer
https://maya-nisan.ravpage.co.il/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 13:01:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
76725
x-powered-by
ASP.NET
access-control-allow-methods
GET
last-modified
Mon, 11 Feb 2019 10:07:59 GMT
server
cloudflare
etag
W/"e97d81aaf1c1d41:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=91mFF%2FO%2F4imIvhLYzTOpNjAAmHUwJ7b5tinyWx3f16EDbXT7ssUqPkyQPyX1MwMY2vDQRCFf68x41RokQ0tfRxR%2Flv69JrNeDUDKssKyUjUVRWB9wD4A1n%2BGn%2F62ckDAXzniUyR3QRQfKnPMOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2604800
access-control-allow-credentials
true
cf-ray
6b6c817b1ea54e74-FRA
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=701448415&t=timing&_s=2&dl=https%3A%2F%2Fravpage.co.il%2Fv1%2Ff0c8e182be5e54864f7ab98b0a9131b960AA5A88%2Fmaya-nisan.ravpage.co.il%2FDawn%252520Phenomenon&ul=en-us&de=UTF-8&dt=maya-nisan.ravpage.co.il%2FDawn%252520Phenomenon&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=700&pdt=2&dns=26&rrt=204&srt=126&tcp=46&dit=580&clt=580&_gst=548&_gbt=592&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=1704792508.1638363703&tid=UA-110933292-25&_gid=603590812.1638363703&z=1368157223
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://maya-nisan.ravpage.co.il/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Nov 2021 21:03:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
57508
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| realbeginning object| __ravpageContext string| cookiesStr string| publicID string| tabtype string| analyticsTrackingID string| pageURL string| uniqueID string| displayMode object| begin_wrapper_1 object| begin_1 undefined| ravXXX_jquery_backup undefined| $ undefined| jQuery function| md5 function| fbAsyncInit function| onYouTubeIframeAPIReady object| urlParams object| match object| pl object| search function| decode string| query function| ga object| script object| interdeal object| ravxxGAEvents function| ravxxGAEvent function| ravxxGAEventPublic function| ravxx$ function| ravxxAnalyticsOutboundURL object| jQuery1124038271731950498356 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| FB object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions function| $IND

7 Cookies

Domain/Path Name / Value
.maya-nisan.ravpage.co.il/Dawn%20Phenomenon Name: _ga
Value: GA1.4-2.1704792508.1638363703
.maya-nisan.ravpage.co.il/Dawn%20Phenomenon Name: _gid
Value: GA1.4-2.603590812.1638363703
.maya-nisan.ravpage.co.il/Dawn%20Phenomenon Name: _gat_ravmesser_landingpages
Value: 1
maya-nisan.ravpage.co.il/ Name: RAVXX_LP_UID
Value: 6e18d99137408a7b8f522f61ac431c7e_65297_133619488_1638363703.1745
maya-nisan.ravpage.co.il/ Name: RAVXX_LP_SS
Value: 6bc8e2db95b41b3bc7ef076e2e807f4e
.youtube.com/ Name: YSC
Value: XjqMVmUFcgA
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: q3qxSnX0A9M

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
css.ravpages.co.il
js.nagich.co.il
js.ravpages.co.il
links.responder.co.il
maya-nisan.ravpage.co.il
resourcescdn2.ravpages.co.il
simagescdn2.ravpages.co.il
www.google-analytics.com
www.youtube.com
149.126.77.102
149.126.77.134
2606:4700:20::681a:314
2a00:1450:4001:808::200e
2a00:1450:4001:830::200e
2a03:2880:f02d:12:face:b00c:0:3
52.213.215.123
116ec5c6f82674cd1b04981d3ec325c8620ffbb413f06bd1b0cb911e99ddcc73
2a499c62bd4a1555dc2be24483a7de1cb92605c2dee544ce0435a7add53b52c4
31d6060a5464abf6ac8703dd385b044c553e59ae032ee50a0ea0bbae193238e7
33c9c91daf6e6eb2ccd3bff4b3c52455b215d8d841810210dff5bc89b4bea731
3ccce96c6c03f7bb4143e662070bee6ecb4a57326205c1b72a330cff5159bb75
3cff1171b510ec120be695169a69bab4342e83e784926eaaf9b472e2ebd743ec
42957a70f70db9a829867b653f2c5886212a90172d9f58611a1fe0bff936eec2
442db94f47e657604fde817ff431f353d5ae4994e08a59496ce8fed479362119
4f284fa4d947f2decf30aa3670d200464a86f8295db6c54946f7d9cc0125eddb
56914f258f5032971ff400cbbe2c264f5b0b933390b3273600151de51cdcd8ab
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
91c19111110eeb60a848c0e4a520c7eff4a19c0be104b3b8468c1ed028d68c0d
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac11e0faa99228dfcec2d11f40c61eaa74d867f7d57fc4697a18438d1b5fa577