bankayma.org Open in urlscan Pro
2a01:7e01::f03c:92ff:fe72:776e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bankayma.org/
Submission: On January 20 via automatic, source certstream-suspicious (January 20th 2023, 4:10:44 pm UTC) — Scanned from DE

Summary HTTP 14 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 14 HTTP transactions. The main IP is 2a01:7e01::f03c:92ff:fe72:776e, located in Frankfurt am Main, Germany and belongs to AKAMAI-AP Akamai Technologies, Inc., SG. The main domain is bankayma.org.
TLS certificate: Issued by R3 on January 20th 2023. Valid for: 3 months.

This is the only time bankayma.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a01:7e01::f0... 2a01:7e01::f03c:92ff:fe72:776e	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
2	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
9	2600:9000:214... 2600:9000:214f:e200:e:913c:1540:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
14	4

2 2a01:7e01::f03c:92ff:fe72:776e (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)

bankayma.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:214f:e200:e:913c:1540:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.myofficeguy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	myofficeguy.com www.myofficeguy.com	444 KB
2	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2273	4 KB
2	bankayma.org bankayma.org	16 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	56 KB
14	4

	Domain	Requested by
9	www.myofficeguy.com	bankayma.org www.myofficeguy.com
2	www.paypalobjects.com	bankayma.org
2	bankayma.org	bankayma.org
1	www.googletagmanager.com	www.myofficeguy.com
14	4

This site contains links to these domains. Also see Links.

Domain
www.myofficeguy.com
www.paypal.me
docs.google.com

Subject Issuer	Validity	Valid
bankayma.org R3	`2023-01-20` - `2023-04-20`	3 months	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2022-10-13` - `2023-11-13`	a year	crt.sh
cap.co.il Amazon	`2022-02-22` - `2023-03-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://bankayma.org/
Frame ID: 6911F76B013EFC484B50C52FA11CCD63
Requests: 4 HTTP requests in this frame

Frame: https://www.myofficeguy.com/p/7kl4r/7kvb6/7kl4z/payment/
Frame ID: BC9145A270A2940B4DC156347F8C3BF9
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BANKayma / Sustain-a-bank: בנקיימא - שותפות משאבים וגורל

Detected technologies

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+_s-xclick
paypalobjects\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

14
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

519 kB
Transfer

1539 kB
Size

0
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.myofficeguy.com/p/7kl4r/7kvb6/7kl4z/payment/
Title: **--לינק להצטרפות, ייפתח בחלון חדש--**

Search URL Search Domain Scan URL

URL: https://www.myofficeguy.com/p/7kl4r/7kktl/7piun/payment/
Title: לתרומה חד-פעמית

Search URL Search Domain Scan URL

URL: https://www.paypal.me/BarKayma
Title: For payment/donation via Paypal: paypal.me/BarKayma

Search URL Search Domain Scan URL

URL: https://docs.google.com/forms/d/1rD541QFi_QeAh7rL5aBtqDxBvOcFpgoxfk4OqjcbWSE/viewform
Title: להגשת דרישת תשלום

Search URL Search Domain Scan URL

URL: https://docs.google.com/forms/d/e/1FAIpQLSeiwSi5gl_E-cNoskf7OwHivXct14K0SniclgiV7PMJV1Q_cQ/viewform
Title: +

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bankayma.org/ 4 KB
5 KB 29ms
8ms Document
text/html 2a01:7e01::f03c:92ff:fe72:776e
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to

Full URL

https://bankayma.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a01:7e01::f03c:92ff:fe72:776e Frankfurt am Main, Germany, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

Software

nginx /

Resource Hash

88193fd97975f9ddc4b9cb9c97da71f724c73e7026da9558a276141123d1c53a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 4567
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Fri, 20 Jan 2023 16:10:39 GMT
etag: "63c94153-11d7"
last-modified: Thu, 19 Jan 2023 13:10:43 GMT
permissions-policy: interest-cohort=()
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-sso-wat: You've just been SSOed
x-xss-protection: 1; mode=block

GET
H2 200 bankayma-logo-400x160.png
bankayma.org/ 11 KB
11 KB 9ms
9ms Image
image/png 2a01:7e01::f03c:92ff:fe72:776e
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bankayma.org/bankayma-logo-400x160.png

Requested by

Host: bankayma.org
URL: https://bankayma.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a01:7e01::f03c:92ff:fe72:776e Frankfurt am Main, Germany, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),

Reverse DNS

Software

nginx /

Resource Hash

d3cd5156d5169c78a220376f2219d21246d12815fffc4da6267944529fa6f817

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bankayma.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 16:10:39 GMT
content-security-policy: upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
content-length: 10805
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Jan 2023 13:10:44 GMT
server: nginx
etag: "63c94154-2a35"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: image/png
permissions-policy: interest-cohort=()
x-sso-wat: You've just been SSOed
accept-ranges: bytes

GET
H2 200 btn_subscribeCC_LG.gif
www.paypalobjects.com/en_US/IL/i/btn/ 3 KB
3 KB 39ms
11ms Image
image/gif 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/IL/i/btn/btn_subscribeCC_LG.gif

Requested by

Host: bankayma.org
URL: https://bankayma.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34a27faffa4e617a664611845efb5c4ba317c1714954511bb34d51822799b780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bankayma.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 16:10:39 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
fastly-io-info: ifsz=2937 idim=130x47 ifmt=gif ofsz=2936 odim=130x47 ofmt=gif
paypal-debug-id: 7b44f0e5d35e9
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 2936
x-served-by: cache-sjc10029-SJC, cache-hhn-etou8220072-HHN
traceparent: 00-00000000000000000007b44f0e5d35e9-91ec1d87f31e9776-01
x-timer: S1674231040.862055,VS0,VE2
etag: "Rfg+I30zUjKp5e/4OkFG5Jjg5zBHJ32BP1D0Tpor1QI"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 267, 1

GET
H2 200 pixel.gif
www.paypalobjects.com/en_US/i/scr/ 42 B
515 B 21ms
9ms Image
image/gif 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/en_US/i/scr/pixel.gif

Requested by

Host: bankayma.org
URL: https://bankayma.org/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bankayma.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 16:10:39 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
fastly-io-info: ifsz=43 idim=1x1 ifmt=gif ofsz=42 odim=1x1 ofmt=gif
paypal-debug-id: 49e36fd282d15
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 42
x-served-by: cache-sjc10078-SJC, cache-hhn-etou8220072-HHN
x-timer: S1674231040.860981,VS0,VE1
etag: "dNSbNMYiK1Q98dwxkre+GOK5+qX2pefyT9A/BaBsoeM"
content-type: image/gif
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 15043, 100385

GET
H2 200 / Show response
www.myofficeguy.com/p/7kl4r/7kvb6/7kl4z/payment/ Frame BC91 15 KB
5 KB 874ms
740ms Document
text/html 2600:9000:214f:e200:e:913c:1540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.myofficeguy.com/p/7kl4r/7kvb6/7kl4z/payment/
Requested by: Host: bankayma.org
URL: https://bankayma.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e200:e:913c:1540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 6af663f298d0cbde6653dd4e0cb4850191b21e82efc571efcaf70765792ef6d8

Request headers

Referer: https://bankayma.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store,no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 20 Jan 2023 16:10:40 GMT
pragma: no-cache
vary: Accept-Encoding
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-id: VcnVov-sQ0g2VsPG3JI8PipVqAitLEM7S-Qaf-xdsj4Fe3xtYCY3Uw==
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront

GET
H2 200 white.css
www.myofficeguy.com/content/ Frame BC91 349 KB
43 KB 15ms
14ms Stylesheet
text/css 2600:9000:214f:e200:e:913c:1540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.myofficeguy.com/content/white.css?63809765566
Requested by: Host: www.myofficeguy.com
URL: https://www.myofficeguy.com/p/7kl4r/7kvb6/7kl4z/payment/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e200:e:913c:1540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1c836abeef5e94d648156e38337f6c763c6f8d8cedb38d5d416939bc8365ae81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myofficeguy.com/p/7kl4r/7kvb6/7kl4z/payment/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 05:20:17 GMT
content-encoding: br
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 21:00:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 39024
etag: W/"c22bbd95328141aefd61b8f0860466e3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000,public
x-amz-cf-id: tobCjBw0Ttxyl0M59WSqDkVaur81BPRX12wBObSBA6JyIGa91xXwTQ==

GET
H2 200 arimo_fallback.woff2
www.myofficeguy.com/content/font/ Frame BC91 172 KB
173 KB 12ms
11ms Font
font/woff2 2600:9000:214f:e200:e:913c:1540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.myofficeguy.com/content/font/arimo_fallback.woff2
Requested by: Host: www.myofficeguy.com
URL: https://www.myofficeguy.com/p/7kl4r/7kvb6/7kl4z/payment/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e200:e:913c:1540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1498e53508ecda4762e576b30bf1ec5db38a3e3838b06310ee98c55668a98b9

Request headers

Referer: https://www.myofficeguy.com/p/7kl4r/7kvb6/7kl4z/payment/
Origin: https://www.myofficeguy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 23:16:35 GMT
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified: Thu, 22 Sep 2022 20:49:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 10083246
etag: "80509440fd49be323dfcf50a4e357326"
x-cache: Hit from cloudfront
content-type: font/woff2
cache-control: max-age=31536000,public
accept-ranges: bytes
content-length: 176528
x-amz-cf-id: d8e3wIUqGmnJoJY-0Frm1KukAt4MD8GuaaIOUdZ5Qgx02Es8oqldYg==

GET
H2 200 arimo_latin.woff2
www.myofficeguy.com/content/font/ Frame BC91 24 KB
25 KB 12ms
11ms Font
font/woff2 2600:9000:214f:e200:e:913c:1540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.myofficeguy.com/content/font/arimo_latin.woff2
Requested by: Host: www.myofficeguy.com
URL: https://www.myofficeguy.com/p/7kl4r/7kvb6/7kl4z/payment/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e200:e:913c:1540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 388de8dd4383cd9e3ac1806712ba6246add72eaa79137ae9f8ed7d5021630395

Request headers

Referer: https://www.myofficeguy.com/p/7kl4r/7kvb6/7kl4z/payment/
Origin: https://www.myofficeguy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:30:01 GMT
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified: Sun, 21 Aug 2022 05:37:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 12987640
etag: "610461ca1d5e595d23703c8cc3cf32b6"
x-cache: Hit from cloudfront
content-type: font/woff2
cache-control: max-age=31536000,public
accept-ranges: bytes
content-length: 24732
x-amz-cf-id: u0DKjzhy-Qg1wh3f-wRcEvRirO_BuCUt6OKzfvewXF07wlzPABd1sQ==

GET
H2 200 fontello.woff2
www.myofficeguy.com/content/font/ Frame BC91 27 KB
28 KB 11ms
10ms Font
font/woff2 2600:9000:214f:e200:e:913c:1540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.myofficeguy.com/content/font/fontello.woff2?16488301
Requested by: Host: www.myofficeguy.com
URL: https://www.myofficeguy.com/p/7kl4r/7kvb6/7kl4z/payment/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e200:e:913c:1540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 930e0b448ba3e7182672a083591e9e1f7e6e1c06245159262332b2a3e6f70ee0

Request headers

Referer: https://www.myofficeguy.com/p/7kl4r/7kvb6/7kl4z/payment/
Origin: https://www.myofficeguy.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 19:37:15 GMT
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified: Tue, 23 Aug 2022 20:10:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 12774806
etag: "cfe70473fb340508b503c86ccc98f3e0"
x-cache: Hit from cloudfront
content-type: font/woff2
cache-control: max-age=31536000,public
accept-ranges: bytes
content-length: 27896
x-amz-cf-id: LHHMIa0PMkKrUfKJFSuoDjDcDdiB7_vXHBYmWFDToBzP8K9MvbPlxw==

GET
H2 200 og-external.js Show response
www.myofficeguy.com/scripts/ Frame BC91 146 KB
48 KB 32ms
32ms Script
text/javascript 2600:9000:214f:e200:e:913c:1540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.myofficeguy.com/scripts/og-external.js?63809765566
Requested by: Host: www.myofficeguy.com
URL: https://www.myofficeguy.com/p/7kl4r/7kvb6/7kl4z/payment/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e200:e:913c:1540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2a325514ec1b411ca77edc7187cf7fd53ae4fcfcbca9b9f8ceba820c8973907

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myofficeguy.com/p/7kl4r/7kvb6/7kl4z/payment/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 21:02:27 GMT
content-encoding: br
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 21:00:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 68894
etag: W/"cfcc1013bad88f282ae3916735077358"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: IUBIsG0ZDmPC5VNZDjj8BqBFGr7c35MCwdr5JzPbC8AUlAUJTfGL7A==

GET
H2 200 og.js Show response
www.myofficeguy.com/scripts/ Frame BC91 621 KB
115 KB 26ms
26ms Script
text/javascript 2600:9000:214f:e200:e:913c:1540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.myofficeguy.com/scripts/og.js?63809765566
Requested by: Host: www.myofficeguy.com
URL: https://www.myofficeguy.com/p/7kl4r/7kvb6/7kl4z/payment/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e200:e:913c:1540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7ee237f5373d03f53cfe9b77a91a7283a3eb38c709f7373cc23bf5f95a13ea7e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myofficeguy.com/p/7kl4r/7kvb6/7kl4z/payment/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 05:20:17 GMT
content-encoding: br
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 21:00:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 39024
etag: W/"0c156136018e1ecafc915c5799203a88"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000,public
x-amz-cf-id: JBQBRbUF6tZ6xCFokErI1WlS17gzBis1FahPjiOga0liu6SA9wnk4A==

GET
H2 200 /
www.myofficeguy.com/crm/downloadfile/cb8b0489-d3dd-40a3-a1e3-6847274d4a39/ Frame BC91 4 KB
4 KB 115ms
115ms Image
image/png 2600:9000:214f:e200:e:913c:1540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.myofficeguy.com/crm/downloadfile/cb8b0489-d3dd-40a3-a1e3-6847274d4a39/?width=250&height=90

Requested by

Host: www.myofficeguy.com
URL: https://www.myofficeguy.com/p/7kl4r/7kvb6/7kl4z/payment/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:e200:e:913c:1540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

c1745f5af84fb6ccbd873d823680e81bbda54a08dc834de655e632bd710479e4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myofficeguy.com/p/7kl4r/7kvb6/7kl4z/payment/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 16:10:40 GMT
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public,max-age=3600
x-amz-cf-id: uzTrppU-tMsL4pHtCZSkmvTqW6khmqrRdy0iBDA2YTULUGKMNg4C-Q==

GET
H2 200 logo_dark.png
www.myofficeguy.com/content/images/ Frame BC91 4 KB
4 KB 10ms
10ms Image
image/png 2600:9000:214f:e200:e:913c:1540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.myofficeguy.com/content/images/logo_dark.png
Requested by: Host: www.myofficeguy.com
URL: https://www.myofficeguy.com/p/7kl4r/7kvb6/7kl4z/payment/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e200:e:913c:1540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e0c8fb4ae76e45b5aa8b388dfa41d31fffad309e7e9aa27e4710441d0002ced5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myofficeguy.com/p/7kl4r/7kvb6/7kl4z/payment/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Sun, 15 Jan 2023 04:50:15 GMT
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
last-modified: Wed, 11 Jan 2023 10:55:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 472826
etag: "678b9823c886237df143c20b377926e4"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000,public
accept-ranges: bytes
content-length: 4024
x-amz-cf-id: lbDR8ukCU6GlI_CNrCr-9VhgT_9RkGH2bvezu99kx3i4BSqC1SCBQg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame BC91 159 KB
56 KB 137ms
52ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WGPN5N

Requested by

Host: www.myofficeguy.com
URL: https://www.myofficeguy.com/p/7kl4r/7kvb6/7kl4z/payment/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd132358e5197cf4afc371786d28ba505704e7e2e2212c5b7dcbeb1ec92e4be0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.myofficeguy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Fri, 20 Jan 2023 16:10:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56363
x-xss-protection: 0
last-modified: Fri, 20 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 20 Jan 2023 16:10:40 GMT

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bankayma.org
www.googletagmanager.com
www.myofficeguy.com
www.paypalobjects.com
151.101.194.133
2600:9000:214f:e200:e:913c:1540:93a1
2a00:1450:4001:828::2008
2a01:7e01::f03c:92ff:fe72:776e
0c1ce4dd3afaa97d8627ecebc2e255fe5c1b3c2038f6961a86d10f0381056cc7
1c836abeef5e94d648156e38337f6c763c6f8d8cedb38d5d416939bc8365ae81
34a27faffa4e617a664611845efb5c4ba317c1714954511bb34d51822799b780
388de8dd4383cd9e3ac1806712ba6246add72eaa79137ae9f8ed7d5021630395
6af663f298d0cbde6653dd4e0cb4850191b21e82efc571efcaf70765792ef6d8
7ee237f5373d03f53cfe9b77a91a7283a3eb38c709f7373cc23bf5f95a13ea7e
88193fd97975f9ddc4b9cb9c97da71f724c73e7026da9558a276141123d1c53a
930e0b448ba3e7182672a083591e9e1f7e6e1c06245159262332b2a3e6f70ee0
a2a325514ec1b411ca77edc7187cf7fd53ae4fcfcbca9b9f8ceba820c8973907
c1745f5af84fb6ccbd873d823680e81bbda54a08dc834de655e632bd710479e4
d3cd5156d5169c78a220376f2219d21246d12815fffc4da6267944529fa6f817
e0c8fb4ae76e45b5aa8b388dfa41d31fffad309e7e9aa27e4710441d0002ced5
e1498e53508ecda4762e576b30bf1ec5db38a3e3838b06310ee98c55668a98b9
fd132358e5197cf4afc371786d28ba505704e7e2e2212c5b7dcbeb1ec92e4be0

bankayma.org Open in urlscan Pro 2a01:7e01::f03c:92ff:fe72:776e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

519 kBTransfer

1539 kBSize

0 Cookies

5 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

bankayma.org Open in urlscan Pro
2a01:7e01::f03c:92ff:fe72:776e Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

519 kB
Transfer

1539 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions