Submitted URL: https://pay.fellahi.ma/
Effective URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Submission: On March 01 via automatic, source certstream-suspicious

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 16 HTTP transactions. The main IP is 194.204.226.184, located in Morocco and belongs to IAM-AS, MA. The main domain is testpayment.cmi.co.ma.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on April 20th 2020. Valid for: 2 years.
This is the only time testpayment.cmi.co.ma was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 95.168.187.200 205544 (LEASEWEB-...)
12 194.204.226.184 6713 (IAM-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
16 4
Domain Requested by
12 testpayment.cmi.co.ma testpayment.cmi.co.ma
2 pay.fellahi.ma
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com testpayment.cmi.co.ma
16 4
Subject Issuer Validity Valid
pay.fellahi.ma
R3
2021-03-01 -
2021-05-30
3 months crt.sh
*.cmi.co.ma
DigiCert SHA2 Secure Server CA
2020-04-20 -
2022-04-25
2 years crt.sh
upload.video.google.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-01-26 -
2021-04-20
3 months crt.sh

This page contains 1 frames:

Primary Page: https://testpayment.cmi.co.ma/fim/est3Dgate
Frame ID: 194FB40A8FE1FF8AA98DCB2C4BBEA662
Requests: 16 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://pay.fellahi.ma/ Page URL
  2. https://pay.fellahi.ma/SendData.php Page URL
  3. https://testpayment.cmi.co.ma/fim/est3Dgate Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

16
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

494 kB
Transfer

493 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pay.fellahi.ma/ Page URL
  2. https://pay.fellahi.ma/SendData.php Page URL
  3. https://testpayment.cmi.co.ma/fim/est3Dgate Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
pay.fellahi.ma/
2 KB
1014 B
Document
General
Full URL
https://pay.fellahi.ma/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.168.187.200 London, United Kingdom, ASN205544 (LEASEWEB-UK-LON-11, GB),
Reverse DNS
srvcl.crypracks.com
Software
nginx /
Resource Hash
f3f88739fd55a1b1389e65eb47b8d6449fecd682b4d5e95cb42b972fa0cf6ecd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
pay.fellahi.ma
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Mon, 01 Mar 2021 13:04:53 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-nginx-upstream-cache-status
EXPIRED
x-server-powered-by
Engintron
content-encoding
gzip
SendData.php
pay.fellahi.ma/
2 KB
1004 B
Document
General
Full URL
https://pay.fellahi.ma/SendData.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.168.187.200 London, United Kingdom, ASN205544 (LEASEWEB-UK-LON-11, GB),
Reverse DNS
srvcl.crypracks.com
Software
nginx /
Resource Hash
7150a5ac9f91123e5033a31db81807ad4e22e471e33ac68033fe83e9a39e283a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
POST
:authority
pay.fellahi.ma
:scheme
https
:path
/SendData.php
content-length
585
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://pay.fellahi.ma
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://pay.fellahi.ma/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
Origin
https://pay.fellahi.ma
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://pay.fellahi.ma/

Response headers

server
nginx
date
Mon, 01 Mar 2021 13:04:53 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-server-powered-by
Engintron
content-encoding
gzip
Primary Request Cookie set est3Dgate
testpayment.cmi.co.ma/fim/
36 KB
37 KB
Document
General
Full URL
https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.204.226.184 , Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
Apache-Coyote/1.1 /
Resource Hash
a1b051aff992f38d679ca26f4a4a1038f37480455ab999f58673e30f8cf6eb9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
testpayment.cmi.co.ma
Connection
keep-alive
Content-Length
689
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Origin
https://pay.fellahi.ma
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://pay.fellahi.ma/SendData.php
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
Origin
https://pay.fellahi.ma
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://pay.fellahi.ma/SendData.php

Response headers

Date
Mon, 01 Mar 2021 13:04:55 GMT
Server
Apache-Coyote/1.1
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/html;charset=UTF-8
Set-Cookie
JSESSIONID=9C76A04B5DAEFD9F12567403C3BEA708; Path=/fim/; Secure; HttpOnly
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
bootstrap.css
testpayment.cmi.co.ma/fim/resource2/css/
138 KB
139 KB
Stylesheet
General
Full URL
https://testpayment.cmi.co.ma/fim/resource2/css/bootstrap.css
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.204.226.184 , Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
Apache-Coyote/1.1 /
Resource Hash
a99d25bfc13dfa8b6749df087f799555757ce28d9ef410569e15cef9059ac5bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://testpayment.cmi.co.ma/fim/est3Dgate
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Mar 2021 13:04:55 GMT
Last-Modified
Thu, 17 Dec 2020 10:56:32 GMT
Server
Apache-Coyote/1.1
ETag
W/"141732-1608202592000"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
141732
font-awesome.css
testpayment.cmi.co.ma/fim/resource2/css/
28 KB
28 KB
Stylesheet
General
Full URL
https://testpayment.cmi.co.ma/fim/resource2/css/font-awesome.css
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.204.226.184 , Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
Apache-Coyote/1.1 /
Resource Hash
c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://testpayment.cmi.co.ma/fim/est3Dgate
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Mar 2021 13:04:55 GMT
Last-Modified
Thu, 17 Dec 2020 10:56:32 GMT
Server
Apache-Coyote/1.1
ETag
W/"28747-1608202592000"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
28747
style.css
testpayment.cmi.co.ma/fim/resource2/css/
7 KB
7 KB
Stylesheet
General
Full URL
https://testpayment.cmi.co.ma/fim/resource2/css/style.css
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.204.226.184 , Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
Apache-Coyote/1.1 /
Resource Hash
d4d72ce6fdd8f17e5d45841cab12d3cd966e079dc6ea77a1beac07e08a41a5ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://testpayment.cmi.co.ma/fim/est3Dgate
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Mar 2021 13:04:55 GMT
Last-Modified
Thu, 17 Dec 2020 10:56:32 GMT
Server
Apache-Coyote/1.1
ETag
W/"6823-1608202592000"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
6823
jquery-1.10.2.min.js
testpayment.cmi.co.ma/fim/resource2/js/
91 KB
91 KB
Script
General
Full URL
https://testpayment.cmi.co.ma/fim/resource2/js/jquery-1.10.2.min.js
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.204.226.184 , Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
Apache-Coyote/1.1 /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://testpayment.cmi.co.ma/fim/est3Dgate
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Mar 2021 13:04:55 GMT
Last-Modified
Thu, 17 Dec 2020 10:56:32 GMT
Server
Apache-Coyote/1.1
ETag
W/"93107-1608202592000"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
93107
ajax.js
testpayment.cmi.co.ma/fim/resource2/js/
11 KB
11 KB
Script
General
Full URL
https://testpayment.cmi.co.ma/fim/resource2/js/ajax.js
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.204.226.184 , Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
Apache-Coyote/1.1 /
Resource Hash
e3d3f20b038393d7f1f3966720c1195aa4c5ca860cb763ae98ef1db79450edb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://testpayment.cmi.co.ma/fim/est3Dgate
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Mar 2021 13:04:55 GMT
Last-Modified
Thu, 17 Dec 2020 10:56:32 GMT
Server
Apache-Coyote/1.1
ETag
W/"11195-1608202592000"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
11195
merchantLogo.png
testpayment.cmi.co.ma/fim/
18 KB
19 KB
Image
General
Full URL
https://testpayment.cmi.co.ma/fim/merchantLogo.png?dimUid=600002273
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.204.226.184 , Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
Apache-Coyote/1.1 /
Resource Hash
c96106836e1f51a6df0b7aa4db38eb75e35cf1ed892a50a75aef4d96dec77854
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://testpayment.cmi.co.ma/fim/est3Dgate
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Mar 2021 13:04:55 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Server
Apache-Coyote/1.1
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Transfer-Encoding
chunked
Content-Type
image/png
cartes-min.png
testpayment.cmi.co.ma/fim/resource2/img/
26 KB
26 KB
Image
General
Full URL
https://testpayment.cmi.co.ma/fim/resource2/img/cartes-min.png
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.204.226.184 , Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
Apache-Coyote/1.1 /
Resource Hash
e62eb2a29f2989b9816c4300405fbe6a2227dff11c2dba17ab0b4d619fbe4541
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://testpayment.cmi.co.ma/fim/est3Dgate
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Mar 2021 13:04:55 GMT
Last-Modified
Thu, 17 Dec 2020 10:56:32 GMT
Server
Apache-Coyote/1.1
ETag
W/"26553-1608202592000"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
26553
loading.gif
testpayment.cmi.co.ma/fim/resource2/img/
54 KB
54 KB
Image
General
Full URL
https://testpayment.cmi.co.ma/fim/resource2/img/loading.gif
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.204.226.184 , Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
Apache-Coyote/1.1 /
Resource Hash
86fd602c2e7b734a2d72522e22fa99ebf99b868c12822c4f0c19e22b86cd288a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://testpayment.cmi.co.ma/fim/est3Dgate
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Mar 2021 13:04:55 GMT
Last-Modified
Thu, 17 Dec 2020 10:56:32 GMT
Server
Apache-Coyote/1.1
ETag
W/"55429-1608202592000"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
55429
logo_cmi.gif
testpayment.cmi.co.ma/fim/resource2/img/
4 KB
4 KB
Image
General
Full URL
https://testpayment.cmi.co.ma/fim/resource2/img/logo_cmi.gif
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.204.226.184 , Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
Apache-Coyote/1.1 /
Resource Hash
27803a6c024ce96b7fca4efb59e8e1957db81f6405091ed7624278bdb10454d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://testpayment.cmi.co.ma/fim/est3Dgate
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Mar 2021 13:04:55 GMT
Last-Modified
Thu, 17 Dec 2020 10:56:32 GMT
Server
Apache-Coyote/1.1
ETag
W/"4042-1608202592000"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4042
illu-secure-min.png
testpayment.cmi.co.ma/fim/resource2/img/
3 KB
3 KB
Image
General
Full URL
https://testpayment.cmi.co.ma/fim/resource2/img/illu-secure-min.png
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.204.226.184 , Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
Apache-Coyote/1.1 /
Resource Hash
f1c46075a2f2e4829e728dfbe4a1e36a3db29353c6159291f27145499784d7ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://testpayment.cmi.co.ma/fim/est3Dgate
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Mar 2021 13:04:55 GMT
Last-Modified
Thu, 17 Dec 2020 10:56:32 GMT
Server
Apache-Coyote/1.1
ETag
W/"3110-1608202592000"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3110
bootstrap.js
testpayment.cmi.co.ma/fim/resource2/js/
59 KB
60 KB
Script
General
Full URL
https://testpayment.cmi.co.ma/fim/resource2/js/bootstrap.js
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
194.204.226.184 , Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
Apache-Coyote/1.1 /
Resource Hash
7970f31907d91bf0f19efe8aefee74d6f0a2d8c72b2f8f20a5e297d3c414a78f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://testpayment.cmi.co.ma/fim/est3Dgate
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 01 Mar 2021 13:04:55 GMT
Last-Modified
Thu, 17 Dec 2020 10:56:32 GMT
Server
Apache-Coyote/1.1
ETag
W/"60681-1608202592000"
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
60681
css
fonts.googleapis.com/
2 KB
978 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/resource2/css/style.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://testpayment.cmi.co.ma/fim/resource2/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 01 Mar 2021 12:50:47 GMT
server
ESF
date
Mon, 01 Mar 2021 13:04:55 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 Mar 2021 13:04:55 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://testpayment.cmi.co.ma
Referer
https://fonts.googleapis.com/css?family=Roboto
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 04:25:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
290356
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Sat, 26 Feb 2022 04:25:39 GMT

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| getXMLHttpRequest function| validateCardBrand function| getInstalmentTable function| getInstalmentTableIfParamNotSent function| getInstalmentReadyStateHandler function| getInstalmentReadyStateHandlerIfParamNotSent function| clearInstalment function| addElement function| validateCard function| validateCard_adr function| getReadyStateHandler function| allsame function| submitform function| executer1 function| popup2 function| AppendChild function| validatePORequest function| getParameterByName object| jQuery110203589035731764332 string| url function| isChecked object| amountCur object| symbolCur object| currenciesList

1 Cookies

Domain/Path Name / Value
testpayment.cmi.co.ma/fim/ Name: JSESSIONID
Value: 9C76A04B5DAEFD9F12567403C3BEA708

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block