urlscan.io logo urlscan.io
SecurityTrails logo

st.tasfia.ma Open in urlscan Pro
109.234.161.41  Public Scan

Go To Rescan Add Verdict Report
URL: https://st.tasfia.ma/storage/
Submission: On October 17 via manual from AE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 21 HTTP transactions. The main IP is 109.234.161.41, located in France and belongs to O2SWITCH, FR. The main domain is st.tasfia.ma.
TLS certificate: Issued by R3 on September 5th 2022. Valid for: 3 months.
This is the only time st.tasfia.ma was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 109.234.161.41 50474 (O2SWITCH)
17 205.255.47.100 19905 (ULTRADDOS)
1 2a03:2880:f02... 32934 (FACEBOOK)
1 3 18.156.98.77 16509 (AMAZON-02)
21 4
Apex Domain
Subdomains		 Transfer
17 regions.com
www.regions.com — Cisco Umbrella Rank: 77966
89 KB
3 webtrendslive.com
statse.webtrendslive.com — Cisco Umbrella Rank: 14951
1 KB
1 atdmt.com
switch.atdmt.com — Cisco Umbrella Rank: 439332
807 B
1 tasfia.ma
st.tasfia.ma
7 KB
21 4
Domain Requested by
17 www.regions.com st.tasfia.ma
www.regions.com
3 statse.webtrendslive.com 1 redirects www.regions.com
st.tasfia.ma
1 switch.atdmt.com st.tasfia.ma
1 st.tasfia.ma
21 4
Subject Issuer Validity Valid
st.tasfia.ma
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
www.regions.com
Sectigo RSA Extended Validation Secure Server CA		 2022-01-18 -
2023-01-18		 a year crt.sh
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA		 2022-07-26 -
2022-10-24		 3 months crt.sh
statse.webtrendslive.com
Entrust Certification Authority - L1K		 2022-09-12 -
2023-10-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://st.tasfia.ma/storage/
Frame ID: 705E1BC7223354613E3C1CBDF8F76144
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Region Online Banking

Detected technologies

Overall confidence: 100%
Detected patterns
  • <input[^>]+name="__VIEWSTATE

Page Statistics

21
Requests

95 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

97 kB
Transfer

168 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/dcs.gif?&dcsdat=1665989001523&dcssip=st.tasfia.ma&dcsuri=/storage/&WT.co_f=21423ee7aeb4777aee01665967401524&WT.vt_sid=21423ee7aeb4777aee01665967401524.1665989001524&WT.vt_f_tlv=0&WT.tz=0&WT.bh=6&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=Region%20Online%20Banking&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fi=No&WT.tv=8.0.3&WT.sp=@@SPLITVALUE@@&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1 HTTP 303
  • https://statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1665989001523&dcssip=st.tasfia.ma&dcsuri=/storage/&WT.co_f=21423ee7aeb4777aee01665967401524&WT.vt_sid=21423ee7aeb4777aee01665967401524.1665989001524&WT.vt_f_tlv=0&WT.tz=0&WT.bh=6&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=Region%20Online%20Banking&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fi=No&WT.tv=8.0.3&WT.sp=@@SPLITVALUE@@&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
st.tasfia.ma/storage/ 		25 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://st.tasfia.ma/storage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
109.234.161.41 , France, ASN50474 (O2SWITCH, FR),
Reverse DNS
klon.o2switch.net
Software
o2switch-PowerBoost-v3 /
Resource Hash
da843cc66a92f1b11f6fa3ae39e8c98f7356a37e0cadc46711668cea8ed566f9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-encoding
br
content-type
text/html
date
Mon, 17 Oct 2022 06:43:06 GMT
last-modified
Mon, 17 Oct 2022 01:44:10 GMT
server
o2switch-PowerBoost-v3
vary
Accept-Encoding
screen.css
www.regions.com/App_Themes/Default/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.regions.com/App_Themes/Default/screen.css
Requested by
Host: st.tasfia.ma
URL: https://st.tasfia.ma/storage/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
205.255.47.100 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
www.regions.com
Software
nginx /
Resource Hash
dcfb923e577a9ae4a348dd754ace2ac97f59b8152959e9eb048021cc05540ab7
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://st.tasfia.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Cteonnt-Length
16717
Date
Mon, 17 Oct 2022 06:43:21 GMT
Via
NS-CACHE:
Content-Encoding
gzip
Strict-Transport-Security
max-age=157680000
Last-Modified
Wed, 07 Apr 2010 18:14:28 GMT
Server
nginx
Age
1
ETag
"09a43297ed6ca1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3633
loadMedia.js
www.regions.com/js/ 		51 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.regions.com/js/loadMedia.js
Requested by
Host: st.tasfia.ma
URL: https://st.tasfia.ma/storage/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
205.255.47.100 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
www.regions.com
Software
nginx /
Resource Hash
f117e245d635cef71e90485081e772b945d59436583ae48d5fb44807366ce03b
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://st.tasfia.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Cteonnt-Length
52127
Date
Mon, 17 Oct 2022 06:43:21 GMT
Via
NS-CACHE:
Content-Encoding
gzip
Strict-Transport-Security
max-age=157680000
Last-Modified
Mon, 30 Jan 2017 20:17:05 GMT
Server
nginx
Age
1
ETag
"8036f6d2357bd21:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
private
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
13123
logoRegions_213x45.gif
www.regions.com/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.regions.com/img/logoRegions_213x45.gif
Requested by
Host: st.tasfia.ma
URL: https://st.tasfia.ma/storage/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
205.255.47.100 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
www.regions.com
Software
nginx /
Resource Hash
3a7675cadcc76012c2f731ec7229df7053e77b6e2dd25bd130db3ea40a942c85
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://st.tasfia.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 06:43:21 GMT
Via
NS-CACHE:
Strict-Transport-Security
max-age=157680000
Last-Modified
Tue, 26 May 2009 17:12:46 GMT
Server
nginx
Age
1
ETag
"03b2a3025dec91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6788
btnDownArrow.gif
www.regions.com/img/ 		542 B
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.regions.com/img/btnDownArrow.gif
Requested by
Host: st.tasfia.ma
URL: https://st.tasfia.ma/storage/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
205.255.47.100 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
www.regions.com
Software
nginx /
Resource Hash
9c66d8003f7879d187abd1995433d6cf28e89fbdc61cd525f9875319bd60cdfc
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://st.tasfia.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 06:43:21 GMT
Via
NS-CACHE:
Strict-Transport-Security
max-age=157680000
Last-Modified
Mon, 30 Sep 2013 21:19:37 GMT
Server
nginx
Age
1
ETag
"807a30c422bece1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
542
btnRightArrow.gif
www.regions.com/img/ 		388 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.regions.com/img/btnRightArrow.gif
Requested by
Host: st.tasfia.ma
URL: https://st.tasfia.ma/storage/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
205.255.47.100 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
www.regions.com
Software
/
Resource Hash
afa88285c1d088ecc85d2652b169d63fc856d8c73fa07e5eddba9854d0e5824c
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://st.tasfia.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 06:43:21 GMT
Via
NS-CACHE:
Strict-Transport-Security
max-age=157680000
Last-Modified
Mon, 30 Sep 2013 21:19:37 GMT
Age
1
ETag
"807a30c422bece1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
388
left.gif
www.regions.com/img/ 		43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.regions.com/img/left.gif
Requested by
Host: st.tasfia.ma
URL: https://st.tasfia.ma/storage/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
205.255.47.100 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
www.regions.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://st.tasfia.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 06:43:21 GMT
Via
NS-CACHE:
Strict-Transport-Security
max-age=157680000
Last-Modified
Thu, 02 Oct 2008 15:28:14 GMT
Age
1
ETag
"0fb457ca324c91:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
43
wtbase.js
www.regions.com/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.regions.com/js/wtbase.js
Requested by
Host: st.tasfia.ma
URL: https://st.tasfia.ma/storage/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
205.255.47.100 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
www.regions.com
Software
nginx /
Resource Hash
a8f8dd5e3f950efb979b95f74e9a174967c5b1e8b9207c1b48cfc84793739b22
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://st.tasfia.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Cteonnt-Length
13718
Date
Mon, 17 Oct 2022 06:43:21 GMT
Strict-Transport-Security
max-age=157680000
Content-Encoding
gzip
Last-Modified
Mon, 30 Sep 2013 21:19:38 GMT
Server
nginx
ETag
"011c9c422bece1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
private
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4442
msrreg_HomePage_1
switch.atdmt.com/action/ 		43 B
807 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://switch.atdmt.com/action/msrreg_HomePage_1
Requested by
Host: st.tasfia.ma
URL: https://st.tasfia.ma/storage/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:5:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://st.tasfia.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
br
x-content-type-options
nosniff
date
Mon, 17 Oct 2022 06:43:21 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
x-fb-rlafr
0
x-xss-protection
0
pragma
no-cache
x-fb-debug
XiCVKle8eXlcZujJUP26GfNc0DdUMpYEWr8eupeWfmKGv/DCNfzYoj/WGPzs6Ip30p5/QbEDi0uqwPjP0ZlZ3A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
arrowOrange.gif
www.regions.com/App_Themes/Default/img/ 		60 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.regions.com/App_Themes/Default/img/arrowOrange.gif
Requested by
Host: www.regions.com
URL: https://www.regions.com/App_Themes/Default/screen.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
205.255.47.100 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
www.regions.com
Software
nginx /
Resource Hash
8c6e5de4057a4f8334cd7d4b5c915483a50c9e62c14df277e1b77542000711ee
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regions.com/App_Themes/Default/screen.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 06:43:21 GMT
Via
NS-CACHE:
Strict-Transport-Security
max-age=157680000
Last-Modified
Fri, 28 Sep 2007 02:41:00 GMT
Server
nginx
Age
1
ETag
"08671791c81:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
60
img2085.jpg
www.regions.com/virtualMedia/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.regions.com/virtualMedia/img2085.jpg
Requested by
Host: st.tasfia.ma
URL: https://st.tasfia.ma/storage/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
205.255.47.100 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
www.regions.com
Software
nginx /
Resource Hash
e377a5cb6bea155393129aa2266f1c2f5e6a9d675a70b80a2a83becc2a587838
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://st.tasfia.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 06:43:21 GMT
Via
NS-CACHE:
Strict-Transport-Security
max-age=157680000
Last-Modified
Tue, 02 Feb 2010 21:53:14 GMT
Server
nginx
Age
1
ETag
"041881e52a4ca1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
32500
img1600.gif
www.regions.com/virtualMedia/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.regions.com/virtualMedia/img1600.gif
Requested by
Host: st.tasfia.ma
URL: https://st.tasfia.ma/storage/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
205.255.47.100 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
www.regions.com
Software
nginx /
Resource Hash
7263728f9f0bc03c96fc1e979e7fb79270a57828e1a610e1050e57051dd61835
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://st.tasfia.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 06:43:21 GMT
Via
NS-CACHE:
Strict-Transport-Security
max-age=157680000
Last-Modified
Sun, 26 Jul 2009 06:11:09 GMT
Server
nginx
Age
1
ETag
"90c369deb7dca1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
2036
arrowGray_Small.gif
www.regions.com/App_Themes/Default/img/ 		68 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.regions.com/App_Themes/Default/img/arrowGray_Small.gif
Requested by
Host: www.regions.com
URL: https://www.regions.com/App_Themes/Default/screen.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
205.255.47.100 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
www.regions.com
Software
nginx /
Resource Hash
59cb0f1b531b50ca8a034e3ac7042489e105e7474cc21fcb83eaf1b4df02c5de
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regions.com/App_Themes/Default/screen.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 06:43:21 GMT
Via
NS-CACHE:
Strict-Transport-Security
max-age=157680000
Last-Modified
Mon, 30 Sep 2013 21:19:36 GMT
Server
nginx
Age
1
ETag
"0e497c322bece1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
68
img2094.gif
www.regions.com/virtualMedia/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.regions.com/virtualMedia/img2094.gif
Requested by
Host: st.tasfia.ma
URL: https://st.tasfia.ma/storage/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
205.255.47.100 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
www.regions.com
Software
nginx /
Resource Hash
5960b4df0cd487630ff0312d64531747196d69939d50dd37cb50823ed5c38ee5
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://st.tasfia.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 06:43:21 GMT
Via
NS-CACHE:
Strict-Transport-Security
max-age=157680000
Last-Modified
Mon, 08 Feb 2010 19:49:04 GMT
Server
nginx
Age
1
ETag
"d0b782c4f7a8ca1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
5265
img2044.jpg
www.regions.com/virtualMedia/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.regions.com/virtualMedia/img2044.jpg
Requested by
Host: st.tasfia.ma
URL: https://st.tasfia.ma/storage/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
205.255.47.100 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
www.regions.com
Software
nginx /
Resource Hash
4d542af52c4bea4a5e1f2ff11b7c883bbaadfd0c9ff8cf244c7a9ad2f2806b7f
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://st.tasfia.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 06:43:21 GMT
Via
NS-CACHE:
Strict-Transport-Security
max-age=157680000
Last-Modified
Tue, 19 Jan 2010 16:10:36 GMT
Server
nginx
Age
1
ETag
"606875ef2199ca1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6075
img1599.gif
www.regions.com/virtualMedia/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.regions.com/virtualMedia/img1599.gif
Requested by
Host: st.tasfia.ma
URL: https://st.tasfia.ma/storage/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
205.255.47.100 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
www.regions.com
Software
nginx /
Resource Hash
3e35cf0c9bcc0bf36d9f19ce6e4b2b63f60f95b7b9301ea5a769d9cee8f5b662
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://st.tasfia.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 06:43:21 GMT
Via
NS-CACHE:
Strict-Transport-Security
max-age=157680000
Last-Modified
Sun, 26 Jul 2009 05:25:53 GMT
Server
nginx
Age
1
ETag
"f0c4c8bb1dca1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4933
img482.jpg
www.regions.com/virtualMedia/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.regions.com/virtualMedia/img482.jpg
Requested by
Host: st.tasfia.ma
URL: https://st.tasfia.ma/storage/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
205.255.47.100 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
www.regions.com
Software
nginx /
Resource Hash
082e383f20a9f37a71803e216a62f1cd998da87c0eadcf2fa331c0b0e661b61c
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://st.tasfia.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 06:43:21 GMT
Via
NS-CACHE:
Strict-Transport-Security
max-age=157680000
Last-Modified
Wed, 26 Sep 2007 05:35:18 GMT
Server
nginx
Age
1
ETag
"10151b6ffffc71:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4923
wtid.js
statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/ 		68 B
147 B 		Script
General
Check archive.org
Download Go to
Full URL
https://statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/wtid.js
Requested by
Host: www.regions.com
URL: https://www.regions.com/js/wtbase.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.156.98.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-98-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
ff16c2591a8b0c2eb6e9fd3321dedd5dcc500744cc50f4372e421563391e3bf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://st.tasfia.ma/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

expires
-1
pragma
no-cache
strict-transport-security
max-age=31536000
cache-control
no-cache
date
Mon, 17 Oct 2022 06:43:21 GMT
content-length
68
content-type
application/x-javascript
dcs.gif
statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/
Redirect Chain
  • https://statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/dcs.gif?&dcsdat=1665989001523&dcssip=st.tasfia.ma&dcsuri=/storage/&WT.co_f=21423ee7aeb4777aee01665967401524&WT.vt_sid=21423ee7aeb4777...
  • https://statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1665989001523&dcssip=st.tasfia.ma&dcsuri=/storage/&WT.co_f=21423ee7aeb4777aee0166596...
67 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1665989001523&dcssip=st.tasfia.ma&dcsuri=/storage/&WT.co_f=21423ee7aeb4777aee01665967401524&WT.vt_sid=21423ee7aeb4777aee01665967401524.1665989001524&WT.vt_f_tlv=0&WT.tz=0&WT.bh=6&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=Region%20Online%20Banking&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fi=No&WT.tv=8.0.3&WT.sp=@@SPLITVALUE@@&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1
Requested by
Host: st.tasfia.ma
URL: https://st.tasfia.ma/storage/
Protocol
H2
Server
18.156.98.77 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-98-77.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://st.tasfia.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 17 Oct 2022 06:43:21 GMT
content-type
image/gif
p3p
CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
cache-control
no-cache
content-length
67
expires
-1

Redirect headers

location
/dcs4b71fc10000gs8u88h5t1k_6n2i/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1665989001523&dcssip=st.tasfia.ma&dcsuri=/storage/&WT.co_f=21423ee7aeb4777aee01665967401524&WT.vt_sid=21423ee7aeb4777aee01665967401524.1665989001524&WT.vt_f_tlv=0&WT.tz=0&WT.bh=6&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.ti=Region%20Online%20Banking&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fi=No&WT.tv=8.0.3&WT.sp=@@SPLITVALUE@@&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1
strict-transport-security
max-age=31536000
date
Mon, 17 Oct 2022 06:43:21 GMT
content-length
0
p3p
CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
bgDot.gif
www.regions.com/App_Themes/Default/img/ 		46 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.regions.com/App_Themes/Default/img/bgDot.gif
Requested by
Host: www.regions.com
URL: https://www.regions.com/App_Themes/Default/screen.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
205.255.47.100 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
www.regions.com
Software
nginx /
Resource Hash
51bd8777217c9c4de83e0810a6a6ee246be0bf7d18e0ee51f4089d3ec6930f79
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regions.com/App_Themes/Default/screen.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 06:43:21 GMT
Via
NS-CACHE:
Strict-Transport-Security
max-age=157680000
Last-Modified
Mon, 30 Sep 2013 21:19:36 GMT
Server
nginx
Age
1
ETag
"0e497c322bece1:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
46
logoEqualHousingLender.gif
www.regions.com/App_Themes/Default/img/ 		252 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.regions.com/App_Themes/Default/img/logoEqualHousingLender.gif
Requested by
Host: www.regions.com
URL: https://www.regions.com/App_Themes/Default/screen.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
205.255.47.100 , United States, ASN19905 (ULTRADDOS, US),
Reverse DNS
www.regions.com
Software
/
Resource Hash
5441ef224dcef0ef36598bdead8e3fcf85ef096b7d741b1352bcb2704b4dfe5d
Security Headers
Name Value
Strict-Transport-Security max-age=157680000
X-Frame-Options SAMEORIGIN

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.regions.com/App_Themes/Default/screen.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Mon, 17 Oct 2022 06:43:21 GMT
Via
NS-CACHE:
Strict-Transport-Security
max-age=157680000
Last-Modified
Fri, 28 Sep 2007 02:41:00 GMT
Age
1
ETag
"08671791c81:0"
X-Frame-Options
SAMEORIGIN
Content-Type
image/gif
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
252

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| agt number| is_major number| is_minor boolean| is_nav boolean| is_nav2 boolean| is_nav3 boolean| is_nav4 boolean| is_nav4up boolean| is_navonly boolean| is_nav6 boolean| is_nav6up boolean| is_gecko boolean| is_firefox boolean| is_firefox0 boolean| is_firefox1 boolean| is_firefox2 boolean| is_ie boolean| is_ie3 boolean| is_ie4 boolean| is_ie4up boolean| is_ie5 boolean| is_ie5_5 boolean| is_ie5up boolean| is_ie5down boolean| is_ie5_5up boolean| is_ie6 boolean| is_ie6up boolean| is_aol boolean| is_aol3 boolean| is_aol4 boolean| is_aol5 boolean| is_aol6 boolean| is_opera boolean| is_opera2 boolean| is_opera3 boolean| is_opera4 boolean| is_opera5 boolean| is_opera5up boolean| is_webtv boolean| is_TVNavigator boolean| is_AOLTV boolean| is_hotjava boolean| is_hotjava3 boolean| is_hotjava3up function| init function| createCookie function| readCookie function| eraseCookie function| showhideOS function| searchCK function| branchCK function| rateCK function| loadMedia function| loadMediaImg function| loadMediaImg_wHRef function| loadContentMedia function| disclosure function| getCookie function| setCookie function| rememberForm object| OnlineOpinion function| unescapeHTML object| oOobj2 function| jsCheck function| GWLSubmit function| rateSubmit function| branchSubmit function| googleSubmit function| qs object| f1 function| loginCK function| loginSubmit string| objText string| browsername string| title function| DcsInit boolean| gService number| gTimeZone function| dcsCookie function| dcsGetCookie function| dcsGetCrumb function| dcsGetIdCrumb function| dcsIsFpcSet function| dcsFPC string| gFpc boolean| gConvert function| dcsAdv string| gDomain string| gDcsId object| gImages number| gIndex object| DCS object| WT object| DCSext object| gQP boolean| gI18n object| RE undefined| EXRE function| dcsMultiTrack function| dcsVar function| dcsA function| dcsEscape function| dcsEncode function| dcsCreateImage function| dcsMeta function| dcsTag function| dcsJV function| dcsFunc string| gTempWtId

2 Cookies

Domain/Path Name / Value
st.tasfia.ma/ Name: WT_FPC
Value: id=21423ee7aeb4777aee01665967401524:lv=1665967401524:ss=1665967401524
statse.webtrendslive.com/ Name: ACOOKIE
Value: C8ctADM2ZmQ4OGMxLWUzNjAtNDQxYy1iMjhmLTRhYTNiYWZkNTBmOAAAAAABAAAADroAAIn5TGOJ+UxjAQAAAEkfAACJ+UxjiflMYwAAAAA-

2 Console Messages

Source Level URL
Text
javascript warning URL: https://www.regions.com/js/wtbase.js(Line 197)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/wtid.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.regions.com/js/wtbase.js(Line 197)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://statse.webtrendslive.com/dcs4b71fc10000gs8u88h5t1k_6n2i/wtid.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

st.tasfia.ma
statse.webtrendslive.com
switch.atdmt.com
www.regions.com
109.234.161.41
18.156.98.77
205.255.47.100
2a03:2880:f02d:5:face:b00c:0:8c
082e383f20a9f37a71803e216a62f1cd998da87c0eadcf2fa331c0b0e661b61c
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
3a7675cadcc76012c2f731ec7229df7053e77b6e2dd25bd130db3ea40a942c85
3e35cf0c9bcc0bf36d9f19ce6e4b2b63f60f95b7b9301ea5a769d9cee8f5b662
4d542af52c4bea4a5e1f2ff11b7c883bbaadfd0c9ff8cf244c7a9ad2f2806b7f
51bd8777217c9c4de83e0810a6a6ee246be0bf7d18e0ee51f4089d3ec6930f79
5441ef224dcef0ef36598bdead8e3fcf85ef096b7d741b1352bcb2704b4dfe5d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5960b4df0cd487630ff0312d64531747196d69939d50dd37cb50823ed5c38ee5
59cb0f1b531b50ca8a034e3ac7042489e105e7474cc21fcb83eaf1b4df02c5de
7263728f9f0bc03c96fc1e979e7fb79270a57828e1a610e1050e57051dd61835
8c6e5de4057a4f8334cd7d4b5c915483a50c9e62c14df277e1b77542000711ee
9c66d8003f7879d187abd1995433d6cf28e89fbdc61cd525f9875319bd60cdfc
a8f8dd5e3f950efb979b95f74e9a174967c5b1e8b9207c1b48cfc84793739b22
afa88285c1d088ecc85d2652b169d63fc856d8c73fa07e5eddba9854d0e5824c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
da843cc66a92f1b11f6fa3ae39e8c98f7356a37e0cadc46711668cea8ed566f9
dcfb923e577a9ae4a348dd754ace2ac97f59b8152959e9eb048021cc05540ab7
e377a5cb6bea155393129aa2266f1c2f5e6a9d675a70b80a2a83becc2a587838
f117e245d635cef71e90485081e772b945d59436583ae48d5fb44807366ce03b
ff16c2591a8b0c2eb6e9fd3321dedd5dcc500744cc50f4372e421563391e3bf9