urlscan.io logo urlscan.io
SecurityTrails logo

testpayment.cmi.co.ma Open in urlscan Pro
194.204.226.184  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://testcmi.alyf.ai/
Effective URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Submission: On October 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 19 HTTP transactions. The main IP is 194.204.226.184, located in Rabat, Morocco and belongs to IAM-AS, MA. The main domain is testpayment.cmi.co.ma.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 8th 2024. Valid for: a year.
This is the only time testpayment.cmi.co.ma was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 209.38.178.90 14061 (DIGITALOC...)
1 104.18.10.207 13335 (CLOUDFLAR...)
1 104.17.24.14 13335 (CLOUDFLAR...)
13 194.204.226.184 6713 (IAM-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.67 15169 (GOOGLE)
19 6
2    209.38.178.90 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
testcmi.alyf.ai
1    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
13    194.204.226.184 (Rabat, Morocco)

ASN6713 (IAM-AS, MA)
PTR: ll194-184-226-204-194.ll194.iam.net.ma
testpayment.cmi.co.ma
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
13 cmi.co.ma
testpayment.cmi.co.ma
466 KB
2 alyf.ai
testcmi.alyf.ai
6 KB
1 gstatic.com
fonts.gstatic.com
18 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1001 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 257
14 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1352
29 KB
19 6
Domain Requested by
13 testpayment.cmi.co.ma testpayment.cmi.co.ma
2 testcmi.alyf.ai
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com testpayment.cmi.co.ma
1 cdnjs.cloudflare.com testcmi.alyf.ai
1 maxcdn.bootstrapcdn.com testcmi.alyf.ai
19 6
Subject Issuer Validity Valid
admin.alyf.ai
R11		 2024-09-30 -
2024-12-29		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-09-20 -
2024-12-19		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
*.cmi.co.ma
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-08 -
2025-05-09		 a year crt.sh
upload.video.google.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-16 -
2024-12-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://testpayment.cmi.co.ma/fim/est3Dgate
Frame ID: 5BADA111EE888FA31048C6F8D502800D
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Payment request

Page URL History Show full URLs

  1. https://testcmi.alyf.ai/ Page URL
  2. https://testpayment.cmi.co.ma/fim/est3Dgate Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

535 kB
Transfer

689 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://testcmi.alyf.ai/ Page URL
  2. https://testpayment.cmi.co.ma/fim/est3Dgate Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
testcmi.alyf.ai/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://testcmi.alyf.ai/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.38.178.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
69f878c65eeaea2402cc5516e270f115b6248970c5ddcb5546f4f07acded440d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
accept, authorization, content-type, x-requested-with, x-request-id, x-timestamp, x-device-id, x-hmac-signature
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
accept, authorization, content-type, x-requested-with, x-request-id, x-timestamp, x-device-id, x-hmac-signature
access-control-max-age
1728000
content-length
4949
content-type
text/html
date
Tue, 01 Oct 2024 14:25:42 GMT
etag
"66f4eb95-1355"
last-modified
Thu, 26 Sep 2024 05:05:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/ 		157 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css
Requested by
Host: testcmi.alyf.ai
URL: https://testcmi.alyf.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://testcmi.alyf.ai/

Response headers

cdn-status
200
content-encoding
gzip
cf-cache-status
HIT
etag
W/"816af0eddd3b4822c2756227c7e7b7ee"
age
13214353
x-content-type-options
nosniff
date
Tue, 01 Oct 2024 14:25:42 GMT
last-modified
Mon, 25 Jan 2021 22:04:11 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
07/07/2023 01:23:40
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
1281bd6f26fb41ac529db3e4a0a09a30
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.03
cf-ray
8cbd1fa27962ca33-HAM
access-control-allow-origin
*
cdn-edgestorageid
1055
server
cloudflare
cdn-requestcountrycode
DE
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ 		47 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js
Requested by
Host: testcmi.alyf.ai
URL: https://testcmi.alyf.ai/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://testcmi.alyf.ai/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"61182885-3694"
age
986547
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8mFeRHyUM7NyxvBImMh%2FRnbNVw3Xq4sCGhsfeLtOZaaFpQLTjqI1jKvOa8RzN%2Bv4mHZbeZshOcqMHzIorPCNByVeLd%2B6dg%2B7pVZpHXQM0P%2Bi0wqcrGmpAKqymKlzoSed3t8vCyim"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 21 Sep 2025 14:25:42 GMT
date
Tue, 01 Oct 2024 14:25:42 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 14 Aug 2021 20:33:09 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8cbd1fa26a84d2a5-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
13972
server
cloudflare
Primary Request est3Dgate
testpayment.cmi.co.ma/fim/ 		35 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.204.226.184 Rabat, Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
/
Resource Hash
c406f865344457c1f7806a452b8df2c144edfe6a4799ebe1c2cde98f51ef03ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://testcmi.alyf.ai
Referer
https://testcmi.alyf.ai/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Type
text/html;charset=UTF-8
Date
Tue, 01 Oct 2024 14:25:45 GMT
Keep-Alive
timeout=5, max=100
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
favicon.ico
testcmi.alyf.ai/ 		555 B
1006 B 		Other
General
Check archive.org
Download Go to
Full URL
https://testcmi.alyf.ai/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
209.38.178.90 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://testcmi.alyf.ai/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
1728000
access-control-expose-headers
accept, authorization, content-type, x-requested-with, x-request-id, x-timestamp, x-device-id, x-hmac-signature
access-control-allow-credentials
true
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin
*
content-length
555
date
Tue, 01 Oct 2024 14:25:42 GMT
content-type
text/html
access-control-allow-headers
accept, authorization, content-type, x-requested-with, x-request-id, x-timestamp, x-device-id, x-hmac-signature
bootstrap.css
testpayment.cmi.co.ma/fim/resource2/css/ 		138 KB
139 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://testpayment.cmi.co.ma/fim/resource2/css/bootstrap.css
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.204.226.184 Rabat, Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
/
Resource Hash
a99d25bfc13dfa8b6749df087f799555757ce28d9ef410569e15cef9059ac5bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://testpayment.cmi.co.ma/fim/est3Dgate

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
ETag
W/"141732-1696503844000"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
141732
Keep-Alive
timeout=5, max=99
Date
Tue, 01 Oct 2024 14:25:45 GMT
Last-Modified
Thu, 05 Oct 2023 11:04:04 GMT
Content-Type
text/css
font-awesome.css
testpayment.cmi.co.ma/fim/resource2/css/ 		28 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://testpayment.cmi.co.ma/fim/resource2/css/font-awesome.css
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.204.226.184 Rabat, Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
/
Resource Hash
c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://testpayment.cmi.co.ma/fim/est3Dgate

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
ETag
W/"28747-1696503844000"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
28747
Keep-Alive
timeout=5, max=100
Date
Tue, 01 Oct 2024 14:25:45 GMT
Last-Modified
Thu, 05 Oct 2023 11:04:04 GMT
Content-Type
text/css
style.css
testpayment.cmi.co.ma/fim/resource2/css/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://testpayment.cmi.co.ma/fim/resource2/css/style.css
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.204.226.184 Rabat, Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
/
Resource Hash
d4d72ce6fdd8f17e5d45841cab12d3cd966e079dc6ea77a1beac07e08a41a5ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://testpayment.cmi.co.ma/fim/est3Dgate

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
ETag
W/"6823-1696503844000"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
6823
Keep-Alive
timeout=5, max=100
Date
Tue, 01 Oct 2024 14:25:45 GMT
Last-Modified
Thu, 05 Oct 2023 11:04:04 GMT
Content-Type
text/css
jquery-1.10.2.min.js
testpayment.cmi.co.ma/fim/resource2/js/ 		91 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://testpayment.cmi.co.ma/fim/resource2/js/jquery-1.10.2.min.js
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.204.226.184 Rabat, Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
/
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://testpayment.cmi.co.ma/fim/est3Dgate

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
ETag
W/"93107-1696503844000"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
93107
Keep-Alive
timeout=5, max=100
Date
Tue, 01 Oct 2024 14:25:45 GMT
Last-Modified
Thu, 05 Oct 2023 11:04:04 GMT
Content-Type
application/javascript
ajax.js
testpayment.cmi.co.ma/fim/resource2/js/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://testpayment.cmi.co.ma/fim/resource2/js/ajax.js
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.204.226.184 Rabat, Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
/
Resource Hash
e3d3f20b038393d7f1f3966720c1195aa4c5ca860cb763ae98ef1db79450edb5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://testpayment.cmi.co.ma/fim/est3Dgate

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
ETag
W/"11195-1696503844000"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
11195
Keep-Alive
timeout=5, max=100
Date
Tue, 01 Oct 2024 14:25:45 GMT
Last-Modified
Thu, 05 Oct 2023 11:04:04 GMT
Content-Type
application/javascript
merchantLogo.png
testpayment.cmi.co.ma/fim/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://testpayment.cmi.co.ma/fim/merchantLogo.png?dimUid=600004358
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.204.226.184 Rabat, Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
/
Resource Hash
c96106836e1f51a6df0b7aa4db38eb75e35cf1ed892a50a75aef4d96dec77854
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://testpayment.cmi.co.ma/fim/est3Dgate

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
Keep-Alive
timeout=5, max=100
Date
Tue, 01 Oct 2024 14:25:45 GMT
Content-Type
image/png
Connection
Keep-Alive
cartes-min.png
testpayment.cmi.co.ma/fim/resource2/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://testpayment.cmi.co.ma/fim/resource2/img/cartes-min.png
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.204.226.184 Rabat, Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
/
Resource Hash
6a83106cc100949b0343b956e5a020a206800eac015814dee11a0a86e5bdfed9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://testpayment.cmi.co.ma/fim/est3Dgate

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
ETag
W/"11122-1696503844000"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
11122
Keep-Alive
timeout=5, max=99
Date
Tue, 01 Oct 2024 14:25:45 GMT
Last-Modified
Thu, 05 Oct 2023 11:04:04 GMT
Content-Type
image/png
loading.gif
testpayment.cmi.co.ma/fim/resource2/img/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://testpayment.cmi.co.ma/fim/resource2/img/loading.gif
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.204.226.184 Rabat, Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
/
Resource Hash
86fd602c2e7b734a2d72522e22fa99ebf99b868c12822c4f0c19e22b86cd288a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://testpayment.cmi.co.ma/fim/est3Dgate

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
ETag
W/"55429-1696503844000"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
55429
Keep-Alive
timeout=5, max=98
Date
Tue, 01 Oct 2024 14:25:45 GMT
Last-Modified
Thu, 05 Oct 2023 11:04:04 GMT
Content-Type
image/gif
logo_cmi.gif
testpayment.cmi.co.ma/fim/resource2/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://testpayment.cmi.co.ma/fim/resource2/img/logo_cmi.gif
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.204.226.184 Rabat, Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
/
Resource Hash
27803a6c024ce96b7fca4efb59e8e1957db81f6405091ed7624278bdb10454d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://testpayment.cmi.co.ma/fim/est3Dgate

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
ETag
W/"4042-1696503844000"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
4042
Keep-Alive
timeout=5, max=99
Date
Tue, 01 Oct 2024 14:25:45 GMT
Last-Modified
Thu, 05 Oct 2023 11:04:04 GMT
Content-Type
image/gif
illu-secure-min.png
testpayment.cmi.co.ma/fim/resource2/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://testpayment.cmi.co.ma/fim/resource2/img/illu-secure-min.png
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.204.226.184 Rabat, Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
/
Resource Hash
f1c46075a2f2e4829e728dfbe4a1e36a3db29353c6159291f27145499784d7ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://testpayment.cmi.co.ma/fim/est3Dgate

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
ETag
W/"3110-1696503844000"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3110
Keep-Alive
timeout=5, max=98
Date
Tue, 01 Oct 2024 14:25:45 GMT
Last-Modified
Thu, 05 Oct 2023 11:04:04 GMT
Content-Type
image/png
bootstrap.js
testpayment.cmi.co.ma/fim/resource2/js/ 		59 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://testpayment.cmi.co.ma/fim/resource2/js/bootstrap.js
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/est3Dgate
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.204.226.184 Rabat, Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
/
Resource Hash
7970f31907d91bf0f19efe8aefee74d6f0a2d8c72b2f8f20a5e297d3c414a78f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://testpayment.cmi.co.ma/fim/est3Dgate

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
ETag
W/"60681-1696503844000"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
60681
Keep-Alive
timeout=5, max=99
Date
Tue, 01 Oct 2024 14:25:45 GMT
Last-Modified
Thu, 05 Oct 2023 11:04:04 GMT
Content-Type
application/javascript
css
fonts.googleapis.com/ 		2 KB
1001 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: testpayment.cmi.co.ma
URL: https://testpayment.cmi.co.ma/fim/resource2/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
158235a454c29707117f6570f40fcc1e7d143f14dc1af1085979b47cf19e4871
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://testpayment.cmi.co.ma/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 01 Oct 2024 14:25:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 14:25:45 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 01 Oct 2024 13:42:18 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
sffe /
Resource Hash
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://testpayment.cmi.co.ma
Referer
https://fonts.googleapis.com/

Response headers

age
402962
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 26 Sep 2025 22:29:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 26 Sep 2024 22:29:44 GMT
last-modified
Thu, 01 Aug 2024 20:41:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18536
x-xss-protection
0
server
sffe
favicon.ico
testpayment.cmi.co.ma/ 		209 B
614 B 		Other
General
Check archive.org
Download Go to
Full URL
https://testpayment.cmi.co.ma/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
194.204.226.184 Rabat, Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
ll194-184-226-204-194.ll194.iam.net.ma
Software
/
Resource Hash
b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://testpayment.cmi.co.ma/fim/est3Dgate

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Keep-Alive
timeout=5, max=98
Content-Length
209
Date
Tue, 01 Oct 2024 14:25:46 GMT
Content-Type
text/html; charset=iso-8859-1
Connection
Keep-Alive

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| getXMLHttpRequest function| validateCardBrand function| getInstalmentTable function| getInstalmentTableIfParamNotSent function| getInstalmentReadyStateHandler function| getInstalmentReadyStateHandlerIfParamNotSent function| clearInstalment function| addElement function| validateCard function| validateCard_adr function| getReadyStateHandler function| allsame function| submitform function| executer1 function| popup2 function| AppendChild function| validatePORequest function| getParameterByName object| jQuery110202068304472359377 string| url function| isChecked object| amountCur object| symbolCur object| currenciesList

3 Cookies

Domain/Path Name / Value
testpayment.cmi.co.ma/fim/ Name: JSESSIONID
Value: 66D8D1597E31E02D1A840DA1794C0E55
testpayment.cmi.co.ma/fim/ Name: TS015ec20e
Value: 0191bf8dee5daf08223cc093c25ff9d0cb1d2797f345bbf3f93d6774e358bce1b6aabe835b637132cf4b6722436ce2efb1adb1fb0745696edf4c69adb0d8350ca8d880c7ba
testpayment.cmi.co.ma/ Name: TS014b8e0b
Value: 0191bf8dee4f5cbc6bebd8bbf527c9b001e14d433a45bbf3f93d6774e358bce1b6aabe835ba170dc66f0bafafe11018d3595cea64a

2 Console Messages

Source Level URL
Text
network error URL: https://testcmi.alyf.ai/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://testpayment.cmi.co.ma/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
testcmi.alyf.ai
testpayment.cmi.co.ma
104.17.24.14
104.18.10.207
142.250.185.67
194.204.226.184
209.38.178.90
2a00:1450:4001:81c::200a
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
158235a454c29707117f6570f40fcc1e7d143f14dc1af1085979b47cf19e4871
27803a6c024ce96b7fca4efb59e8e1957db81f6405091ed7624278bdb10454d9
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
69f878c65eeaea2402cc5516e270f115b6248970c5ddcb5546f4f07acded440d
6a83106cc100949b0343b956e5a020a206800eac015814dee11a0a86e5bdfed9
7970f31907d91bf0f19efe8aefee74d6f0a2d8c72b2f8f20a5e297d3c414a78f
86fd602c2e7b734a2d72522e22fa99ebf99b868c12822c4f0c19e22b86cd288a
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
a99d25bfc13dfa8b6749df087f799555757ce28d9ef410569e15cef9059ac5bf
b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
c374efba54279628793f04e10ebf5d0c1b4dbc36b3f4132d9235f01d64ca5c8e
c406f865344457c1f7806a452b8df2c144edfe6a4799ebe1c2cde98f51ef03ba
c96106836e1f51a6df0b7aa4db38eb75e35cf1ed892a50a75aef4d96dec77854
d4d72ce6fdd8f17e5d45841cab12d3cd966e079dc6ea77a1beac07e08a41a5ea
e3d3f20b038393d7f1f3966720c1195aa4c5ca860cb763ae98ef1db79450edb5
f1c46075a2f2e4829e728dfbe4a1e36a3db29353c6159291f27145499784d7ea