2m.ma Open in urlscan Pro
104.20.14.136 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.laxmanpalace.com/home/PayPal/app/signin
Effective URL:
https://2m.ma/ar/
Submission Tags: phishing malicious Search All
Submission: On February 09 via api (February 9th 2020, 9:57:58 pm UTC) from US

Summary HTTP 16 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 16 HTTP transactions. The main IP is 104.20.14.136, located in United States and belongs to CLOUDFLARENET, US. The main domain is 2m.ma.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on February 8th 2020. Valid for: 6 months.

This is the only time 2m.ma was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 1	103.212.121.77 103.212.121.77		133296 (WEBWERKS-...) (WEBWERKS-AS-IN Web Werks India Pvt. Ltd.)
1 10	104.20.14.136 104.20.14.136		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200e		15169 (GOOGLE) (GOOGLE)
3	104.20.13.136 104.20.13.136		13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	4

1 103.212.121.77 (India) 1 redirects

ASN133296 (WEBWERKS-AS-IN Web Werks India Pvt. Ltd., IN)
PTR: eternal.herosite.pro

www.laxmanpalace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.20.14.136 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

2m.ma	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.20.13.136 (United States)

ASN13335 (CLOUDFLARENET, US)

2m.ma	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	2m.ma 1 redirects 2m.ma	238 KB
1	google-analytics.com www.google-analytics.com	18 KB
1	laxmanpalace.com 1 redirects www.laxmanpalace.com	96 B
0	doubleclick.net Failed stats.g.doubleclick.net Failed
16	4

	Domain	Requested by
13	2m.ma	1 redirects 2m.ma
1	www.google-analytics.com	2m.ma
1	www.laxmanpalace.com	1 redirects
0	stats.g.doubleclick.net Failed	2m.ma
16	4

This site contains no links.

Subject Issuer	Validity	Valid
ssl368117.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-02-08` - `2020-08-16`	6 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-21` - `2020-04-14`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://2m.ma/ar/
Frame ID: B10A588E1AE8E8CEA6C4A12ADAC88673
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.laxmanpalace.com/home/PayPal/app/signin HTTP 302
https://2m.ma/ HTTP 302
https://2m.ma/ar/ Page URL

Detected technologies

Python (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /(?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)/i

Django (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /(?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)/i

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

script /\/recaptcha\/api\.js/i

Page Statistics

16
Requests

81 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

255 kB
Transfer

363 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.laxmanpalace.com/home/PayPal/app/signin HTTP 302
https://2m.ma/ HTTP 302
https://2m.ma/ar/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=1310386371&t=pageview&_s=1&dl=https%3A%2F%2F2m.ma%2Far%2F&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%20-%202M&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=732410694&gjid=149306331&cid=1727530578.1581285444&tid=UA-16439051-2&_gid=1226404782.1581285444&_r=1&z=1870419202 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-16439051-2&cid=1727530578.1581285444&jid=732410694&_gid=1226404782.1581285444&gjid=149306331&_v=j80&z=1870419202

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request /
2m.ma/ar/
Redirect Chain

https://www.laxmanpalace.com/home/PayPal/app/signin
https://2m.ma/
https://2m.ma/ar/

30 KB
0

132ms
131ms

Document
text/html

104.20.14.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2m.ma/ar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: 2m.ma
:scheme: https
:path: /ar/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
cookie: __cfduid=d7f67ac89fc953a630c065efa764655c21581285444
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-User: ?1

Response headers

status: 200
date: Sun, 09 Feb 2020 21:57:24 GMT
content-type: text/html; charset=utf-8
vary: Cookie
x-cache-ttl: 2m
content-language: ar
set-cookie: csrftoken=hJoC39OafnH4HrF3YIPHiT1YmHX7hpfX; expires=Sun, 07-Feb-2021 21:56:54 GMT; Max-Age=31449600; Path=/
x-varnish: 257197405 241474037
age: 30
via: 1.1 varnish-v4
x-cache: HIT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5629194acb3abdd2-AMS
content-encoding: gzip

Redirect headers

status: 302
date: Sun, 09 Feb 2020 21:57:24 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d7f67ac89fc953a630c065efa764655c21581285444; expires=Tue, 10-Mar-20 21:57:24 GMT; path=/; domain=.2m.ma; HttpOnly; SameSite=Lax
vary: Cookie
location: /ar/
x-varnish: 249465798
age: 0
via: 1.1 varnish-v4
x-cache: MISS
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 56291949b9e3bdd2-AMS

GET
H2 200 vSC4oVFecTkvtww2xzzNkkv_C9Q.js Show response
2m.ma/cdn-cgi/apps/head/ 6 KB
2 KB 27ms
25ms Script
application/javascript 104.20.14.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2m.ma/cdn-cgi/apps/head/vSC4oVFecTkvtww2xzzNkkv_C9Q.js
Requested by: Host: 2m.ma
URL: https://2m.ma/ar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 569f0615d7b0e6cb50dcf3ea74ce5eaddd77fa8de79d5953db9738b36806f4df

Request headers

Referer: https://2m.ma/ar/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 09 Feb 2020 21:57:24 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3192598
status: 200
content-type: application/javascript; charset=utf-8
content-length: 2027
x-amz-id-2: q80DbZNiy0NAwLEsTsMpzTSd6JrCAy6rtSAglCT6NiFFUTtIv0dMbMJQjdgFZ2kB/X+5LIITjK0=
last-modified: Mon, 24 Jul 2017 18:55:15 GMT
server: cloudflare
etag: "c0c26b2684deb69268c2bfdfc6f204af"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: CDACE07C6B462C1B
cache-control: public, max-age=31536000
x-amz-version-id: 4HHJdEJ.JxixMocvJZ1cXxy6vjd4PQrN
accept-ranges: bytes
cf-ray: 5629194bac48bdd2-AMS

GET
H2 200 desktop.arabic.min.css
2m.ma/static/generated/ 63 KB
13 KB 32ms
30ms Stylesheet
text/css 104.20.14.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2m.ma/static/generated/desktop.arabic.min.css?t=32484
Requested by: Host: 2m.ma
URL: https://2m.ma/ar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e7c03edd0c270ae16580c6f098929ff3d9352b56adaab1864f157dc2413b87d

Request headers

Referer: https://2m.ma/ar/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 09 Feb 2020 21:57:24 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 452607
x-cache: MISS
status: 200
content-type: text/css
content-length: 13393
pragma: public
last-modified: Sat, 30 Dec 2017 00:11:50 GMT
server: cloudflare
etag: W/"5a46d9c6-fa58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 5806881
via: 1.1 varnish-v4
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 5629194bac44bdd2-AMS
expires: Tue, 11 Feb 2020 16:13:57 GMT

GET
H2 200 2m.png
2m.ma/static/images/animated-logo/ 5 KB
5 KB 41ms
39ms Image
image/png 104.20.14.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2m.ma/static/images/animated-logo/2m.png
Requested by: Host: 2m.ma
URL: https://2m.ma/ar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9df1486c30794a66038424122c0610a2c0af663fc839fc72caff730a7742d23d

Request headers

Referer: https://2m.ma/ar/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 09 Feb 2020 21:57:24 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 169962
x-cache: MISS
status: 200
content-type: image/png
content-length: 5173
pragma: public
last-modified: Tue, 06 Sep 2016 10:00:56 GMT
server: cloudflare
etag: "57ce93d8-1435"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 710312425
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 5629194bac4abdd2-AMS
expires: Fri, 14 Feb 2020 22:44:42 GMT

GET
H2 200 shape.png
2m.ma/static/images/animated-logo/ 4 KB
4 KB 33ms
32ms Image
image/png 104.20.14.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2m.ma/static/images/animated-logo/shape.png
Requested by: Host: 2m.ma
URL: https://2m.ma/ar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 987be6f0e092cb97f4e2218d5035a0f05bf4e25db73992e236ca4b449ee22758

Request headers

Referer: https://2m.ma/ar/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 09 Feb 2020 21:57:24 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 169962
x-cache: MISS
status: 200
content-type: image/png
content-length: 4207
pragma: public
last-modified: Fri, 07 Oct 2016 11:36:19 GMT
server: cloudflare
etag: "57f788b3-106f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 145458461
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 5629194bac4dbdd2-AMS
expires: Fri, 14 Feb 2020 22:44:42 GMT

GET
H2 200 ma.png
2m.ma/static/images/animated-logo/ 4 KB
4 KB 31ms
31ms Image
image/png 104.20.14.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2m.ma/static/images/animated-logo/ma.png
Requested by: Host: 2m.ma
URL: https://2m.ma/ar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52a2de38a98b958dd6355e62686e814f62bfbab13fb3f9322cae3e6dc734890d

Request headers

Referer: https://2m.ma/ar/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 09 Feb 2020 21:57:24 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 166030
x-cache: MISS
status: 200
content-type: image/png
content-length: 4345
pragma: public
last-modified: Fri, 07 Oct 2016 11:36:19 GMT
server: cloudflare
etag: "57f788b3-10f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 145492524
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 5629194bdc80bdd2-AMS
expires: Fri, 14 Feb 2020 23:50:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 2m.ma
URL: https://2m.ma/cdn-cgi/apps/head/vSC4oVFecTkvtww2xzzNkkv_C9Q.js

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://2m.ma/ar/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 01:10:36 GMT
server: Golfe2
age: 5032
date: Sun, 09 Feb 2020 20:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17926
expires: Sun, 09 Feb 2020 22:33:32 GMT

GET
H2 200 hide.png
2m.ma/static/images/animated-logo/ 3 KB
3 KB 33ms
32ms Image
image/png 104.20.14.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2m.ma/static/images/animated-logo/hide.png
Requested by: Host: 2m.ma
URL: https://2m.ma/ar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da26e1f59a27221d029f34d10b6601cdf5d44bc31f4141d49c630af74ccdbab3

Request headers

Referer: https://2m.ma/static/generated/desktop.arabic.min.css?t=32484
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 09 Feb 2020 21:57:24 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 160067
x-cache: MISS
status: 200
content-type: image/png
content-length: 3057
pragma: public
last-modified: Tue, 06 Sep 2016 10:00:56 GMT
server: cloudflare
etag: "57ce93d8-bf1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 724767703
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 5629194bec92bdd2-AMS
expires: Sat, 15 Feb 2020 01:29:37 GMT

GET
H2 200 roboto-regular-webfont.woff2
2m.ma/static/fonts/ 19 KB
19 KB 30ms
30ms Font
text/html 104.20.14.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2m.ma/static/fonts/roboto-regular-webfont.woff2
Requested by: Host: 2m.ma
URL: https://2m.ma/ar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0081cc7cea10244f3bae6bad75c914768ece17953b86ce3a2b5c99d21c9815e6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://2m.ma/static/generated/desktop.arabic.min.css?t=32484
Origin: https://2m.ma

Response headers

date: Sun, 09 Feb 2020 21:57:24 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 209293
cf-ray: 5629194bec90bdd2-AMS
x-cache: MISS
status: 200
content-encoding: gzip
pragma: public
last-modified: Wed, 20 Jul 2016 08:28:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 115344251
cache-control: public, max-age=604800
content-type: text/html
expires: Fri, 14 Feb 2020 11:49:11 GMT

GET
H2 200 droidkufi-regular-webfont.woff2
2m.ma/static/fonts/ 0
0 37ms
37ms Font
text/html 104.20.14.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2m.ma/static/fonts/droidkufi-regular-webfont.woff2
Requested by: Host: 2m.ma
URL: https://2m.ma/ar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.14.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://2m.ma/static/generated/desktop.arabic.min.css?t=32484
Origin: https://2m.ma

Response headers

date: Sun, 09 Feb 2020 21:57:24 GMT
via: 1.1 varnish-v4
cf-cache-status: HIT
age: 261399
cf-ray: 5629194beca4bdd2-AMS
x-cache: MISS
status: 200
content-encoding: gzip
pragma: public
last-modified: Wed, 20 Jul 2016 08:28:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 107513321
cache-control: public, max-age=604800
content-type: text/html
expires: Thu, 13 Feb 2020 21:20:44 GMT

GET

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j80&a=1310386371&t=pageview&_s=1&dl=https%3A%2F%2F2m.ma%2Far%2F&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%20-%202M&sd=2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-16439051-2&cid=1727530578.1581285444&jid=732410694&_gid=1226404782.1581285444&gjid=149306331&_v=j80&z=1870419202

0
0

GET roboto-medium-webfont.woff2
2m.ma/static/fonts/ 0
0

GET droidkufi-bold-webfont.woff2
2m.ma/static/fonts/ 0
0

GET
H2 200 roboto-medium-webfont.woff
2m.ma/static/fonts/ 25 KB
25 KB 2374ms
2340ms Font
application/font-woff 104.20.13.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2m.ma/static/fonts/roboto-medium-webfont.woff
Requested by: Host: 2m.ma
URL: https://2m.ma/ar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.13.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce082ea9fec60e4c64cbd40981d987f220586f2fb593358d10d4099e5eebae58

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://2m.ma/static/generated/desktop.arabic.min.css?t=32484
Origin: https://2m.ma

Response headers

date: Sun, 09 Feb 2020 21:57:26 GMT
via: 1.1 varnish-v4
cf-cache-status: MISS
x-cache: MISS
status: 200
content-encoding: gzip
content-type: application/font-woff
pragma: public
last-modified: Wed, 20 Jul 2016 08:28:10 GMT
server: cloudflare
etag: W/"578f361a-627c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 261357943
cache-control: public, max-age=604800
cf-ray: 5629194c6aaed915-AMS
expires: Sun, 16 Feb 2020 21:57:26 GMT

GET
H2 200 droidkufi-bold-webfont.woff
2m.ma/static/fonts/ 80 KB
80 KB 2493ms
2459ms Font
application/font-woff 104.20.13.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2m.ma/static/fonts/droidkufi-bold-webfont.woff
Requested by: Host: 2m.ma
URL: https://2m.ma/ar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.13.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b48986575f783b877e48d749f70b6ba9289db70a0b85f7686ee9a7f8144eafaa

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://2m.ma/static/generated/desktop.arabic.min.css?t=32484
Origin: https://2m.ma

Response headers

date: Sun, 09 Feb 2020 21:57:26 GMT
via: 1.1 varnish-v4
cf-cache-status: MISS
x-cache: MISS
status: 200
content-encoding: gzip
content-type: application/font-woff
pragma: public
last-modified: Wed, 20 Jul 2016 08:28:10 GMT
server: cloudflare
etag: W/"578f361a-140bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 258867546
cache-control: public, max-age=604800
cf-ray: 5629194c6ab4d915-AMS
expires: Sun, 16 Feb 2020 21:57:26 GMT

GET
H2 200 droidkufi-regular-webfont.woff
2m.ma/static/fonts/ 81 KB
81 KB 2502ms
2469ms Font
application/font-woff 104.20.13.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2m.ma/static/fonts/droidkufi-regular-webfont.woff
Requested by: Host: 2m.ma
URL: https://2m.ma/ar/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.13.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76fb8f544b80acb1019eb6a3608ff4270be0aa9b9d2291af19c6dc697be57fb9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://2m.ma/static/generated/desktop.arabic.min.css?t=32484
Origin: https://2m.ma

Response headers

date: Sun, 09 Feb 2020 21:57:26 GMT
via: 1.1 varnish-v4
cf-cache-status: MISS
x-cache: MISS
status: 200
content-encoding: gzip
content-type: application/font-woff
pragma: public
last-modified: Wed, 20 Jul 2016 08:28:10 GMT
server: cloudflare
etag: W/"578f361a-14448"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 260145948
cache-control: public, max-age=604800
cf-ray: 5629194c6ab1d915-AMS
expires: Sun, 16 Feb 2020 21:57:26 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: stats.g.doubleclick.net
URL: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-16439051-2&cid=1727530578.1581285444&jid=732410694&_gid=1226404782.1581285444&gjid=149306331&_v=j80&z=1870419202

Domain: 2m.ma
URL: https://2m.ma/static/fonts/roboto-medium-webfont.woff2

Domain: 2m.ma
URL: https://2m.ma/static/fonts/droidkufi-bold-webfont.woff2

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| Eager object| CloudflareApps string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2m.ma
stats.g.doubleclick.net
www.google-analytics.com
www.laxmanpalace.com
2m.ma
stats.g.doubleclick.net
103.212.121.77
104.20.13.136
104.20.14.136
2a00:1450:4001:806::200e
0081cc7cea10244f3bae6bad75c914768ece17953b86ce3a2b5c99d21c9815e6
2e7c03edd0c270ae16580c6f098929ff3d9352b56adaab1864f157dc2413b87d
52a2de38a98b958dd6355e62686e814f62bfbab13fb3f9322cae3e6dc734890d
569f0615d7b0e6cb50dcf3ea74ce5eaddd77fa8de79d5953db9738b36806f4df
76fb8f544b80acb1019eb6a3608ff4270be0aa9b9d2291af19c6dc697be57fb9
987be6f0e092cb97f4e2218d5035a0f05bf4e25db73992e236ca4b449ee22758
9df1486c30794a66038424122c0610a2c0af663fc839fc72caff730a7742d23d
b48986575f783b877e48d749f70b6ba9289db70a0b85f7686ee9a7f8144eafaa
ce082ea9fec60e4c64cbd40981d987f220586f2fb593358d10d4099e5eebae58
da26e1f59a27221d029f34d10b6601cdf5d44bc31f4141d49c630af74ccdbab3
e7edf06d6436ec9420c26e56bd02ef5f5c93a9fb189ed16b1db402e57a0ea796