urlscan.io logo urlscan.io
SecurityTrails logo

shellmaroc.wafr.co Open in urlscan Pro
2620:1ec:29:1::40  Public Scan

Go To Rescan Add Verdict Report
URL: https://shellmaroc.wafr.co/
Submission: On August 23 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 9 HTTP transactions. The main IP is 2620:1ec:29:1::40, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is shellmaroc.wafr.co.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on August 23rd 2023. Valid for: a year.
This is the only time shellmaroc.wafr.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2620:1ec:29:1... 8075 (MICROSOFT...)
1 20.107.224.16 8075 (MICROSOFT...)
1 64.185.227.156 18450 (WEBNX)
1 2620:0:861:ed... 14907 (WIKIMEDIA)
1 2600:141b:900... 20940 (AKAMAI-ASN1)
1 81.192.44.66 6713 (IAM-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 7
3    2620:1ec:29:1::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
shellmaroc.wafr.co
1    20.107.224.16 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
api.wafr.co
1    64.185.227.156 (Los Angeles, United States)

ASN18450 (WEBNX, US)
PTR: 64-185-227-156.static.webnx.com
api.ipify.org
1    2620:0:861:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)
upload.wikimedia.org
1    2600:141b:9000::687c:2a9 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
fr.le360.ma
1    81.192.44.66 (Mohammedia, Morocco)

ASN6713 (IAM-AS, MA)
PTR: adsl-66-44-192-81.adsl.iam.net.ma
www.iam.ma
1    2606:4700::6812:1d50 (United States)

ASN13335 (CLOUDFLARENET, US)
www.mapbusiness.ma
Apex Domain
Subdomains		 Transfer
4 wafr.co
shellmaroc.wafr.co
api.wafr.co
142 KB
1 mapbusiness.ma
www.mapbusiness.ma
31 KB
1 iam.ma
www.iam.ma
28 KB
1 le360.ma
fr.le360.ma — Cisco Umbrella Rank: 602131
5 KB
1 wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 3161
88 KB
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2997
222 B
9 6
Domain Requested by
3 shellmaroc.wafr.co shellmaroc.wafr.co
1 www.mapbusiness.ma
1 www.iam.ma
1 fr.le360.ma
1 upload.wikimedia.org
1 api.ipify.org shellmaroc.wafr.co
1 api.wafr.co shellmaroc.wafr.co
9 7

This site contains no links.

Subject Issuer Validity Valid
shellmaroc.wafr.co
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-23 -
2024-08-23		 a year crt.sh
api.wafr.co
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-08-06 -
2024-02-06		 6 months crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2023-02-07 -
2024-02-18		 a year crt.sh
*.wikipedia.org
R3		 2023-06-23 -
2023-09-21		 3 months crt.sh
le360.web.arc-cdn.net
R3		 2023-08-17 -
2023-11-15		 3 months crt.sh
*.iam.ma
Go Daddy Secure Certificate Authority - G2		 2023-02-16 -
2024-03-19		 a year crt.sh
mapbusiness.ma
E1		 2023-08-03 -
2023-11-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://shellmaroc.wafr.co/
Frame ID: 000032D9FA9A7B2EB2D3EDEC9890B7B5
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Shell

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

9
Requests

100 %
HTTPS

57 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

295 kB
Transfer

587 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
shellmaroc.wafr.co/ 		640 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shellmaroc.wafr.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0aae6983c35d1a9106cbd6de9c208988dc429aabde06aff45e6f42dcfae0558e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-length
640
content-md5
f79pOwvlxeWeRTaJCWByPw==
content-type
text/html
date
Wed, 23 Aug 2023 12:31:22 GMT
etag
"0x8DBA2FA3C75FE3E"
last-modified
Tue, 22 Aug 2023 10:26:24 GMT
x-azure-ref
0GvzlZAAAAACCRlxXanMURqF/1NvouuDsQk4xQUEyMDUxMDE5MDA5ADA0YThjNmE1LWQ2YTgtNGZkNi05Nzk0LWNlODJmYzdkY2ZkZg==
x-azure-ref-originshield
0GvzlZAAAAADkGOexYNPvRrPIQoM8wI6MTU5aMjIxMDYwNjExMDM3ADA0YThjNmE1LWQ2YTgtNGZkNi05Nzk0LWNlODJmYzdkY2ZkZg==
x-cache
TCP_MISS
x-ms-request-id
9f5f7c57-901e-004a-6dbd-d517f3000000
x-ms-version
2018-03-28
main.c31a9a2a.js
shellmaroc.wafr.co/static/js/ 		416 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shellmaroc.wafr.co/static/js/main.c31a9a2a.js
Requested by
Host: shellmaroc.wafr.co
URL: https://shellmaroc.wafr.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6323d2f3b0bc7b4c87bd91075edba5b3944b667183a406094588fa30ab8c9cc3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://shellmaroc.wafr.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 12:31:22 GMT
content-encoding
br
last-modified
Tue, 22 Aug 2023 10:26:24 GMT
x-azure-ref-originshield
0GvzlZAAAAAADXzTmAbOQT4+fjwL7eJnVTU5aMjIxMDYwNjExMDQ1ADA0YThjNmE1LWQ2YTgtNGZkNi05Nzk0LWNlODJmYzdkY2ZkZg==
content-md5
+lBlMD8T+KfHWG8lcVDEYw==
etag
"0x8DBA2FA3CC01BE9"
x-azure-ref
0GvzlZAAAAAC/5srS59gJTqIiWwTecHmgQk4xQUEyMDUxMDE5MDA5ADA0YThjNmE1LWQ2YTgtNGZkNi05Nzk0LWNlODJmYzdkY2ZkZg==
x-cache
TCP_MISS
content-type
application/javascript
x-ms-request-id
4fa0f9ad-f01e-0097-26bd-d5e271000000
x-ms-version
2018-03-28
accept-ranges
bytes
main.8d23cf37.css
shellmaroc.wafr.co/static/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://shellmaroc.wafr.co/static/css/main.8d23cf37.css
Requested by
Host: shellmaroc.wafr.co
URL: https://shellmaroc.wafr.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:29:1::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7edbcdf4645a9f42b8525ecd840dcc9485cfbbb2febec3f734c511d0907f0c8b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://shellmaroc.wafr.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 12:31:22 GMT
content-encoding
br
last-modified
Tue, 22 Aug 2023 10:26:25 GMT
x-azure-ref-originshield
0GvzlZAAAAAB10Xe/wHWcR6bM+z3D8l7fTU5aMjIxMDYwNjExMDQ1ADA0YThjNmE1LWQ2YTgtNGZkNi05Nzk0LWNlODJmYzdkY2ZkZg==
content-md5
o+dyC+29h/zgu2RpyRfJnA==
etag
"0x8DBA2FA3D4CB740"
x-azure-ref
0GvzlZAAAAADI1rmwJnz2TIRVAarkkohpQk4xQUEyMDUxMDE5MDA5ADA0YThjNmE1LWQ2YTgtNGZkNi05Nzk0LWNlODJmYzdkY2ZkZg==
x-cache
TCP_MISS
content-type
text/css
x-ms-request-id
8693e550-401e-0059-6cbd-d533ff000000
x-ms-version
2018-03-28
accept-ranges
bytes
GetTopupOffers
api.wafr.co/api/applicationConfigs/ 		18 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.wafr.co/api/applicationConfigs/GetTopupOffers
Requested by
Host: shellmaroc.wafr.co
URL: https://shellmaroc.wafr.co/static/js/main.c31a9a2a.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.107.224.16 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Kestrel /
Resource Hash
bb61bd9e1d023b33033c58c54fe7b710d2696e89169bde3eefb8a32e59e342f3
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json, text/plain, */*
Referer
https://shellmaroc.wafr.co/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 23 Aug 2023 12:31:23 GMT
Strict-Transport-Security
max-age=2592000
Content-Type
application/json; charset=utf-8
Server
Kestrel
Content-Length
18189
Request-Context
appId=cid-v1:3ba9a1dc-ab91-4927-a51a-2e1eaa6dff33
/
api.ipify.org/ 		22 B
222 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: shellmaroc.wafr.co
URL: https://shellmaroc.wafr.co/static/js/main.c31a9a2a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
64.185.227.156 Los Angeles, United States, ASN18450 (WEBNX, US),
Reverse DNS
64-185-227-156.static.webnx.com
Software
nginx/1.25.1 /
Resource Hash
c3f0c5bd17ead8dcb853264a2c853c2b6612212c0c17d0742d458412886257f6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://shellmaroc.wafr.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 23 Aug 2023 12:31:24 GMT
Server
nginx/1.25.1
Connection
keep-alive
Content-Length
22
Vary
Origin
Content-Type
application/json
1200px-Shell_logo.svg.png
upload.wikimedia.org/wikipedia/en/thumb/e/e8/Shell_logo.svg/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/en/thumb/e/e8/Shell_logo.svg/1200px-Shell_logo.svg.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:861:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/9.1.4 /
Resource Hash
fe2bae5a4d129aafae03246b7cf4ebf3856c10cb4b2105e7dd6270625c5aa4a7
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://shellmaroc.wafr.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 03:01:52 GMT
strict-transport-security
max-age=106384710; includeSubDomains; preload
x-content-type-options
nosniff
nel
{ "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age
34171
x-cache-status
hit-front
x-cache
cp1076 hit, cp1090 hit/5
content-disposition
inline;filename*=UTF-8''Shell_logo.svg.png
server-timing
cache;desc="hit-front", host;desc="cp1090"
content-length
89516
x-client-ip
2001:550:1d05:1::10
last-modified
Sun, 23 Jan 2022 05:57:14 GMT
server
ATS/9.1.4
etag
10b7c980d69465dc1a02e23906a36e97
report-to
{ "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges
bytes
timing-allow-origin
*
RD2KJECT6NA7TCYUIFXEXXB6VU.jpg
fr.le360.ma/resizer/9VVKJiC3oPM658FSpMOX1pLUTvE=/1200x630/cloudfront-eu-central-1.images.arcpublishing.com/le360/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fr.le360.ma/resizer/9VVKJiC3oPM658FSpMOX1pLUTvE=/1200x630/cloudfront-eu-central-1.images.arcpublishing.com/le360/RD2KJECT6NA7TCYUIFXEXXB6VU.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::687c:2a9 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
64138ad3e4ddcb70af45f5be5b4fc4699a09805363bf0eaacdbdc2393be12093
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests, upgrade-insecure-requests

Request headers

accept-language
en-US,en;q=0.9
Referer
https://shellmaroc.wafr.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

akamai-true-ttl
31536000
content-security-policy
upgrade-insecure-requests, upgrade-insecure-requests
date
Wed, 23 Aug 2023 12:31:25 GMT
last-modified
Tue, 22 Aug 2023 08:53:16 GMT
server
Akamai Image Manager
etag
"2b0ff143e9f08dec56dc258a13cd6dd5ad735d45"
x-arc-request-id
0.a5027c68.1692793885.1aa531ab
content-type
image/avif
cache-control
private, no-transform, max-age=31436568
content-length
4635
expires
Wed, 21 Aug 2024 08:54:13 GMT
maroc-telecom-bleu-fr-grande.jpg
www.iam.ma/ImagesMarocTelecom/Phototh%C3%A8que/Images-grandes/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.iam.ma/ImagesMarocTelecom/Phototh%C3%A8que/Images-grandes/maroc-telecom-bleu-fr-grande.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
81.192.44.66 Mohammedia, Morocco, ASN6713 (IAM-AS, MA),
Reverse DNS
adsl-66-44-192-81.adsl.iam.net.ma
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
972a0a911c5e3476065b0617d154fce5ce063b53c98f4beb640351a23a1c0d72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://shellmaroc.wafr.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date
Wed, 23 Aug 2023 12:14:51 GMT
X-Content-Type-Options
nosniff
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
request-id
e847d3a0-a31e-c0bd-0c38-a5f3ad6dfe5c
Content-Length
28233
MicrosoftSharePointTeamServices
16.0.0.10381
X-MS-InvokeApp
1; RequireReadOnly
Last-Modified
Mon, 18 Aug 2014 04:45:39 GMT
Server
Microsoft-IIS/10.0
SPRequestGuid
e847d3a0-a31e-c0bd-0c38-a5f3ad6dfe5c
ETag
"{BE4F83FB-A798-49B7-AEDB-32089C04DB24},8pub"
X-FRAME-OPTIONS
SAMEORIGIN
Content-Type
image/jpeg
Cache-Control
public, max-age=86400
Accept-Ranges
bytes
orange-logo.jpg
www.mapbusiness.ma/wp-content/uploads/2023/03/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mapbusiness.ma/wp-content/uploads/2023/03/orange-logo.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1d50 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
144f44aff709ad2a956d4694eaf016b9fc102b616192f21c4916d6a3865a2e71

Request headers

accept-language
en-US,en;q=0.9
Referer
https://shellmaroc.wafr.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date
Wed, 23 Aug 2023 12:31:25 GMT
cf-cache-status
MISS
last-modified
Mon, 13 Mar 2023 19:10:26 GMT
server
cloudflare
etag
"7c37-5f6ccdd0e72ed"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
7fb35f555a490325-MIA
content-length
31799

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| webpackChunkshell

0 Cookies