2m.ma Open in urlscan Pro
104.20.13.136 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://old-antiek.ru/Gold/app/signin
Effective URL:
http://2m.ma/ar/
Submission Tags: phishing malicious Search All
Submission: On May 19 via api (May 19th 2020, 1:35:19 pm UTC) from US

Summary HTTP 28 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 3 domains to perform 28 HTTP transactions. The main IP is 104.20.13.136, located in United States and belongs to CLOUDFLARENET, US. The main domain is 2m.ma.

This is the only time 2m.ma was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	81.177.140.93 81.177.140.93	8342 (RTCOMM-AS) (RTCOMM-AS)
1 6	104.20.13.136 104.20.13.136	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
28	3

1 81.177.140.93 (Moscow, Russian Federation) 1 redirects

ASN8342 (RTCOMM-AS, RU)
PTR: srv87-h-st.jino.ru

old-antiek.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.20.13.136 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

2m.ma	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	2m.ma 1 redirects 2m.ma	24 KB
1	google-analytics.com www.google-analytics.com	18 KB
1	old-antiek.ru 1 redirects old-antiek.ru	323 B
28	3

	Domain	Requested by
6	2m.ma	1 redirects 2m.ma
1	www.google-analytics.com	2m.ma
1	old-antiek.ru	1 redirects
28	3

This site contains no links.

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://2m.ma/ar/
Frame ID: F408FAE2D07DCBE9CB31D029A23987FA
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://old-antiek.ru/Gold/app/signin HTTP 302
http://2m.ma/ HTTP 302
http://2m.ma/ar/ Page URL

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

28
Requests

4 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

41 kB
Transfer

238 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://old-antiek.ru/Gold/app/signin HTTP 302
http://2m.ma/ HTTP 302
http://2m.ma/ar/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 12

http://www.google-analytics.com/r/collect?v=1&_v=j82&a=1331425320&t=pageview&_s=1&dl=http%3A%2F%2F2m.ma%2Far%2F&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%20-%202M&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1051937302&gjid=2088108058&cid=623082786.1589895298&tid=UA-16439051-2&_gid=2118228185.1589895298&_r=1&z=1678873135 HTTP 307
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1331425320&t=pageview&_s=1&dl=http%3A%2F%2F2m.ma%2Far%2F&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%20-%202M&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1051937302&gjid=2088108058&cid=623082786.1589895298&tid=UA-16439051-2&_gid=2118228185.1589895298&_r=1&z=1678873135

28 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set /
2m.ma/ar/
Redirect Chain

https://old-antiek.ru/Gold/app/signin
http://2m.ma/
http://2m.ma/ar/

119 KB
0

172ms
172ms

Document
text/html

104.20.13.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://2m.ma/ar/
Protocol: HTTP/1.1
Server: 104.20.13.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Host: 2m.ma
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Cookie: __cfduid=da361d362cd460d8764c0173522dec51e1589895297
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 19 May 2020 13:34:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Cookie
X-Cache-ttl: 1m
Content-Language: ar
Set-Cookie: csrftoken=kG0qm0EygSCMjc91T8s70YReARrkEPio; expires=Tue, 18-May-2021 13:33:59 GMT; Max-Age=31449600; Path=/
X-Varnish: 503138773 508399361
Age: 59
Via: 1.1 varnish-v4
X-Cache: HIT
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 595e32ca3a87d905-AMS
Content-Encoding: gzip
cf-request-id: 02cebe12640000d905cf228200000001

Redirect headers

Date: Tue, 19 May 2020 13:34:57 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=da361d362cd460d8764c0173522dec51e1589895297; expires=Thu, 18-Jun-20 13:34:57 GMT; path=/; domain=.2m.ma; HttpOnly; SameSite=Lax
Vary: Cookie
Location: /ar/
X-Varnish: 503138770
Age: 0
Via: 1.1 varnish-v4
X-Cache: MISS
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 595e32c9087dd905-AMS
cf-request-id: 02cebe11a10000d905cf219200000001

GET
H/1.1 200
OK vSC4oVFecTkvtww2xzzNkkv_C9Q.js
2m.ma/cdn-cgi/apps/head/ 6 KB
3 KB 132ms
100ms Script
application/javascript 104.20.13.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://2m.ma/cdn-cgi/apps/head/vSC4oVFecTkvtww2xzzNkkv_C9Q.js
Requested by: Host: 2m.ma
URL: http://2m.ma/ar/
Protocol: HTTP/1.1
Server: 104.20.13.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://2m.ma/ar/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 19 May 2020 13:34:57 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 979681
CF-RAY: 595e32cbb92a9d5a-AMS
Connection: keep-alive
Content-Length: 2027
x-amz-id-2: ZsMRCIaICROrevX//CZWAUm8p/7lO0N4+hy1tEfqZU+HSvujUCxihpi/JwLXXE1BEnATsfGMyzQ=
Last-Modified: Mon, 24 Jul 2017 18:55:15 GMT
Server: cloudflare
ETag: "c0c26b2684deb69268c2bfdfc6f204af"
Vary: Accept-Encoding
x-amz-request-id: 7B4FBC9A1845177D
Cache-Control: public, max-age=31536000
x-amz-version-id: 4HHJdEJ.JxixMocvJZ1cXxy6vjd4PQrN
cf-request-id: 02cebe135300009d5a6a891200000001
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK desktop.arabic.min.css
2m.ma/static/generated/ 63 KB
14 KB 158ms
127ms Stylesheet
text/css 104.20.13.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://2m.ma/static/generated/desktop.arabic.min.css?t=32484
Requested by: Host: 2m.ma
URL: http://2m.ma/ar/
Protocol: HTTP/1.1
Server: 104.20.13.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://2m.ma/ar/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 19 May 2020 13:34:57 GMT
Via: 1.1 varnish-v4
CF-Cache-Status: HIT
Age: 109258
Transfer-Encoding: chunked
X-Cache: MISS
Content-Type: text/css
Connection: keep-alive
Content-Encoding: gzip
cf-request-id: 02cebe135200002b3e01a70200000001
Pragma: public
Last-Modified: Sat, 30 Dec 2017 00:11:50 GMT
Server: cloudflare
ETag: W/"5a46d9c6-fa58"
Vary: Accept-Encoding
X-Varnish: 94744018
Expires: Mon, 25 May 2020 07:13:59 GMT
Cache-Control: public, max-age=604800
CF-RAY: 595e32cbbbff2b3e-AMS
Cf-Bgj: h2pri

GET
H/1.1 200
OK 2m.png
2m.ma/static/images/animated-logo/ 5 KB
6 KB 71ms
70ms Image
image/png 104.20.13.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://2m.ma/static/images/animated-logo/2m.png
Requested by: Host: 2m.ma
URL: http://2m.ma/ar/
Protocol: HTTP/1.1
Server: 104.20.13.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://2m.ma/ar/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 19 May 2020 13:34:57 GMT
Via: 1.1 varnish-v4
CF-Cache-Status: HIT
Age: 308044
CF-RAY: 595e32cc297e9d5a-AMS
X-Cache: MISS
Connection: keep-alive
Content-Length: 5173
cf-request-id: 02cebe139a00009d5a6a896200000001
Pragma: public
Last-Modified: Tue, 06 Sep 2016 10:00:56 GMT
Server: cloudflare
ETag: "57ce93d8-1435"
Vary: Accept-Encoding
X-Varnish: 205029625
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Content-Type: image/png
Expires: Sat, 23 May 2020 00:00:53 GMT

GET shape.png
2m.ma/static/images/animated-logo/ 0
0

GET ma.png
2m.ma/static/images/animated-logo/ 0
0

GET sun.png
2m.ma/static/images/icons/ 0
0

GET
H2

200

analytics.js
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

45 KB
18 KB

7ms
7ms

Script
text/javascript

2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 2m.ma
URL: http://2m.ma/ar/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://2m.ma/ar/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 2318
date: Tue, 19 May 2020 12:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Tue, 19 May 2020 14:56:19 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK fb.png
2m.ma/static/images/icons/ 1 KB
2 KB 113ms
71ms Image
image/png 104.20.13.136
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://2m.ma/static/images/icons/fb.png
Requested by: Host: 2m.ma
URL: http://2m.ma/ar/
Protocol: HTTP/1.1
Server: 104.20.13.136 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://2m.ma/ar/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 19 May 2020 13:34:58 GMT
Via: 1.1 varnish-v4
CF-Cache-Status: HIT
Age: 593291
X-Cache: MISS
Content-Type: image/png
Connection: keep-alive
Content-Length: 1073
cf-request-id: 02cebe13d300002b3e01a7a200000001
Pragma: public
Last-Modified: Wed, 20 Jul 2016 08:29:19 GMT
Server: cloudflare
ETag: "578f365f-431"
Vary: Accept-Encoding
X-Varnish: 7707538
Expires: Mon, 18 May 2020 12:31:34 GMT
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
CF-RAY: 595e32cc8c472b3e-AMS
Cf-Bgj: h2pri

GET youtube.png
2m.ma/static/images/icons/ 0
0

GET twitter.png
2m.ma/static/images/icons/ 0
0

GET instagram.png
2m.ma/static/images/icons/ 0
0

GET px.gif
2m.ma/static/images/ 0
0

GET

collect
www.google-analytics.com/r/
Redirect Chain

http://www.google-analytics.com/r/collect?v=1&_v=j82&a=1331425320&t=pageview&_s=1&dl=http%3A%2F%2F2m.ma%2Far%2F&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%20-%202M&sd=24-...
https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1331425320&t=pageview&_s=1&dl=http%3A%2F%2F2m.ma%2Far%2F&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%20-%202M&sd=24...

0
0

GET hide.png
2m.ma/static/images/animated-logo/ 0
0

GET user-header-widget.png
2m.ma/static/images/icons/ 0
0

GET mignifier-white.png
2m.ma/static/images/icons/ 0
0

GET hot-tags-label-arrow.png
2m.ma/static/images/rtl/ 0
0

GET landscape.png
2m.ma/static/images/icons/ 0
0

GET mainslides-overlay.png
2m.ma/static/images/ 0
0

GET user-gray.png
2m.ma/static/images/icons/ 0
0

GET article-clock.png
2m.ma/static/images/icons/ 0
0

GET play-btn.png
2m.ma/static/images/ 0
0

GET droidkufi-bold-webfont.woff2
2m.ma/static/fonts/ 0
0

GET droidkufi-regular-webfont.woff2
2m.ma/static/fonts/ 0
0

GET roboto-regular-webfont.woff2
2m.ma/static/fonts/ 0
0

GET roboto-light-webfont.woff2
2m.ma/static/fonts/ 0
0

GET roboto-medium-webfont.woff2
2m.ma/static/fonts/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: 2m.ma
URL: http://2m.ma/static/images/animated-logo/shape.png

Domain: 2m.ma
URL: http://2m.ma/static/images/animated-logo/ma.png

Domain: 2m.ma
URL: http://2m.ma/static/images/icons/sun.png

Domain: 2m.ma
URL: http://2m.ma/static/images/icons/youtube.png

Domain: 2m.ma
URL: http://2m.ma/static/images/icons/twitter.png

Domain: 2m.ma
URL: http://2m.ma/static/images/icons/instagram.png

Domain: 2m.ma
URL: http://2m.ma/static/images/px.gif

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1331425320&t=pageview&_s=1&dl=http%3A%2F%2F2m.ma%2Far%2F&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9%20-%202M&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1051937302&gjid=2088108058&cid=623082786.1589895298&tid=UA-16439051-2&_gid=2118228185.1589895298&_r=1&z=1678873135

Domain: 2m.ma
URL: http://2m.ma/static/images/animated-logo/hide.png

Domain: 2m.ma
URL: http://2m.ma/static/images/icons/user-header-widget.png

Domain: 2m.ma
URL: http://2m.ma/static/images/icons/mignifier-white.png

Domain: 2m.ma
URL: http://2m.ma/static/images/rtl/hot-tags-label-arrow.png

Domain: 2m.ma
URL: http://2m.ma/static/images/icons/landscape.png

Domain: 2m.ma
URL: http://2m.ma/static/images/mainslides-overlay.png

Domain: 2m.ma
URL: http://2m.ma/static/images/icons/user-gray.png

Domain: 2m.ma
URL: http://2m.ma/static/images/icons/article-clock.png

Domain: 2m.ma
URL: http://2m.ma/static/images/play-btn.png

Domain: 2m.ma
URL: http://2m.ma/static/fonts/droidkufi-bold-webfont.woff2

Domain: 2m.ma
URL: http://2m.ma/static/fonts/droidkufi-regular-webfont.woff2

Domain: 2m.ma
URL: http://2m.ma/static/fonts/roboto-regular-webfont.woff2

Domain: 2m.ma
URL: http://2m.ma/static/fonts/roboto-light-webfont.woff2

Domain: 2m.ma
URL: http://2m.ma/static/fonts/roboto-medium-webfont.woff2

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2m.ma
old-antiek.ru
www.google-analytics.com
2m.ma
www.google-analytics.com
104.20.13.136
2a00:1450:4001:81c::200e
81.177.140.93

2m.ma Open in urlscan Pro 104.20.13.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

28 Requests

4 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

3 Countries

41 kBTransfer

238 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Indicators

2m.ma Open in urlscan Pro
104.20.13.136 Public Scan

Screenshot
Live screenshot

Full Image

28
Requests

4 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

3
Countries

41 kB
Transfer

238 kB
Size

0
Cookies

28 HTTP transactions
0 data transactions