Report - dcshop.ma/panel/m

Report Overview

Submitted URL
dcshop.ma/panel/m_shops?shipt.com
IP
185.178.208.141
ASN
#57724 Ddos-Guard Ltd
Submitted
2024-04-17 02:49:44
Access
public
Website Title
DOC-SHOP | Sign in
Final URL
dcshop.ma/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-16	1.6 kB	143 kB	216.58.207.227
dcshop.ma	unknown	2022-01-20	2022-01-20	2024-04-16	4.7 kB	1.6 MB	185.178.208.141
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-16	435 B	3.8 kB	104.17.25.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-17	medium	dcshop.ma	Sinkholed
2024-04-17	medium	dcshop.ma	Sinkholed
2024-04-17	medium	dcshop.ma	Sinkholed
2024-04-17	medium	dcshop.ma	Sinkholed
2024-04-17	medium	dcshop.ma	Sinkholed
2024-04-17	medium	dcshop.ma	Sinkholed
2024-04-17	medium	dcshop.ma	Sinkholed
2024-04-17	medium	dcshop.ma	Sinkholed
2024-04-17	medium	dcshop.ma	Sinkholed

ThreatFox

No alerts detected

JavaScript (12)

	URL	Size	First Seen	Last Seen
	dcshop.ma/frontend/js/scripts.js	241 kB	2023-06-30	2024-04-24
Pretty URL dcshop.ma/frontend/js/scripts.js IP 185.178.208.141 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-30 03:16:46 Last Seen2024-04-24 16:14:54 Times Seen209 Hash 2c3b9bc9c1501adc7ea547d8584eb84d 9598b32c395b4e9eb527e878a1dec054e7d2ef66 ea7e1e6fdde7f920bbf0d6175026f2f704cd9f4fd2b7b7a3687cbe1d9ac15749 Loading...

	cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.10/clipboard.min.js	9.0 kB	2023-03-07	2024-04-30
Pretty URL cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.10/clipboard.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:35 Last Seen2024-04-30 00:27:17 Times Seen637 Hash ad98572d415d2f2452845a6068a913c0 6674f81dd01c76be986cf0a8172d1073e56d7ef4 baff7541be9c20f7f977f6993ce39cfa937a7bde69db6e7beebb8f68372682a1 Loading...

	dcshop.ma/	777 B	2023-06-30	2024-04-24
Pretty URL dcshop.ma/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-30 03:16:46 Last Seen2024-04-24 16:14:54 Times Seen106 Hash 2c612aab91668de1663b81933ffded2f a08df3954cdd0da12baab024a6cb8c12a0bc9f01 f67370a55b410ea04dc304c19ccfe069fca20f052b31c67f8677eaca43a14865 Loading...

	dcshop.ma/frontend/js/plugins.js	3.8 MB	2023-06-30	2024-04-24
Pretty URL dcshop.ma/frontend/js/plugins.js IP 185.178.208.141 ASN #57724 Ddos-Guard Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-30 03:16:46 Last Seen2024-04-24 16:14:54 Times Seen208 Hash 8e0861726db4f8117b260adfaba7d083 ba2ec4443a3206849c809ef8488a042f560d1e55 fb2112b2e399ba06f149f937c47de5cbb2da4191775dc4e1800570434972d064 Loading...

	dcshop.ma/	55 kB	2023-12-04	2024-04-24
Pretty URL dcshop.ma/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-04 10:01:18 Last Seen2024-04-24 16:14:54 Times Seen104 Hash ee45e0a7cf9977dfe6f667b10071735a 102b222b56583c97a1dd8efa2835565b5fc1a44e 7734c258ec72429d8fd354505ab48ef25bc3f9a0d7e8735f0c1b6941d86c00c7 Loading...

	dcshop.ma/	964 B	2023-06-30	2024-04-24
Pretty URL dcshop.ma/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-30 03:16:46 Last Seen2024-04-24 16:14:54 Times Seen114 Hash 61b177f531079bb093d55e74207c5c93 6b91c5695284a30a76d0320e7167d375dfbbeaf7 a8b448fd07ed852dbbf34eb7d9549505c3ff78e996756cb3d8139621e9f88e28 Loading...

	dcshop.ma/	20 B	2023-06-30	2024-04-24
Pretty URL dcshop.ma/ IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-30 03:16:46 Last Seen2024-04-24 16:14:54 Times Seen114 Hash a41c812412e06b2b59f9b6a795229228 1c30aa81d03e0cc0a412e9237e015fd95460d63c 32317d565f77f4e5596a27f05975e76c0851f0b49c7a45f085649873145bd47d Loading...

		Size	First Seen	Last Seen
	#1 Eval - 815f9ae6b813a7f3ce6b40c78f54ea8c	67 B	2023-06-30	2024-04-24
Pretty Observations First Seen2023-06-30 03:16:46 Last Seen2024-04-24 16:14:54 Times Seen108 Hash 815f9ae6b813a7f3ce6b40c78f54ea8c 48c84440ceb468b9aec10cb9a0de3ac8d595a144 605dd11c1489a3b8ef6ac3e7a5d466493072a96378810fa75208471bcaa95a89 Loading...

	#2 Eval - 11cfed14ce5f261b3d4bb832b38b1b1c	627 B	2023-06-30	2024-04-24
Pretty Observations First Seen2023-06-30 03:16:47 Last Seen2024-04-24 16:14:54 Times Seen107 Hash 11cfed14ce5f261b3d4bb832b38b1b1c 318fe251520aaa1ce526852a4c3dd102251eb607 e951422e3766a6ca3c502efa4923b42cc88a8c4c14e891eb0701280bd46592e7 Loading...

	#3 Eval - 460c4fddbd1fc74793bf40c145372ac0	41 kB	2023-12-04	2024-04-24
Pretty Observations First Seen2023-12-04 10:01:19 Last Seen2024-04-24 16:14:54 Times Seen96 Hash 460c4fddbd1fc74793bf40c145372ac0 fc8bf7aad378abec9fcf3bfb4483a9a3c560fee5 be486bf99a1d9a80f26b0cfe337f6177b90031821be645c42deba92914310e40 Loading...

	#4 Eval - 3c59f17bd65c01950ac0d72267cf1ab7	2.9 kB	2023-06-30	2024-04-24
Pretty Observations First Seen2023-06-30 03:16:46 Last Seen2024-04-24 16:14:54 Times Seen106 Hash 3c59f17bd65c01950ac0d72267cf1ab7 13a0440114f810a63a9196fd7465bfa3452b2b8e 4d07c203e680f64970c7b5397446edebefc6f35ecd091dba17b366817fd9270c Loading...

	#5 Eval - 31f7aad8099fbc80c5799bbd5edf7d1a	700 B	2023-06-30	2024-04-24
Pretty Observations First Seen2023-06-30 03:16:47 Last Seen2024-04-24 16:14:54 Times Seen111 Hash 31f7aad8099fbc80c5799bbd5edf7d1a ca82082fb9680d8325ac61204f6ede5f91c20952 ef8adacb5c551c020d77ced8833899c2d5069642d95d1de798de3ff00c8f6122 Loading...

HTTP Transactions (13)

URL IP Response Size

dcshop.ma/frontend/css/datatables.bundle.css

185.178.208.141

8.4 kB

URL
dcshop.ma/frontend/css/datatables.bundle.css
IP
185.178.208.141:0
ASN
#57724 Ddos-Guard Ltd

File type
Unicode text, UTF-8 text, with very long lines (546), with CRLF line terminators
Size
8.4 kB (8397 bytes)
Hash
e9a4d7823ec80ca0b6c87dd21818bb6e
33bdaf319955b1a4b37165cb3c86baff14448539
604cc54ef971b571b3c544099661c26e40098b4b32f3fee608cfc11eb4d3e078

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/css/datatables.bundle.css HTTP/1.1
Host: dcshop.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dcshop.ma/
Cookie: __ddg1_=LmlTUjeWd0NhfISTHlH1; PHPSESSID=677e7b137ce9b234039178d4e894fd1d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 16 Apr 2024 10:56:07 GMT
content-type: text/css
last-modified: Thu, 22 Dec 2022 12:12:42 GMT
etag: W/"63a449ba-9ff2"
content-encoding: gzip
age: 57191
content-length: 8397
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.10/clipboard.min.js

104.17.25.14

2.8 kB

URL
cdnjs.cloudflare.com/ajax/libs/clipboard.js/2.0.10/clipboard.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (8941)
Size
2.8 kB (2797 bytes)
Hash
ad98572d415d2f2452845a6068a913c0
6674f81dd01c76be986cf0a8172d1073e56d7ef4
baff7541be9c20f7f977f6993ce39cfa937a7bde69db6e7beebb8f68372682a1

HTTP Headers

GET /ajax/libs/clipboard.js/2.0.10/clipboard.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dcshop.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 17 Apr 2024 02:49:18 GMT
content-type: application/javascript; charset=utf-8
content-length: 2797
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61faba8a-aed"
last-modified: Wed, 02 Feb 2022 17:08:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 539017
expires: Mon, 07 Apr 2025 02:49:18 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ffxyiqYfSfbKxvsM2h%2FX70C2n%2BbEK8WBryCXsjEdTgasC1FTKOXxC1dslTGd3F29za%2Fj1%2FMVbYsXKI31PKDxfPkefgvIe2%2FAYe7LWLAkCnNX4KS6QAbWG%2FH9Zer5xF1BQxKnGHZn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875919e10f7d56c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

dcshop.ma/frontend/css/plugins.css

185.178.208.141

118 kB

URL
dcshop.ma/frontend/css/plugins.css
IP
185.178.208.141:0
ASN
#57724 Ddos-Guard Ltd

File type
ASCII text, with CRLF, CR line terminators
Size
118 kB (118417 bytes)
Hash
bff066c6932f0b6b0bad7500a03adcd1
b815edd3a690a939ca1ec611cf84d43969de01c6
d94ca665c3f47e003e5e108f909f78b430292955dd29a56d8417542b1589f51c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/css/plugins.css HTTP/1.1
Host: dcshop.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dcshop.ma/
Cookie: __ddg1_=LmlTUjeWd0NhfISTHlH1; PHPSESSID=677e7b137ce9b234039178d4e894fd1d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 15 Apr 2024 11:03:14 GMT
content-type: text/css
last-modified: Tue, 20 Dec 2022 10:58:48 GMT
etag: W/"63a19568-9d70c"
content-encoding: gzip
age: 143164
ddg-cache-status: HIT,MISS
content-length: 118417
X-Firefox-Spdy: h2

dcshop.ma/frontend/img/ru.svg

185.178.208.141

207 B

URL
dcshop.ma/frontend/img/ru.svg
IP
185.178.208.141:0
ASN
#57724 Ddos-Guard Ltd

File type
SVG Scalable Vector Graphics image
Size
207 B (207 bytes)
Hash
e3ee3b099783ef393f2f4dabdc75d5bc
fbe8adc1f75d896354345414a75cf5f847967ee7
bb2782a916b1a28eb081895afa90f4ed5dca5df320b9cc95f867bc2a26e29064

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/img/ru.svg HTTP/1.1
Host: dcshop.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dcshop.ma/
Cookie: __ddg1_=LmlTUjeWd0NhfISTHlH1; PHPSESSID=677e7b137ce9b234039178d4e894fd1d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 15 Apr 2024 11:13:09 GMT
content-type: image/svg+xml
last-modified: Thu, 20 Jan 2022 17:33:52 GMT
etag: W/"61e99d00-122"
content-encoding: gzip
age: 142570
content-length: 207
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

dcshop.ma/frontend/js/scripts.js

185.178.208.141

54 kB

URL
dcshop.ma/frontend/js/scripts.js
IP
185.178.208.141:0
ASN
#57724 Ddos-Guard Ltd

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
54 kB (53538 bytes)
Hash
2c3b9bc9c1501adc7ea547d8584eb84d
9598b32c395b4e9eb527e878a1dec054e7d2ef66
ea7e1e6fdde7f920bbf0d6175026f2f704cd9f4fd2b7b7a3687cbe1d9ac15749

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/js/scripts.js HTTP/1.1
Host: dcshop.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dcshop.ma/
Cookie: __ddg1_=LmlTUjeWd0NhfISTHlH1; PHPSESSID=677e7b137ce9b234039178d4e894fd1d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 09 Apr 2024 09:20:24 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 20 Dec 2022 17:09:21 GMT
content-encoding: gzip
etag: "63a1ec41-3ac63"
age: 667734
content-length: 53538
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

dcshop.ma/frontend/img/united-states.svg

185.178.208.141

1.6 kB

URL
dcshop.ma/frontend/img/united-states.svg
IP
185.178.208.141:0
ASN
#57724 Ddos-Guard Ltd

File type
SVG Scalable Vector Graphics image
Size
1.6 kB (1581 bytes)
Hash
f4cc0b5eff95481b1c900a1da2486029
c020b5d82338eef02bc8b242e3b3929780190161
ad9c7e75dfbcf358d5850e3f6dac41bad25d6da8984eca3224175b1d62c38cbb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/img/united-states.svg HTTP/1.1
Host: dcshop.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dcshop.ma/
Cookie: __ddg1_=LmlTUjeWd0NhfISTHlH1; PHPSESSID=677e7b137ce9b234039178d4e894fd1d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 10 Apr 2024 18:55:24 GMT
content-type: image/svg+xml
last-modified: Wed, 28 Sep 2022 17:37:34 GMT
content-encoding: gzip
etag: "6334865e-3f9f"
age: 546835
content-length: 1581
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

dcshop.ma/frontend/css/style.css

185.178.208.141

174 kB

URL
dcshop.ma/frontend/css/style.css
IP
185.178.208.141:0
ASN
#57724 Ddos-Guard Ltd

File type
Unicode text, UTF-8 text, with very long lines (560), with CRLF line terminators
Size
174 kB (174017 bytes)
Hash
17251f46dbabd70df968abf9c7181999
425a34579c6d708c81dc8390ab5ed555ecb21dd7
f8c354914218445ecd1a818c3affd15b1d1fa508706c955541425257f976be6a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/css/style.css HTTP/1.1
Host: dcshop.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dcshop.ma/
Cookie: __ddg1_=LmlTUjeWd0NhfISTHlH1; PHPSESSID=677e7b137ce9b234039178d4e894fd1d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Wed, 10 Apr 2024 02:32:24 GMT
content-type: text/css
last-modified: Sat, 14 Jan 2023 21:44:09 GMT
content-encoding: gzip
etag: "63c32229-16c71e"
age: 605814
content-length: 174017
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

dcshop.ma/frontend/js/plugins.js

185.178.208.141

1.1 MB

URL
dcshop.ma/frontend/js/plugins.js
IP
185.178.208.141:0
ASN
#57724 Ddos-Guard Ltd

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
1.1 MB (1081291 bytes)
Hash
8e0861726db4f8117b260adfaba7d083
ba2ec4443a3206849c809ef8488a042f560d1e55
fb2112b2e399ba06f149f937c47de5cbb2da4191775dc4e1800570434972d064

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/js/plugins.js HTTP/1.1
Host: dcshop.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dcshop.ma/
Cookie: __ddg1_=LmlTUjeWd0NhfISTHlH1; PHPSESSID=677e7b137ce9b234039178d4e894fd1d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 15 Apr 2024 13:21:30 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 20 Dec 2022 09:55:11 GMT
content-encoding: gzip
content-length: 1081291
ddg-cache-status: HIT,HIT
etag: "63a1867f-39fd0c"
age: 134868
X-Firefox-Spdy: h2

dcshop.ma/frontend/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47

185.178.208.141

102 kB

URL
dcshop.ma/frontend/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47
IP
185.178.208.141:0
ASN
#57724 Ddos-Guard Ltd

File type
Web Open Font Format (Version 2), TrueType, length 102536, version 1.0
Size
102 kB (102536 bytes)
Hash
1ed478a6b265d4b4f5c26bb063203588
1ca5e8c7d2fb8e9d60ad1a1feb2a46e98c248a3d
c874e14c63db86c4c5318c77cb557fce7036645edc7d690dcc1d23b389631b13

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47 HTTP/1.1
Host: dcshop.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://dcshop.ma/frontend/css/plugins.css
Cookie: __ddg1_=LmlTUjeWd0NhfISTHlH1; PHPSESSID=677e7b137ce9b234039178d4e894fd1d
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 15 Apr 2024 19:17:07 GMT
content-type: font/woff2
content-length: 102536
last-modified: Tue, 08 Feb 2022 04:54:22 GMT
accept-ranges: bytes
ddg-cache-status: HIT,MISS
etag: "6201f77e-19088"
age: 113531
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.227

47 kB

URL
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dcshop.ma
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 07:14:19 GMT
expires: Wed, 16 Apr 2025 07:14:19 GMT
cache-control: public, max-age=31536000
age: 70499
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.227

47 kB

URL
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dcshop.ma
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 07:14:19 GMT
expires: Wed, 16 Apr 2025 07:14:19 GMT
cache-control: public, max-age=31536000
age: 70500
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.227

47 kB

URL
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dcshop.ma
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 07:14:19 GMT
expires: Wed, 16 Apr 2025 07:14:19 GMT
cache-control: public, max-age=31536000
age: 70500
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

dcshop.ma/frontend/img/l5N.png

185.178.208.141

14 kB

URL
dcshop.ma/frontend/img/l5N.png
IP
185.178.208.141:0
ASN
#57724 Ddos-Guard Ltd

File type
PNG image data, 671 x 282, 8-bit/color RGBA, non-interlaced
Size
14 kB (14370 bytes)
Hash
cea033f680ff9687c71fe7142bfcb35d
92e570213856eea90e5c5f49bf1596da5531b898
db6bcdc1675fffb08bee667d69af0f178382674f5ae433436317d9a384a33fff

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /frontend/img/l5N.png HTTP/1.1
Host: dcshop.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dcshop.ma/
Cookie: __ddg1_=LmlTUjeWd0NhfISTHlH1; PHPSESSID=677e7b137ce9b234039178d4e894fd1d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Mon, 15 Apr 2024 19:48:39 GMT
content-type: image/png
content-length: 14370
last-modified: Thu, 20 Jan 2022 17:33:52 GMT
etag: "61e99d00-3822"
accept-ranges: bytes
age: 111640
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (12)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations