URL: http://2m.ma/ar
Submission Tags: @phishunt_io
Submission: On August 03 via api from DE — Scanned from DE

Summary

This website contacted 32 IPs in 7 countries across 23 domains to perform 133 HTTP transactions. The main IP is 104.20.13.136, located in and belongs to CLOUDFLARENET, US. The main domain is 2m.ma. The Cisco Umbrella rank of the primary domain is 708603.
This is the only time 2m.ma was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
50 104.20.13.136 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:440... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2.18.79.133 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:2800:234... 15133 (EDGECAST)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 142.250.186.162 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
2 2620:1ec:27::... 8075 (MICROSOFT...)
1 141.95.98.71 16276 (OVH)
1 99.86.4.90 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 99.86.4.6 16509 (AMAZON-02)
1 1 2600:1f16:bc:... 16509 (AMAZON-02)
1 2600:9000:207... 16509 (AMAZON-02)
1 2 20.234.93.27 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 104.244.42.72 13414 (TWITTER)
2 2a03:2880:f11... 32934 (FACEBOOK)
3 20.84.22.197 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
133 32
Apex Domain
Subdomains
Transfer
50 2m.ma
2m.ma — Cisco Umbrella Rank: 708603
835 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 126
740bb56547582d625a4a5b83ba8bcbf6.safeframe.googlesyndication.com Failed
tpc.googlesyndication.com — Cisco Umbrella Rank: 164
147 KB
8 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 131
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 226
144 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 588
c.clarity.ms — Cisco Umbrella Rank: 1116
f.clarity.ms — Cisco Umbrella Rank: 5554
26 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 61
region1.google-analytics.com — Cisco Umbrella Rank: 2533
40 KB
4 gstatic.com
fonts.gstatic.com
38 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 15
adservice.google.com — Cisco Umbrella Rank: 104
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 100
213 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 726
syndication.twitter.com — Cisco Umbrella Rank: 992
133 KB
3 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3260
onesignal.com — Cisco Umbrella Rank: 1146
73 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
297 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 160
87 KB
2 alexametrics.com
certify-js.alexametrics.com — Cisco Umbrella Rank: 9033
certify.alexametrics.com — Cisco Umbrella Rank: 4953
3 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 4674
adservice.google.de — Cisco Umbrella Rank: 6709
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 196
72 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
imasdk.googleapis.com — Cisco Umbrella Rank: 430
126 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 231
556 B
1 cloudfront.net
b0db77346f8da5bae0c41a8a21ee1914f.profile.hyd50-c1.cloudfront.net
58 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
238 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 576
611 B
1 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 9047
32 KB
1 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 347
32 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1312
5 KB
133 23
Domain Requested by
50 2m.ma 2m.ma
static.cloudflareinsights.com
7 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
2m.ma
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
4 fonts.gstatic.com fonts.googleapis.com
4 www.google-analytics.com 2m.ma
www.google-analytics.com
3 f.clarity.ms www.clarity.ms
3 region1.google-analytics.com www.googletagmanager.com
3 www.google.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 www.googletagmanager.com 2m.ma
www.googletagmanager.com
2 www.facebook.com connect.facebook.net
2 c.clarity.ms 1 redirects
2 connect.facebook.net connect.facebook.net
2 www.clarity.ms 2m.ma
www.clarity.ms
2 www.googletagservices.com 2m.ma
securepubads.g.doubleclick.net
2 platform.twitter.com 2m.ma
platform.twitter.com
2 cdn.onesignal.com 2m.ma
cdn.onesignal.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 syndication.twitter.com platform.twitter.com
1 onesignal.com cdn.onesignal.com
1 c.bing.com 1 redirects
1 b0db77346f8da5bae0c41a8a21ee1914f.profile.hyd50-c1.cloudfront.net
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com 1 redirects
1 certify.alexametrics.com
1 certify-js.alexametrics.com 2m.ma
1 id5-sync.com ced.sascdn.com
1 www.google.de
1 stats.g.doubleclick.net www.google-analytics.com
1 imasdk.googleapis.com 2m.ma
1 ced.sascdn.com 2m.ma
1 cdn.ampproject.org 2m.ma
1 static.cloudflareinsights.com 2m.ma
1 fonts.googleapis.com 2m.ma
0 740bb56547582d625a4a5b83ba8bcbf6.safeframe.googlesyndication.com Failed securepubads.g.doubleclick.net
133 35

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-11 -
2023-05-10
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
*.sascdn.com
DigiCert SHA2 Secure Server CA
2021-09-13 -
2022-09-13
a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2021-10-20 -
2022-10-19
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
www.google.com
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
www.google.de
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2022-02-27 -
2023-02-27
a year crt.sh
*.id5-sync.com
R3
2022-05-31 -
2022-08-29
3 months crt.sh
certify-js.alexametrics.com
Amazon
2022-05-30 -
2023-06-27
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
certify.alexametrics.com
Amazon
2022-05-30 -
2023-06-28
a year crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-07 -
2023-03-06
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-05-12 -
2022-08-10
3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02
2022-06-07 -
2023-06-02
a year crt.sh
*.google.de
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.google.com
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-07-11 -
2022-10-03
3 months crt.sh

This page contains 5 frames:

Primary Page: http://2m.ma/ar
Frame ID: F860EADA6C3EAE11D65B9D4C4D3906DA
Requests: 116 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html?origin=http%3A%2F%2F2m.ma
Frame ID: 920836B57CC2D95BCACAFC402B2D2E9A
Requests: 2 HTTP requests in this frame

Frame: https://740bb56547582d625a4a5b83ba8bcbf6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CB2B82871484ECB9F8B4ADBE7F90CD46
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F5FE271F422F662BB1C95516A52EF997
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C942B9EF76D3077C0E9BE4660A1C6EE6
Requests: 2 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

133
Requests

56 %
HTTPS

73 %
IPv6

23
Domains

35
Subdomains

32
IPs

7
Countries

2010 kB
Transfer

6161 kB
Size

16
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • http://www.google-analytics.com/analytics.js HTTP 307
  • https://www.google-analytics.com/analytics.js
Request Chain 51
  • http://connect.facebook.net/en_US/sdk.js HTTP 307
  • https://connect.facebook.net/en_US/sdk.js
Request Chain 103
  • http://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png HTTP 302
  • http://b0db77346f8da5bae0c41a8a21ee1914f.profile.hyd50-c1.cloudfront.net/test.png
Request Chain 105
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?CtsSyncId=610115A39B9A40BFBDCA932B58EF9D2B&RedC=c.clarity.ms&MXFR=38A114D6EFB86A652C750523EBB8645C HTTP 302
  • https://c.clarity.ms/c.gif?CtsSyncId=610115A39B9A40BFBDCA932B58EF9D2B&MUID=00D4AD84DC9D6F390D7CBC71DDF66E77
Request Chain 114
  • http://www.google-analytics.com/collect?v=1&_v=j96&a=929987378&t=event&ni=1&_s=2&dl=http%3A%2F%2F2m.ma%2Far&ul=en-us&de=UTF-8&dt=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1qzo7rf&_u=aHBAAEABAAAAAC~&jid=&gjid=&cid=628055240.1659511490&tid=UA-16439051-2&_gid=191020307.1659511490&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F9aa85s764a%2F122m64g%2F1qzo7rf&z=2021851597 HTTP 307
  • https://www.google-analytics.com/collect?v=1&_v=j96&a=929987378&t=event&ni=1&_s=2&dl=http%3A%2F%2F2m.ma%2Far&ul=en-us&de=UTF-8&dt=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1qzo7rf&_u=aHBAAEABAAAAAC~&jid=&gjid=&cid=628055240.1659511490&tid=UA-16439051-2&_gid=191020307.1659511490&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F9aa85s764a%2F122m64g%2F1qzo7rf&z=2021851597

133 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request ar
2m.ma/
334 KB
54 KB
Document
General
Full URL
http://2m.ma/ar
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3fb9bbd6d2f847fdca40675c3e1e3276fdee5c4f1cca6b2306009adada1f504

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

CF-Cache-Status
DYNAMIC
CF-RAY
734d50dbfd886949-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 03 Aug 2022 07:24:50 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
vSC4oVFecTkvtww2xzzNkkv_C9Q.js
2m.ma/cdn-cgi/apps/head/
6 KB
3 KB
Script
General
Full URL
http://2m.ma/cdn-cgi/apps/head/vSC4oVFecTkvtww2xzzNkkv_C9Q.js
Requested by
Host: 2m.ma
URL: http://2m.ma/ar
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
569f0615d7b0e6cb50dcf3ea74ce5eaddd77fa8de79d5953db9738b36806f4df

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:50 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
13759943
CF-RAY
734d50dd3bda995c-FRA
Connection
keep-alive
Content-Length
2027
x-amz-id-2
pIpzAHXjzaiT2qYVBoohuEAKk34RuznmvpDJ4hPqJtZlsnzI4K33UoclRuLkgvbkEs2QGDnVMN4=
Last-Modified
Mon, 24 Jul 2017 18:55:15 GMT
Server
cloudflare
ETag
"c0c26b2684deb69268c2bfdfc6f204af"
Vary
Accept-Encoding
x-amz-request-id
S7SAH4ZZT8QQT24C
Cache-Control
public, max-age=31536000
x-amz-version-id
4HHJdEJ.JxixMocvJZ1cXxy6vjd4PQrN
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
css2
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Tajawal:wght@300;400;700&display=swap
Requested by
Host: 2m.ma
URL: http://2m.ma/ar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2a92ea12d9a962a7dabc765f17bb662a6911774ed46c67fc7cc8d1de081e66fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 07:24:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 03 Aug 2022 07:24:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Aug 2022 07:24:50 GMT
ec1165f.js
2m.ma/_nuxt/
3 KB
2 KB
Script
General
Full URL
http://2m.ma/_nuxt/ec1165f.js
Requested by
Host: 2m.ma
URL: http://2m.ma/ar
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6690a774ec527ff68616d91338a7a87c55a4aedceecbdd072e07b59dc9068569

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:50 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 25 May 2022 15:05:50 GMT
Server
cloudflare
Age
6020315
ETag
W/"ce8-180fbc0aeba"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50dd39b59231-FRA
874dac9.js
2m.ma/_nuxt/
241 KB
83 KB
Script
General
Full URL
http://2m.ma/_nuxt/874dac9.js
Requested by
Host: 2m.ma
URL: http://2m.ma/ar
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
590244eb05753e9d7bec9f818b65900a6e32b8723af4dca2f28e1ea9a5a449a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:50 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 01 Jun 2022 13:56:20 GMT
Server
cloudflare
Age
3537528
ETag
W/"3c593-1811f8d8fdf"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50dd381ebba7-FRA
eac9859.js
2m.ma/_nuxt/
1 MB
315 KB
Script
General
Full URL
http://2m.ma/_nuxt/eac9859.js
Requested by
Host: 2m.ma
URL: http://2m.ma/ar
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5be156f9cde38883afd665485913b489b111b2d41029fa6dcba35779564e8e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:50 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 24 May 2022 16:47:20 GMT
Server
cloudflare
Age
6100561
ETag
W/"126d5c-180f6f73fa5"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50dd3b67bbd1-FRA
940e111.js
2m.ma/_nuxt/
598 KB
131 KB
Script
General
Full URL
http://2m.ma/_nuxt/940e111.js
Requested by
Host: 2m.ma
URL: http://2m.ma/ar
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d51f6bfc2c1d38c373d5ac07ae03439244c9cbc30a7e891a70af946df59a59e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:50 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 01 Jun 2022 13:56:20 GMT
Server
cloudflare
Age
5419682
ETag
W/"95808-1811f8d8fdf"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50dd3b0c68ef-FRA
ec16554.js
2m.ma/_nuxt/
69 KB
17 KB
Script
General
Full URL
http://2m.ma/_nuxt/ec16554.js
Requested by
Host: 2m.ma
URL: http://2m.ma/ar
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45797994ca30e45d9f45dd8570b5713fdd22026b045b40128668bd973e0861e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:50 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 24 May 2022 16:47:20 GMT
Server
cloudflare
Age
6100555
ETag
W/"11418-180f6f73f99"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50dd69da9231-FRA
fce3449.js
2m.ma/_nuxt/
100 KB
33 KB
Script
General
Full URL
http://2m.ma/_nuxt/fce3449.js
Requested by
Host: 2m.ma
URL: http://2m.ma/ar
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4b42c44edc5205c62d2da94f0a96f7eecda84d398b53b0b591e897faac6d6da

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:50 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 24 May 2022 16:47:20 GMT
Server
cloudflare
Age
6100614
ETag
W/"19069-180f6f73f8d"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50dd6c25995c-FRA
5323976.js
2m.ma/_nuxt/
29 KB
7 KB
Script
General
Full URL
http://2m.ma/_nuxt/5323976.js
Requested by
Host: 2m.ma
URL: http://2m.ma/ar
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cda9d03d33bbac9d4dd9d2c3d826f89f4ed2e9961e4eb7d66b02c14eb49662c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:50 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 01 Jun 2022 13:56:20 GMT
Server
cloudflare
Age
3540001
ETag
W/"7479-1811f8d8fdf"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50dd787abba7-FRA
rocket-loader.min.js
2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
http://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: 2m.ma
URL: http://2m.ma/ar
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 29 Jul 2022 16:49:44 GMT
Server
cloudflare
ETag
W/"62e40fa8-302c"
X-Frame-Options
DENY
Content-Type
application/javascript
Cache-Control
max-age=172800, public
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50de584b6949-FRA
Vary
Accept-Encoding
Expires
Fri, 05 Aug 2022 07:24:50 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/
14 KB
5 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: 2m.ma
URL: http://2m.ma/ar
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
http://2m.ma/
Origin
http://2m.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 07:24:50 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
734d50de9ff19156-FRA
analytics.js
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/analytics.js
  • https://www.google-analytics.com/analytics.js
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 2m.ma
URL: http://2m.ma/ar
Protocol
H2
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1370
date
Wed, 03 Aug 2022 07:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 03 Aug 2022 09:02:00 GMT

Redirect headers

Location
https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
ampAnalytic.js
2m.ma/js/
213 B
594 B
Script
General
Full URL
http://2m.ma/js/ampAnalytic.js
Requested by
Host: 2m.ma
URL: http://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffdfc591d8628204b0fdbf242ea0a460fb9de5d7201b700e2d5a026759dbd63d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:50 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
Last-Modified
Tue, 08 Mar 2022 16:45:18 GMT
Server
cloudflare
ETag
W/"d5-17f6a6bb690"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=7200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50de786e6949-FRA
amp-analytics-0.1.js
cdn.ampproject.org/v0/
109 KB
32 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: 2m.ma
URL: http://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6480ae594ba586637bd0785ff4ea29dbd1c429e7f17d178293da414de7e64b98
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31976
x-xss-protection
0
server
sffe
date
Wed, 03 Aug 2022 07:24:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"d58685e75d10bc01"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 03 Aug 2022 07:24:50 GMT
AlexaCertify.js
2m.ma/js/
351 B
660 B
Script
General
Full URL
http://2m.ma/js/AlexaCertify.js
Requested by
Host: 2m.ma
URL: http://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28408c328d2ca123c9deeafcb35c7347162f701cb3390138f14dec1d45aae1fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:50 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
Last-Modified
Thu, 10 Mar 2022 16:59:13 GMT
Server
cloudflare
ETag
W/"15f-17f74c52dd3"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=7200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50de79c8bba7-FRA
smartadsettings.js
2m.ma/js/
323 B
621 B
Script
General
Full URL
http://2m.ma/js/smartadsettings.js
Requested by
Host: 2m.ma
URL: http://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6623f704ce7f401c4e0661a2a65ecd586845f75d2c8e0d221ce4d22bdb573ad5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:50 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
Last-Modified
Fri, 11 Feb 2022 20:35:09 GMT
Server
cloudflare
ETag
W/"143-17eea7f2b4f"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=7200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50de7cfebbd1-FRA
smart.js
ced.sascdn.com/tag/3810/
93 KB
32 KB
Script
General
Full URL
https://ced.sascdn.com/tag/3810/smart.js
Requested by
Host: 2m.ma
URL: http://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.133 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-133.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
69d23b0cb5f1756d251e0656590879b0bd9d1ec54a00df9035c572b931ada918

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:50 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=900
Connection
keep-alive
Content-Length
32037
Expires
Wed, 03 Aug 2022 07:39:50 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/
373 KB
125 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: 2m.ma
URL: http://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a407bad2c5c1c6331c406392e74465bca0603fb1040b476e6592fe6fd4a56faf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 07:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127179
x-xss-protection
0
expires
Wed, 03 Aug 2022 07:24:50 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: 2m.ma
URL: http://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
734d50dead7abb97-FRA
date
Wed, 03 Aug 2022 07:24:50 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
3264
etag
W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 06 Aug 2022 07:24:50 GMT
widgets.js
2m.ma/js/
96 KB
29 KB
Script
General
Full URL
http://2m.ma/js/widgets.js
Requested by
Host: 2m.ma
URL: http://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:50 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
Last-Modified
Thu, 27 Jan 2022 09:11:44 GMT
Server
cloudflare
ETag
W/"181b8-17e9ace1488"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=7200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50de7c7468ef-FRA
analytics.js
2m.ma/js/
452 B
718 B
Script
General
Full URL
http://2m.ma/js/analytics.js
Requested by
Host: 2m.ma
URL: http://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84ec4d46a42112e855a36f2f59b40897451ad769a6ae92385f1dacf467dfc9c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:50 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
Last-Modified
Thu, 27 Jan 2022 10:39:28 GMT
Server
cloudflare
ETag
W/"1c4-17e9b1e68ea"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=7200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50de7d55995c-FRA
clarity.js
2m.ma/js/
335 B
652 B
Script
General
Full URL
http://2m.ma/js/clarity.js
Requested by
Host: 2m.ma
URL: http://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fa38979b260b8046863afde7f5ed8c57cb43513b46129c1c33464d34ea6085b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:50 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
Last-Modified
Fri, 12 Nov 2021 14:06:30 GMT
Server
cloudflare
ETag
W/"14f-17d1478a270"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=7200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50de7b1f9231-FRA
gtag.js
2m.ma/js/
175 B
561 B
Script
General
Full URL
http://2m.ma/js/gtag.js
Requested by
Host: 2m.ma
URL: http://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99a4f2a0204fba9482eff0593850b915f6dd2244eb824477be07e4ae085eb1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:50 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
Last-Modified
Fri, 12 Nov 2021 14:48:42 GMT
Server
cloudflare
ETag
W/"af-17d149f4510"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=7200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50defa6bbba7-FRA
widgets.js
platform.twitter.com/
96 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: 2m.ma
URL: http://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/675D) /
Resource Hash
ccaf59e06eb4f607fdedb30b166d8ab31ae2f92eaf4a2f998504204f1a2bf526

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:50 GMT
Content-Encoding
gzip
Age
48
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Content-Length
29212
x-tw-cdn
VZ
Last-Modified
Tue, 19 Jul 2022 20:07:06 GMT
Server
ECS (frb/675D)
Etag
"3b16e031477759af620cd0de990c6783+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
js
www.googletagmanager.com/gtag/
198 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G6GJSC0FFM
Requested by
Host: 2m.ma
URL: http://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
689da25c68fd5ff7846bae7fb2e7818bb6e3d3ecc9a1d36b03e04e8044c4e782
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 07:24:50 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72555
x-xss-protection
0
expires
Wed, 03 Aug 2022 07:24:50 GMT
ads.js
2m.ma/js/
4 KB
1 KB
Script
General
Full URL
http://2m.ma/js/ads.js
Requested by
Host: 2m.ma
URL: http://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
754fd98d3054bdb1ab20e0c5056e125b2ddc0f14992c2e8fbb12b5a0cd212d03

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:50 GMT
Content-Encoding
gzip
CF-Cache-Status
EXPIRED
Last-Modified
Fri, 28 Jan 2022 16:31:28 GMT
Server
cloudflare
ETag
W/"f00-17ea187095e"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=7200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50defdafbbd1-FRA
collect
www.google-analytics.com/j/
4 B
201 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=929987378&t=pageview&_s=1&dl=http%3A%2F%2F2m.ma%2Far&ul=en-us&de=UTF-8&dt=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1580373965&gjid=1307001417&cid=628055240.1659511490&tid=UA-16439051-2&_gid=191020307.1659511490&_r=1&_slc=1&z=244722955
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://2m.ma/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 07:24:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://2m.ma
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/
83 KB
29 KB
Script
General
Full URL
http://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: 2m.ma
URL: http://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2ab92ccf8fd412f9942d0e0975f688cedc6ddfd22d0dfa91a6abc11624ff8eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:50 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
sffe
ETag
"1292 / 905 of 1000 / last-modified: 1659477923"
Vary
Accept-Encoding
Report-To
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
Content-Type
text/javascript
Cache-Control
private, max-age=900, stale-while-revalidate=3600
Cross-Origin-Resource-Policy
cross-origin
Timing-Allow-Origin
*
Content-Length
28687
X-XSS-Protection
0
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="ads-gpt-scs"
Expires
Wed, 03 Aug 2022 07:24:50 GMT
collect
stats.g.doubleclick.net/j/
4 B
434 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-16439051-2&cid=628055240.1659511490&jid=1580373965&gjid=1307001417&_gid=191020307.1659511490&_u=IEBAAEAAAAAAAC~&z=2076820943
Requested by
Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://2m.ma/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 03 Aug 2022 07:24:50 GMT
content-type
text/plain
access-control-allow-origin
http://2m.ma
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16439051-2&cid=628055240.1659511490&jid=1580373965&_u=IEBAAEAAAAAAAC~&z=1819763636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 07:24:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-16439051-2&cid=628055240.1659511490&jid=1580373965&_u=IEBAAEAAAAAAAC~&z=1819763636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 07:24:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022072702.js
securepubads.g.doubleclick.net/gpt/
379 KB
130 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
d2552b5a5b1d8d9b480866377443816318a135709b83b2e4009219d6dd082fcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 02 Aug 2022 20:51:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
37972
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132574
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 20:59:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 02 Aug 2023 20:51:58 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
74 B
708 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=2m.ma
Requested by
Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
9efa7519fa43bce81efcb0f8546be490d37b3c6a3ec0075a043eef7e6c174c80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 03 Aug 2022 07:24:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72
x-xss-protection
0
expires
Wed, 03 Aug 2022 07:24:50 GMT
collect
region1.google-analytics.com/g/
0
330 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-G6GJSC0FFM&gtm=2oe811&_p=929987378&_z=ccd.v9B&cid=628055240.1659511490&ul=en-us&sr=1600x1200&_s=1&sid=1659511490&sct=1&seg=0&dl=http%3A%2F%2F2m.ma%2Far&dt=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G6GJSC0FFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 07:24:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://2m.ma
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9aa85s764a
www.clarity.ms/tag/
2 KB
2 KB
Script
General
Full URL
https://www.clarity.ms/tag/9aa85s764a
Requested by
Host: 2m.ma
URL: http://2m.ma/js/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1425 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
687548f29975be7facf99d7aeb61312d8b9844992f2b28cff647f3ed85d3771c

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 07:24:50 GMT
x-powered-by
ASP.NET
x-azure-ref
0wiLqYgAAAACu5zHqvP6FRbfc0kAgsHSfTUlMMzBFREdFMDYwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
expires
-1
cache-control
no-cache, no-store
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 2m.ma
URL: http://2m.ma/js/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1370
date
Wed, 03 Aug 2022 07:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 03 Aug 2022 09:02:00 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
283 KB
68 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
734d50e2484a9a39-FRA
date
Wed, 03 Aug 2022 07:24:50 GMT
via
1.1 google
cf-cache-status
HIT
server
cloudflare
age
3264
etag
W/"0e269028feac530d16f00d8dad8ece74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sat, 06 Aug 2022 07:24:50 GMT
102.json
id5-sync.com/g/v2/
213 B
611 B
XHR
General
Full URL
https://id5-sync.com/g/v2/102.json
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/3810/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.71 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216577.ip-141-95-98.eu
Software
/
Resource Hash
ca97e1686c3f874301196bb1c8f4884531dd38a5d11615d566186b5dc86aef4b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
http://2m.ma/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
http://2m.ma
date
Wed, 03 Aug 2022 07:24:50 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
atrk.js
certify-js.alexametrics.com/
4 KB
2 KB
Script
General
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: 2m.ma
URL: http://2m.ma/js/AlexaCertify.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-90.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 06 Jun 2022 06:04:40 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
Age
5016011
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
Cache-Control
max-age=26920000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA6-C1
X-Amz-Cf-Id
gbs5IQh69irQessPZdsvAkQ5CeeTG_3ey8D4bTIilXn4Lo6jDgLuzw==
js
www.googletagmanager.com/gtag/
198 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JXCE5J40DP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G6GJSC0FFM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
95eae15d7baf329b83317e474e831c0e25c4955d0891587cc504d712b5fd2d0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 07:24:51 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72573
x-xss-protection
0
expires
Wed, 03 Aug 2022 07:24:51 GMT
js
www.googletagmanager.com/gtag/
198 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JXCE5J40DP&l=dataLayer
Requested by
Host: 2m.ma
URL: http://2m.ma/_nuxt/eac9859.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d086443d95d33389d50664587fdfc152b8c5c3aff3c2e46223b212491d4776df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 07:24:51 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72531
x-xss-protection
0
expires
Wed, 03 Aug 2022 07:24:51 GMT
Iura6YBj_oCad4k1nzGBCw.woff2
fonts.gstatic.com/s/tajawal/v9/
10 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzGBCw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Tajawal:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b081f7bf790678b56a2c0502651d6873cbabc09e78fe40655df15f918b1e369b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://2m.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 28 Jul 2022 03:39:19 GMT
x-content-type-options
nosniff
age
531932
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10256
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:06:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Jul 2023 03:39:19 GMT
get-iframe
2m.ma/api/ Frame
0
0
Preflight
General
Full URL
https://2m.ma/api/get-iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
locale
Access-Control-Request-Method
GET
Origin
http://2m.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

allow
GET
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
734d50e3ca549b3d-FRA
content-type
text/html; charset=UTF-8
date
Wed, 03 Aug 2022 07:24:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
-1
pragma
no-cache
server
cloudflare
getSliderSection
2m.ma/api/ Frame
0
0
Preflight
General
Full URL
https://2m.ma/api/getSliderSection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
locale
Access-Control-Request-Method
GET
Origin
http://2m.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

allow
GET
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
734d50e3ca559b3d-FRA
content-type
text/html; charset=UTF-8
date
Wed, 03 Aug 2022 07:24:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
-1
pragma
no-cache
server
cloudflare
getHotTopics
2m.ma/api/ Frame
0
0
Preflight
General
Full URL
https://2m.ma/api/getHotTopics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
locale
Access-Control-Request-Method
GET
Origin
http://2m.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

allow
GET
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
734d50e3ca569b3d-FRA
content-type
text/html; charset=UTF-8
date
Wed, 03 Aug 2022 07:24:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
-1
pragma
no-cache
server
cloudflare
articlesrecent
2m.ma/api/ Frame
0
0
Preflight
General
Full URL
https://2m.ma/api/articlesrecent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
locale
Access-Control-Request-Method
GET
Origin
http://2m.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

allow
GET
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
734d50e3ca579b3d-FRA
content-type
text/html; charset=UTF-8
date
Wed, 03 Aug 2022 07:24:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
-1
pragma
no-cache
server
cloudflare
b036ba8.js
2m.ma/_nuxt/
81 KB
24 KB
Script
General
Full URL
http://2m.ma/_nuxt/b036ba8.js
Requested by
Host: 2m.ma
URL: http://2m.ma/_nuxt/ec1165f.js
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2375b57c1cb259fd0b19cee2063a62722c4b33e3e8e34f9bc167ace4cc2b732f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:51 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 01 Jun 2022 13:56:20 GMT
Server
cloudflare
Age
1098248
ETag
W/"144ee-1811f8d8ff3"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50e2df8fbba7-FRA
Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v9/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Tajawal:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de8f431c146ab1feb612cb7ced0842ae5c4e2f12067d13db0badeca73977200b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://2m.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 21:20:28 GMT
x-content-type-options
nosniff
age
554663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9996
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 21:20:28 GMT
fa-solid-900.1551f4f.woff2
2m.ma/_nuxt/fonts/
76 KB
77 KB
Font
General
Full URL
http://2m.ma/_nuxt/fonts/fa-solid-900.1551f4f.woff2
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer
http://2m.ma/ar
Origin
http://2m.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:51 GMT
CF-Cache-Status
HIT
Last-Modified
Wed, 01 Jun 2022 13:56:20 GMT
Server
cloudflare
Age
2498122
ETag
W/"131bc-1811f8d8fb7"
Vary
Accept-Encoding
Content-Type
font/woff2
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
734d50e35823bba7-FRA
Content-Length
78268
Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2
fonts.gstatic.com/s/tajawal/v9/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Tajawal:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
328cc866bbd43a73f3742f59aca4df9e04bf14354d8847461f6641279326de63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://2m.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 21:20:40 GMT
x-content-type-options
nosniff
age
554651
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8712
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 21:20:40 GMT
Iura6YBj_oCad4k1nzSBC45I.woff2
fonts.gstatic.com/s/tajawal/v9/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzSBC45I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Tajawal:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f56c2984babee36c5008ae3290384e27a63931814265ffe8ddda6a2fc38b41e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://2m.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 27 Jul 2022 19:44:50 GMT
x-content-type-options
nosniff
age
560401
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8724
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:06:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Jul 2023 19:44:50 GMT
sdk.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/sdk.js
  • https://connect.facebook.net/en_US/sdk.js
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a7a63627b417398685d3500b562ffe8b8c1af06304ee1c5d7a6317c6ef5f1358
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
ze1zFr0F3Tvm6dQLw/C5xQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
ys6Djnr1/gPfC+uu2oSX8BLNt1xtu8aApD6A9Yjd5WNU8BlgdVYTu/nVsFgg6eiXioMoXWSjdS4WBTbbZdyJbQ==
x-fb-trip-id
2050670934
x-fb-content-md5
6c86243ec14fbcc3fe8c7128472f45a2
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 03 Aug 2022 07:24:51 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"b2215fb0552144382b11a063a728382e"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 03 Aug 2022 07:32:17 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/sdk.js
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
calender.b9f2460.svg
2m.ma/_nuxt/img/
2 KB
918 B
Image
General
Full URL
http://2m.ma/_nuxt/img/calender.b9f2460.svg
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8a861b8d6ba109b0595502cd595b1b7e7ab6cc78ac7f7777414b1201618cea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:51 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 01 Jun 2022 13:56:20 GMT
Server
cloudflare
Age
3534304
ETag
W/"607-1811f8d8fab"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50e38c2dbbd1-FRA
truncated
/
871 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba257ab6608042d4589dfce1ff28a7a2f76f40696736bc7feb44a886506dc2e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
691 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c0cb57b800559bcf53c0118f1e36e00ffacec365ee6e61331377e20206609b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
close.0ebedbe.svg
2m.ma/_nuxt/img/
57 KB
9 KB
Image
General
Full URL
http://2m.ma/_nuxt/img/close.0ebedbe.svg
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a60a65a52594c2ee976d3373d07164a273e38e177d2b31083205bf16ceab7473

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:51 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 04 Mar 2022 21:51:34 GMT
Server
cloudflare
Age
13080676
ETag
W/"e2fa-17f56eaac01"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50e38a8568ef-FRA
truncated
/
865 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca078a47ab231ffad9ce0ce64a650d66065ca7863954ea32bbdf8115e94d04a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
558 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dffe7d16ad8a596271f7e615fb9790fb5657db671c445edf775601e87690edef

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
460 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
138364753b8d31982576a0a268036891460813f57097fe4dc87272d9d8ef83d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
610 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19297d0d24ad777c2059c8aa8f247d2623ed4416bebc5d283bcc6c7f579e1dbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0140437ec6cb29bc6ac6f8505f05f11603a430298e48c1ea483f7de390ba34a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
get-iframe
2m.ma/api/
0
0

getSliderSection
2m.ma/api/
0
0

getHotTopics
2m.ma/api/
0
0

articlesrecent
2m.ma/api/
0
0

getDossierSpecial
2m.ma/api/
0
0

getListEmissions
2m.ma/api/
0
0

getListJT
2m.ma/api/
0
0

getSectionUne
2m.ma/api/
0
0

mostViewed
2m.ma/api/
0
0

getmastertags
2m.ma/api/
0
0

0
2m.ma/api/articlesrecent-paginated/
0
0

getLiveSection
2m.ma/api/
0
0

getmastertags
2m.ma/api/
0
0

getBreakingNews
2m.ma/api/
0
0

getDossierSpecial
2m.ma/api/ Frame
0
0
Preflight
General
Full URL
https://2m.ma/api/getDossierSpecial
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
locale
Access-Control-Request-Method
GET
Origin
http://2m.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

allow
GET
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
734d50e3ca599b3d-FRA
content-type
text/html; charset=UTF-8
date
Wed, 03 Aug 2022 07:24:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
-1
pragma
no-cache
server
cloudflare
getListEmissions
2m.ma/api/ Frame
0
0
Preflight
General
Full URL
https://2m.ma/api/getListEmissions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
locale
Access-Control-Request-Method
GET
Origin
http://2m.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

allow
GET
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
734d50e3ca5a9b3d-FRA
content-type
text/html; charset=UTF-8
date
Wed, 03 Aug 2022 07:24:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
-1
pragma
no-cache
server
cloudflare
getListJT
2m.ma/api/ Frame
0
0
Preflight
General
Full URL
https://2m.ma/api/getListJT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
locale
Access-Control-Request-Method
GET
Origin
http://2m.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

allow
GET
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
734d50e3da7b9b3d-FRA
content-type
text/html; charset=UTF-8
date
Wed, 03 Aug 2022 07:24:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
-1
pragma
no-cache
server
cloudflare
getSectionUne
2m.ma/api/ Frame
0
0
Preflight
General
Full URL
https://2m.ma/api/getSectionUne
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
locale
Access-Control-Request-Method
GET
Origin
http://2m.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

allow
GET
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
734d50e3da7c9b3d-FRA
content-type
text/html; charset=UTF-8
date
Wed, 03 Aug 2022 07:24:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
-1
pragma
no-cache
server
cloudflare
mostViewed
2m.ma/api/ Frame
0
0
Preflight
General
Full URL
https://2m.ma/api/mostViewed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
locale
Access-Control-Request-Method
GET
Origin
http://2m.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

allow
GET
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
734d50e3ca5c9b3d-FRA
content-type
text/html; charset=UTF-8
date
Wed, 03 Aug 2022 07:24:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
-1
pragma
no-cache
server
cloudflare
getmastertags
2m.ma/api/ Frame
0
0
Preflight
General
Full URL
https://2m.ma/api/getmastertags
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
locale
Access-Control-Request-Method
GET
Origin
http://2m.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

allow
GET
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
734d50e3da729b3d-FRA
content-type
text/html; charset=UTF-8
date
Wed, 03 Aug 2022 07:24:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
-1
pragma
no-cache
server
cloudflare
1
2m.ma/mm-weather/get-forecast/
0
0

list
2m.ma/api/grille/
0
0

horaire-api.php
2m.ma/prieres/
0
0

0
2m.ma/api/articlesrecent-paginated/ Frame
0
0
Preflight
General
Full URL
https://2m.ma/api/articlesrecent-paginated/0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
locale
Access-Control-Request-Method
GET
Origin
http://2m.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

allow
GET
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
734d50e3ca5b9b3d-FRA
content-type
text/html; charset=UTF-8
date
Wed, 03 Aug 2022 07:24:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
-1
pragma
no-cache
server
cloudflare
getLiveSection
2m.ma/api/ Frame
0
0
Preflight
General
Full URL
https://2m.ma/api/getLiveSection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
locale
Access-Control-Request-Method
GET
Origin
http://2m.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

allow
GET
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
734d50e3da749b3d-FRA
content-type
text/html; charset=UTF-8
date
Wed, 03 Aug 2022 07:24:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
-1
pragma
no-cache
server
cloudflare
getmastertags
2m.ma/api/ Frame
0
0
Preflight
General
Full URL
https://2m.ma/api/getmastertags
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
locale
Access-Control-Request-Method
GET
Origin
http://2m.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

allow
GET
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
734d50e3da769b3d-FRA
content-type
text/html; charset=UTF-8
date
Wed, 03 Aug 2022 07:24:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
-1
pragma
no-cache
server
cloudflare
widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html
platform.twitter.com/widgets/ Frame 9208
320 KB
104 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html?origin=http%3A%2F%2F2m.ma
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6794) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
http://2m.ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
470455
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Wed, 03 Aug 2022 07:24:51 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 19 Jul 2022 20:05:03 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/6794)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
getBreakingNews
2m.ma/api/ Frame
0
0
Preflight
General
Full URL
https://2m.ma/api/getBreakingNews
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
locale
Access-Control-Request-Method
GET
Origin
http://2m.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

allow
GET
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
734d50e3da759b3d-FRA
content-type
text/html; charset=UTF-8
date
Wed, 03 Aug 2022 07:24:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
-1
pragma
no-cache
server
cloudflare
1
2m.ma/mm-weather/get-forecast/ Frame
0
0
Preflight
General
Full URL
https://2m.ma/mm-weather/get-forecast/1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
*/*
Access-Control-Request-Headers
locale,referrer-policy,x-requested-with
Access-Control-Request-Method
POST
Origin
http://2m.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cache-control
no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
734d50e3da779b3d-FRA
content-encoding
gzip
content-language
fr
content-type
text/html; charset=utf-8
date
Wed, 03 Aug 2022 07:24:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sun, 19 Nov 1978 05:00:00 GMT
link
<//www.marocmeteo.ma/fr>; rel="canonical",<//www.marocmeteo.ma/fr>; rel="shortlink"
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-generator
Drupal 7 (https://www.drupal.org)
list
2m.ma/api/grille/ Frame
0
0
Preflight
General
Full URL
https://2m.ma/api/grille/list
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
locale
Access-Control-Request-Method
GET
Origin
http://2m.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

allow
GET
cache-control
private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
734d50e3da789b3d-FRA
content-type
text/html; charset=UTF-8
date
Wed, 03 Aug 2022 07:24:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
-1
pragma
no-cache
server
cloudflare
horaire-api.php
2m.ma/prieres/ Frame
0
0
Preflight
General
Full URL
https://2m.ma/prieres/horaire-api.php?ville=58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
locale
Access-Control-Request-Method
GET
Origin
http://2m.ma
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
734d50e3da7a9b3d-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 03 Aug 2022 07:24:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
fa-regular-400.7a33376.woff2
2m.ma/_nuxt/fonts/
13 KB
13 KB
Font
General
Full URL
http://2m.ma/_nuxt/fonts/fa-regular-400.7a33376.woff2
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca

Request headers

Referer
http://2m.ma/ar
Origin
http://2m.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:51 GMT
CF-Cache-Status
HIT
Last-Modified
Wed, 01 Jun 2022 13:56:20 GMT
Server
cloudflare
Age
2498120
ETag
W/"33a8-1811f8d8fb7"
Vary
Accept-Encoding
Content-Type
font/woff2
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
734d50e39868bba7-FRA
Content-Length
13224
2m.86cf83a.png
2m.ma/_nuxt/img/
5 KB
5 KB
Image
General
Full URL
http://2m.ma/_nuxt/img/2m.86cf83a.png
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9df1486c30794a66038424122c0610a2c0af663fc839fc72caff730a7742d23d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:51 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 27 Jan 2022 14:21:13 GMT
Server
cloudflare
Age
16216738
ETag
W/"1435-17e9be96e10"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
734d50e3bab768ef-FRA
Content-Length
5173
shape.5ab0126.png
2m.ma/_nuxt/img/
4 KB
4 KB
Image
General
Full URL
http://2m.ma/_nuxt/img/shape.5ab0126.png
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
987be6f0e092cb97f4e2218d5035a0f05bf4e25db73992e236ca4b449ee22758

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:51 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 27 Jan 2022 14:21:13 GMT
Server
cloudflare
Age
16216366
ETag
W/"106f-17e9be96e10"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
734d50e3bc70bbd1-FRA
Content-Length
4207
ma.6cbddc5.png
2m.ma/_nuxt/img/
4 KB
5 KB
Image
General
Full URL
http://2m.ma/_nuxt/img/ma.6cbddc5.png
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52a2de38a98b958dd6355e62686e814f62bfbab13fb3f9322cae3e6dc734890d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:51 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 27 Jan 2022 14:21:13 GMT
Server
cloudflare
Age
16217484
ETag
W/"10f9-17e9be96e10"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
734d50e3b88a9231-FRA
Content-Length
4345
logo.d4ee7e1.png
2m.ma/_nuxt/img/
5 KB
5 KB
Image
General
Full URL
http://2m.ma/_nuxt/img/logo.d4ee7e1.png
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f67077d8268ccafcca51f8470505bc37be21930b793b147c1ccb67a1e915818a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:51 GMT
CF-Cache-Status
HIT
Last-Modified
Thu, 27 Jan 2022 13:20:51 GMT
Server
cloudflare
Age
16220754
ETag
W/"12aa-17e9bb227d3"
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
734d50e3bc02995c-FRA
Content-Length
4778
AlFajr.ae83aab.svg
2m.ma/_nuxt/img/
2 KB
1001 B
Image
General
Full URL
http://2m.ma/_nuxt/img/AlFajr.ae83aab.svg
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
201d4e3abf8746820d279061cb6d27c41549e62bea3bdd5d8c97f4030d6e1b42

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:51 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 04 Mar 2022 21:51:34 GMT
Server
cloudflare
Age
13080674
ETag
W/"963-17f56eaac09"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50e3be986949-FRA
Dohour.005700e.svg
2m.ma/_nuxt/img/
2 KB
981 B
Image
General
Full URL
http://2m.ma/_nuxt/img/Dohour.005700e.svg
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6c2fe21a0cdfa248b8ea2419e50c1214c7addd6a91a1ff884011becb1cf9447

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:51 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 01 Jun 2022 13:56:20 GMT
Server
cloudflare
Age
552214
ETag
W/"92c-1811f8d8fb3"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50e3c89cbba7-FRA
Achaa.f3a14b0.svg
2m.ma/_nuxt/img/
2 KB
1021 B
Image
General
Full URL
http://2m.ma/_nuxt/img/Achaa.f3a14b0.svg
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
509667b7aa70dd067288fa173cb8b6623dac009fb394c7b28e4c0b61a0cd981d

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:51 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 04 Mar 2022 21:51:34 GMT
Server
cloudflare
Age
13080674
ETag
W/"996-17f56eaac09"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50e3dc30995c-FRA
Asr.2210455.svg
2m.ma/_nuxt/img/
2 KB
998 B
Image
General
Full URL
http://2m.ma/_nuxt/img/Asr.2210455.svg
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e61d99c36f2231c90f3b761fb13497d5ffd46965f61befcb0928293ece44a881

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:51 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Fri, 04 Mar 2022 21:51:34 GMT
Server
cloudflare
Age
13080553
ETag
W/"954-17f56eaac09"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50e3d8b89231-FRA
rum
2m.ma/cdn-cgi/
0
467 B
XHR
General
Full URL
http://2m.ma/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://2m.ma/ar
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
content-type
application/json

Response headers

Date
Wed, 03 Aug 2022 07:24:51 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cloudflare
X-Frame-Options
DENY
access-control-allow-methods
POST,OPTIONS
Content-Type
text/plain
access-control-allow-origin
http://2m.ma
access-control-max-age
86400
Transfer-Encoding
chunked
Connection
keep-alive
access-control-allow-credentials
true
CF-RAY
734d50e3f8ebbba7-FRA
vary
Origin
atrk.gif
certify.alexametrics.com/
43 B
550 B
Image
General
Full URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&time=1659511491217&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=http%3A%2F%2F2m.ma%2Far&random_number=13047873649&sess_cookie=4921f8ba1826297ca9186088928&sess_cookie_flag=1&user_cookie=4921f8ba1826297ca9186088928&user_cookie_flag=1&dynamic=true&domain=2m.ma&account=EoMPn1QolK10mh&jsv=20130128&user_lang=en-US
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-6.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 05:05:52 GMT
Via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
Last-Modified
Mon, 17 Jan 2011 20:41:40 GMT
Server
AmazonS3
Age
8340
ETag
"221d8352905f2c38b3cb2bd191d630b0"
X-Cache
Hit from cloudfront
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Pop
FRA6-C1
x-amz-meta-alexa-last-modified
20110117123941
Content-Length
43
X-Amz-Cf-Id
P7xgyJGnFMTvsG3wnnCrZhuf1sUFnXKiu2R44LB79xbaYTvH2r6obA==
test.png
b0db77346f8da5bae0c41a8a21ee1914f.profile.hyd50-c1.cloudfront.net/
Redirect Chain
  • http://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
  • http://b0db77346f8da5bae0c41a8a21ee1914f.profile.hyd50-c1.cloudfront.net/test.png
58 B
58 B
Image
General
Full URL
http://b0db77346f8da5bae0c41a8a21ee1914f.profile.hyd50-c1.cloudfront.net/test.png
Protocol
HTTP/1.1
Server
2600:9000:2078:b200:: , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:51 GMT
Via
1.1 a8bfe9092ad5623dd7d816de23b5bf40.cloudfront.net (CloudFront)
Server
CloudFront
X-Cache
RoutingProfileExp from cloudfront
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Connection
keep-alive
Content-Length
58
X-Amz-Cf-Id
9wCSacAhPmRxic3n6kDxAGPzTSSqKb48RswLz0klm89VY8Wj-F7DpA==
Expires
Wed, 03 Aug 2022 07:24:51 GMT

Redirect headers

Access-Control-Allow-Origin
*
Date
Wed, 03 Aug 2022 07:24:51 GMT
Server
Server
Connection
keep-alive
Content-Length
0
Location
http://b0db77346f8da5bae0c41a8a21ee1914f.profile.hyd50-c1.cloudfront.net/test.png
clarity.js
www.clarity.ms/eus-b/s/0.6.36/
52 KB
23 KB
Script
General
Full URL
https://www.clarity.ms/eus-b/s/0.6.36/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9aa85s764a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:27::cafe:1425 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 07:24:51 GMT
content-encoding
br
etag
"1d8a0e15023e426"
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
x-azure-ref
0wyLqYgAAAAAQV3SUR62zTbrNQOr8uSI7TUlMMzBFREdFMDYwOQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges
bytes
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?CtsSyncId=610115A39B9A40BFBDCA932B58EF9D2B&RedC=c.clarity.ms&MXFR=38A114D6EFB86A652C750523EBB8645C
  • https://c.clarity.ms/c.gif?CtsSyncId=610115A39B9A40BFBDCA932B58EF9D2B&MUID=00D4AD84DC9D6F390D7CBC71DDF66E77
42 B
393 B
Image
General
Full URL
https://c.clarity.ms/c.gif?CtsSyncId=610115A39B9A40BFBDCA932B58EF9D2B&MUID=00D4AD84DC9D6F390D7CBC71DDF66E77
Protocol
H2
Server
20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 07:24:51 GMT
last-modified
Thu, 28 Jul 2022 20:41:52 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"82531c78c2a2d81:0"
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 03 Aug 2022 07:24:51 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4E16E97B1F1E4207BE5468F4AFAC18C4 Ref B: FRAEDGE1520 Ref C: 2022-08-03T07:24:51Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?CtsSyncId=610115A39B9A40BFBDCA932B58EF9D2B&MUID=00D4AD84DC9D6F390D7CBC71DDF66E77
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
web
onesignal.com/api/v1/sync/7893e102-f366-416c-86b4-9f7cfbf011bf/
4 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/7893e102-f366-416c-86b4-9f7cfbf011bf/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fc8630caf01d6ff6ef7a2dcb59e46497493e6b880daae8b571cffb056cdcae4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 07:24:51 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
age
871
cf-polished
origSize=3960
status
200 OK
x-envoy-upstream-service-time
55
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
ee4b6430-c68f-4f96-9021-7cfd67c17ab1
x-runtime
0.054074
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"e26bf5746a31304358a4b7a81ffcbc27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
x-download-options
noopen
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
734d50e42f95bb97-FRA
access-control-allow-headers
SDK-Version
expires
Wed, 03 Aug 2022 08:24:51 GMT
settings
syndication.twitter.com/ Frame 9208
513 B
522 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=4b756945decb82e2bee06076c7df2b8062b0547e
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.dc05643fdb8d0e2b89e5cc3c1d26d1b5.html?origin=http%3A%2F%2F2m.ma
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
6bfdae4a96ded74a8b76984a830bba5e90a6a14a529f56ca4a2bf75021fe45fd
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-response-time
110
date
Wed, 03 Aug 2022 07:24:50 GMT
content-encoding
gzip
last-modified
Wed, 03 Aug 2022 07:24:51 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
3b025e284d49e39a25e72dfae681d6c2a74f470b517c72cb37d60a35ec0c61b9
content-length
242
sdk.js
connect.facebook.net/en_US/
297 KB
84 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=34b4062c5cbd171092fa92b49d7e9c71
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6dc6677a280c8c6ec2672ad6e466860ac69ebe05b27b043ee7305bf5b04ac0ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://2m.ma/
Origin
http://2m.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
9uYAvM65HrYiSmF2voWfCw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86399
x-fb-rlafr
0
x-fb-debug
5yt4Zu+4UTF86HOq0OT7oPAoTu+wXgbKMZ4KNihw48GG/16R0Ss20QSD3csHQLuom0giCZ+MjMnpuurD5115CA==
x-fb-content-md5
238156c284a6d0a99a268c8e81c6cf49
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 03 Aug 2022 07:24:51 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"6071e841341f1db40298edee38bc7633"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 03 Aug 2023 05:53:42 GMT
2d3ef3e.js
2m.ma/_nuxt/
8 KB
3 KB
Script
General
Full URL
http://2m.ma/_nuxt/2d3ef3e.js
Requested by
Host: 2m.ma
URL: http://2m.ma/_nuxt/ec1165f.js
Protocol
HTTP/1.1
Server
104.20.13.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b75df9059cf97bb36ca6c22d7ae94da4fda74755cb4f2c48590cb1c7358f5d93

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 03 Aug 2022 07:24:51 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 01 Jun 2022 13:56:20 GMT
Server
cloudflare
Age
3537526
ETag
W/"1e43-1811f8d8fe7"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
734d50e499afbba7-FRA
collect
region1.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JXCE5J40DP&gtm=2oe811&_p=929987378&_z=ccd.v9B&cid=628055240.1659511490&ul=en-us&sr=1600x1200&_s=1&sid=1659511491&sct=1&seg=0&dl=http%3A%2F%2F2m.ma%2Far&dt=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&en=scroll&_fv=1&_ss=1&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JXCE5J40DP&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 07:24:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://2m.ma
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=743692125982251&ev=fb_page_view&dl=http%3A%2F%2F2m.ma%2Far&rl=&if=false&ts=1659511491405&sw=1600&sh=1200&at=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 07:24:51 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Wed, 03 Aug 2022 07:24:51 GMT
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=743692125982251&input_token&origin=1&redirect_uri=http%3A%2F%2F2m.ma%2Far&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=34b4062c5cbd171092fa92b49d7e9c71
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
document-policy
force-load-at-top
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
p2h7MkcxHzNzQSKgjAHhjlD4KFcrMftlLjKKMgBZeOJiFznyCqCseylUmiw+qw1ckDIiXB6Jm1Zmy9vBYkgUJA==
fb-s
unknown
cache-control
private, no-cache, no-store, must-revalidate
date
Wed, 03 Aug 2022 07:24:51 GMT
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://2m.ma
access-control-expose-headers
fb-s
fb-error-description
"This endpoint may only be called from an HTTPS Origin."
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
f.clarity.ms/
0
168 B
XHR
General
Full URL
https://f.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.6.36/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
http://2m.ma/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
http://2m.ma
date
Wed, 03 Aug 2022 07:24:51 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
collect
www.google-analytics.com/
Redirect Chain
  • http://www.google-analytics.com/collect?v=1&_v=j96&a=929987378&t=event&ni=1&_s=2&dl=http%3A%2F%2F2m.ma%2Far&ul=en-us&de=UTF-8&dt=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&sd=24-bit&...
  • https://www.google-analytics.com/collect?v=1&_v=j96&a=929987378&t=event&ni=1&_s=2&dl=http%3A%2F%2F2m.ma%2Far&ul=en-us&de=UTF-8&dt=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&sd=24-bit...
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=929987378&t=event&ni=1&_s=2&dl=http%3A%2F%2F2m.ma%2Far&ul=en-us&de=UTF-8&dt=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1qzo7rf&_u=aHBAAEABAAAAAC~&jid=&gjid=&cid=628055240.1659511490&tid=UA-16439051-2&_gid=191020307.1659511490&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F9aa85s764a%2F122m64g%2F1qzo7rf&z=2021851597
Protocol
H3
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Aug 2022 13:10:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
65649
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://www.google-analytics.com/collect?v=1&_v=j96&a=929987378&t=event&ni=1&_s=2&dl=http%3A%2F%2F2m.ma%2Far&ul=en-us&de=UTF-8&dt=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1qzo7rf&_u=aHBAAEABAAAAAC~&jid=&gjid=&cid=628055240.1659511490&tid=UA-16439051-2&_gid=191020307.1659511490&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F9aa85s764a%2F122m64g%2F1qzo7rf&z=2021851597
Non-Authoritative-Reason
HSTS
Cross-Origin-Resource-Policy
Cross-Origin
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=2m.ma
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 03 Aug 2022 07:24:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=2m.ma
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 03 Aug 2022 07:24:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
537 B
307 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2220272879626600&correlator=200599273407343&eid=31068590%2C44768686&output=ldjh&gdfp_req=1&vrg=2022072702&ptt=17&impl=fifs&iu_parts=6013939%2CHabillage&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=2924196605&sfv=1-0-38&ecs=20220803&fsapi=false&sc=0&cookie_enabled=1&arp=1&abxe=1&dt=1659511492066&lmt=1659511492&dlt=1659511490094&idt=764&adxs=800&adys=200&biw=1600&bih=1200&scr_x=0&scr_y=26&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2F2m.ma%2Far&frm=20&vis=1&psz=1600x-1&msz=0x-1&fws=516&ohw=1600&ga_vid=628055240.1659511490&ga_sid=1659511492&ga_hid=929987378&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
28213fa7bcdf1f07474ed01b6c3a93607a14c78e07aec0b7568280243e27a539
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 07:24:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
277
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://2m.ma
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022072702&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af40e870d8a6cc54e5c6b876a12eef3831cef06ef7f412a414b7f34804f9bcda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 03 Aug 2022 07:24:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10652
x-xss-protection
0
container.html
740bb56547582d625a4a5b83ba8bcbf6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CB2B
0
0

ads
securepubads.g.doubleclick.net/gampad/
417 B
254 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2220272879626600&correlator=200599273407343&eid=31068590%2C44768686&output=ldjh&gdfp_req=1&vrg=2022072702&ptt=17&impl=fifs&iu_parts=6013939%2C970x90%2C250_AR&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=970x90%7C970x250&ifi=2&adks=530718237&sfv=1-0-38&ecs=20220803&fsapi=false&sc=0&cookie_enabled=1&arp=1&abxe=1&dt=1659511492120&lmt=1659511492&dlt=1659511490094&idt=764&adxs=315&adys=188&biw=1600&bih=1200&scr_x=0&scr_y=26&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2F2m.ma%2Far&frm=20&vis=1&psz=1296x0&msz=1272x0&fws=4&ohw=1296&ga_vid=628055240.1659511490&ga_sid=1659511492&ga_hid=929987378&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
a496ccc857176aefe7b0a2af8f8c3327b8cfefef769e8ae5fae18e36b011f350
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 07:24:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
224
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://2m.ma
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
30 KB
12 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2220272879626600&correlator=200599273407343&eid=31068590%2C44768686&output=ldjh&gdfp_req=1&vrg=2022072702&ptt=17&impl=fifs&iu_parts=6013939%2C300x250%2C600_Desk&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250&ifi=3&adks=3714804199&sfv=1-0-38&ecs=20220803&fsapi=false&sc=0&cookie_enabled=1&arp=1&abxe=1&dt=1659511492129&lmt=1659511492&dlt=1659511490094&idt=764&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=26&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&url=http%3A%2F%2F2m.ma%2Far&frm=20&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=628055240.1659511490&ga_sid=1659511492&ga_hid=929987378&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
e95e76f327b0da260c3c931dc5b4e9ca7068e0a6c58288d8f780b48799212a1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 07:24:52 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12614
x-xss-protection
0
google-lineitem-id
5971626863
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138387803733
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://2m.ma
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszOlyFEGOVYPlgmv2bBctDylgLIYcnmsmEyfvpokRq_8cC9-JeJhpygGroy44TRVFonLhzfbYGdwcO0NzjO73OMUGx4U1oBlKCt_8Jy_bbTmMGewDqpzHgCxcme0zi6MNU-mgS3xdbnQ1LmskWuN4aDH2KiD8g6J97K_l-YfnYHScG_Gun1ss5SoH09ckUtTbYlC3_pXFUpl-zdQkOWzQrXXN8sBFXbRZrDMmCE04QCqXz6Ci2Av0_F59PAisrx7z4lDQbDBBEd9vqLvcjEcFn-7biNG66H59abB79GmSlKlb1TZ9iFrva9De6GiAZdQ&sai=AMfl-YRBtTzMLKDV563bXEeOWzOhqog9A5id9srOOeYM0d5CohxfEqYL7NwQMTliAxal4eOUtK09C8FmqnT0FRk2ZwutckBq9z6Shh0PQtKBtgYS7ee9efTsy_KQ5-LUFH8&sig=Cg0ArKJSzL9t4oVryFCTEAE&uach_m=[UACH]&adurl=
Requested by
Host: 2m.ma
URL: http://2m.ma/ar
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 03 Aug 2022 07:24:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 03 Aug 2022 07:24:52 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220728/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 06:57:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1634
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 17 Aug 2022 06:57:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/
139 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92aaa12adb4161114f57fe1c38584f80895525c642d8778be4d5b2d68fcab715
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://2m.ma/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 03 Aug 2022 07:24:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43813
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659353321385471"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 03 Aug 2022 07:24:52 GMT
l
www.google.com/ads/measurement/
0
0
Image
General
Full URL
http://www.google.com/ads/measurement/l?ebcid=ALh7CaSnHTr7YTRShPeTokToZj1KlZM9et5ZU553PY4DR6a82eeb21idanQH4t76QGsjX_t4FSDR42Em1FqIxqCa1RT4GhLABA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

10745100394004546615
tpc.googlesyndication.com/simgad/
109 KB
109 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/10745100394004546615
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b064a5bea910926258f15bd96833f0845731236308e01ca13730c5217e0c40b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 31 Jul 2022 10:30:00 GMT
x-content-type-options
nosniff
age
248092
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111383
x-xss-protection
0
last-modified
Fri, 08 Apr 2022 11:17:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 31 Jul 2023 10:30:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 07:24:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 03 Aug 2022 07:24:52 GMT
view
securepubads.g.doubleclick.net/pcs/
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszp6r5zxX2VGPbCQ51vKcqdne8G5f-J8wUqx7tqMejVvIeCO_fEEXC9-elZsZuVWcWzGPhv76bnMrnt237hheB0tcDsdDeyBu_Iodh3QYnEZG3eLXaQkTJovKwwfcWyJV48MTTmZxM_Fyqh1uq_4f096_6qFfoRs3hUvjWdBl515_slbA5ly9SXu_R76XYZQi59q8H5zDVxweutx8pnJrAZ_8fVV0ForAj1clUXpWj084Ra654hFVxFASJ-07MobjT8QwUzNph8o5_v8IKxQaVT63Y_ZlS2Ui2aOdTt_4G3vdU_Stk-vpIvar-7Wpq5KyN&sai=AMfl-YQ_o7-T9j-ffBic1tPn83abAYKg4uXRSM594NXa1X5xfBwxH230h14cLfeX5R47M9dmBDzm0kSort3KJyaSmx9PjHNv4ed4eah2l12fdq1ZCPJuYq3rKELdZ3fSTUs&sig=Cg0ArKJSzAcBa4oOAzgsEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 03 Aug 2022 07:24:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Wed, 03 Aug 2022 07:24:52 GMT
truncated
/
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01785ab22125b443b82b41838b013a5e77891a4259a9161fed6ea744ab596957

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F5FE
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://2m.ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
546
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 03 Aug 2022 07:15:46 GMT
expires
Thu, 03 Aug 2023 07:15:46 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C942
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1d8d982b039f47f314531c9b4eb362c0803b4aea0446746c3b403b817929f738
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eXHULENvQPGnJ40B1e--pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://2m.ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-eXHULENvQPGnJ40B1e--pg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 03 Aug 2022 07:24:52 GMT
expires
Wed, 03 Aug 2022 07:24:52 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
f.clarity.ms/
0
48 B
XHR
General
Full URL
https://f.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.6.36/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
http://2m.ma/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
http://2m.ma
date
Wed, 03 Aug 2022 07:24:52 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
sodar
pagead2.googlesyndication.com/pagead/ Frame C942
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022072702&jk=2220272879626600&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
pagead2.googlesyndication.com/bg/ Frame F5FE
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/zRsni2KaYpGlbzf8qPigYhDu91QLoFuK7JLW1IaqgGI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 07:00:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
1459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14002
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 12:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 03 Aug 2023 07:00:33 GMT
generate_204
tpc.googlesyndication.com/ Frame F5FE
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?ULnBSg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 07:24:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022072702&jk=2220272879626600&bg=!bG-lbyvNAAacadVKvGk7ACkAdvg8WgQJ5mw_frqB4jrt-uShb_5KV8Ts3t0cLpjK61G0nkEAZb7SyAIAAABcUgAAAANoAQeZAowgltmu9O1D-RfbYLMQ5yx4Zoav6duogHymrOIlvGHdmfFfQGdBnx_53hinbB9sDwgaeiUsX3lzQm1afu78pRrJhG-KbfPCyllA0ZdR7ESHYqGAxD9QE15SDXah-RW9PIUFJHWwjXLWJcok7eCcVFvwjHc8cunwDBI108RreiwgBcVh07i0_MW2ceTDEyr41RNPJpYJbRD2nFenh-haMmQ1pB5qvK9v1Ve6tP9Y1Mlw27C1HUI9g7X-Zf3JXRina3FX273mLWybHEPkeCsR14iANAG5GOAg6XD_KGZT_IgtyjbsBg3YQo_uQ6beaIuDIbfWUnxd210_GTXyyO1-jnjONTeTUPJbRI8Gtc6575dRUbmdldSgP_XOWcJq6YWBX_08drMX7wdsE97ck_CZUKkBecBeF8GnL6GET6mhYR31s60q3BuGb4kFOx_OM0oG9KvTV3ILpCMLA_EFDKE0xYIXBSTvY1dIlG4z8LAsabAdhn0SrWn2Wd6jZMRYso1F07t-ST1LlvOjdF_Em95X0vNtcRnJL1U09G1EEiDWWOrVmOjJF1PaaZxgfMwdRUexsc9_3URoXdCQ3YeZu9WqIny_qFNi_DrjrW9VBUsIiocijdBK_GROZ_pDh03EVk4zI9iiEPfkMxNbdbmt7qtt76Q-Hz9J1VT7CfnTLMEp_Y4r-V1KyEfUAX3XtXs_Obb-wlTvK_ZYefKG_N-pYyrkePSWbyo5bNUkt-s7-ksk542PQSfztnYrZhI5X-HWhsJVkt8wh50UJB42j9G-X43M-ZLCj9XySRSb6iP4Qww3ZHRapoy-j2sTyk7q5h4j0e9rj0ZOZNhL-SFH58LwogZsZMZbc4B256aKif4dopdc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNRAylt6CX3dnE4QGoCekBulxRxpVww1tEUK1pNYYDrrW2Gm6bMkrSwt1dBabaS3d6TYv-DRwQSZX6yd3_0nDmBQ9IsR8vf2UEOA2ZyrJvDCB-g06w&sig=Cg0ArKJSzKvV2QPOX2gHEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220801&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3714804199&rs=4&la=0&cr=0&vs=4&r=v&rst=1659511489751&rpt=2698&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 07:24:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
f.clarity.ms/
0
48 B
XHR
General
Full URL
https://f.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus-b/s/0.6.36/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
http://2m.ma/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
http://2m.ma
date
Wed, 03 Aug 2022 07:24:54 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
collect
region1.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-G6GJSC0FFM&gtm=2oe811&_p=929987378&_z=ccd.v9B&cid=628055240.1659511490&ul=en-us&sr=1600x1200&_s=2&sid=1659511490&sct=1&seg=0&dl=http%3A%2F%2F2m.ma%2Far&dt=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&en=scroll&epn.percent_scrolled=90&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G6GJSC0FFM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Aug 2022 07:24:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://2m.ma
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
2m.ma
URL
https://2m.ma/api/get-iframe
Domain
2m.ma
URL
https://2m.ma/api/getSliderSection
Domain
2m.ma
URL
https://2m.ma/api/getHotTopics
Domain
2m.ma
URL
https://2m.ma/api/articlesrecent
Domain
2m.ma
URL
https://2m.ma/api/getDossierSpecial
Domain
2m.ma
URL
https://2m.ma/api/getListEmissions
Domain
2m.ma
URL
https://2m.ma/api/getListJT
Domain
2m.ma
URL
https://2m.ma/api/getSectionUne
Domain
2m.ma
URL
https://2m.ma/api/mostViewed
Domain
2m.ma
URL
https://2m.ma/api/getmastertags
Domain
2m.ma
URL
https://2m.ma/api/articlesrecent-paginated/0
Domain
2m.ma
URL
https://2m.ma/api/getLiveSection
Domain
2m.ma
URL
https://2m.ma/api/getmastertags
Domain
2m.ma
URL
https://2m.ma/api/getBreakingNews
Domain
2m.ma
URL
https://2m.ma/mm-weather/get-forecast/1
Domain
2m.ma
URL
https://2m.ma/api/grille/list
Domain
2m.ma
URL
https://2m.ma/prieres/horaire-api.php?ville=58
Domain
740bb56547582d625a4a5b83ba8bcbf6.safeframe.googlesyndication.com
URL
https://740bb56547582d625a4a5b83ba8bcbf6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| Eager object| CloudflareApps string| GoogleAnalyticsObject function| ga object| __cfQR object| __cfBeacon object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| googletagSetup object| googletag object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| google_tag_manager object| dataLayer object| __twttrll object| twttr object| __twttr function| gtag function| onYouTubeIframeAPIReady function| clarity function| OneSignal object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google number| blockedPercentForAddtlConsent number| numberBetweenZeroAndOne boolean| isBlockingAddtlConsent object| sas boolean| sas_usePostStandard boolean| sas_blockAddtlConsent object| ID5 function| SasIabApi number| intervalCounterNumberCMP V2 number| intervalCounterNumberCCPA object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode object| _atrk_opts object| __NUXT__ object| AMP boolean| __cfRLUnblockHandlers object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| vttjs function| WebVTT function| Hammer object| $nuxt function| fbAsyncInit function| atrk boolean| _atrk_fired number| __oneSignalSdkLoadCount function| __jp0 number| uidEvent object| FB object| __buffer object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id string| jscVersion object| google_casm function| su object| dicnf object| viewReq function| vu function| init_ssb function| accbk function| xy function| ss function| st function| ha function| ia function| ja object| GoogleGcLKhOms object| window_focus_for_click number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ object| google_image_requests

16 Cookies

Domain/Path Name / Value
.2m.ma/ Name: _gid
Value: GA1.2.191020307.1659511490
.2m.ma/ Name: _gat
Value: 1
.2m.ma/ Name: _ga_G6GJSC0FFM
Value: GS1.1.1659511490.1.0.1659511490.0
.2m.ma/ Name: _ga
Value: GA1.1.628055240.1659511490
www.clarity.ms/ Name: CLID
Value: 03067e4566c5464883b11e6c37fdc7a4.20220803.20230803
.2m.ma/ Name: __asc
Value: 4921f8ba1826297ca9186088928
.2m.ma/ Name: __auc
Value: 4921f8ba1826297ca9186088928
.2m.ma/ Name: _clck
Value: 122m64g|1|f3p|0
.2m.ma/ Name: _ga_JXCE5J40DP
Value: GS1.1.1659511491.1.0.1659511491.0
.c.bing.com/ Name: SRM_B
Value: 00D4AD84DC9D6F390D7CBC71DDF66E77
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 00D4AD84DC9D6F390D7CBC71DDF66E77
.c.clarity.ms/ Name: ANONCHK
Value: 0
.2m.ma/ Name: _clsk
Value: 1qzo7rf|1659511492043|1|1|f.clarity.ms/collect
.2m.ma/ Name: __gads
Value: ID=3e513525b580ce77-22817d20e4cd0029:T=1659511492:S=ALNI_MZcJG0yEhEiYLg_77bfIDALzSJMaw
.doubleclick.net/ Name: IDE
Value: AHWqTUlp3ct6IXvrChCEVcMbt6e6QZjsWM9oSyZVmDxk-46Zj28H9aEobFgKDuDBjJA

44 Console Messages

Source Level URL
Text
javascript error URL: http://2m.ma/_nuxt/874dac9.js(Line 1)
Message:
Refused to set unsafe header "sec-ch-ua"
javascript error URL: http://2m.ma/_nuxt/874dac9.js(Line 1)
Message:
Refused to set unsafe header "sec-ch-ua-mobile"
javascript error URL: http://2m.ma/_nuxt/874dac9.js(Line 1)
Message:
Refused to set unsafe header "sec-ch-ua-platform"
javascript error URL: http://2m.ma/_nuxt/874dac9.js(Line 1)
Message:
Refused to set unsafe header "sec-fetch-dest"
javascript error URL: http://2m.ma/_nuxt/874dac9.js(Line 1)
Message:
Refused to set unsafe header "sec-fetch-mode"
javascript error URL: http://2m.ma/_nuxt/874dac9.js(Line 1)
Message:
Refused to set unsafe header "sec-fetch-site"
javascript error URL: http://2m.ma/_nuxt/874dac9.js(Line 1)
Message:
Refused to set unsafe header "cookie"
javascript error URL: http://2m.ma/_nuxt/874dac9.js(Line 1)
Message:
Refused to set unsafe header "Referer"
javascript error URL: http://2m.ma/ar
Message:
Access to XMLHttpRequest at 'https://2m.ma/api/articlesrecent' from origin 'http://2m.ma' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://2m.ma/api/articlesrecent
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://2m.ma/ar
Message:
Access to XMLHttpRequest at 'https://2m.ma/api/getHotTopics' from origin 'http://2m.ma' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://2m.ma/api/getHotTopics
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://2m.ma/ar
Message:
Access to XMLHttpRequest at 'https://2m.ma/api/getDossierSpecial' from origin 'http://2m.ma' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://2m.ma/api/getDossierSpecial
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://2m.ma/ar
Message:
Access to XMLHttpRequest at 'https://2m.ma/api/getListJT' from origin 'http://2m.ma' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://2m.ma/api/getListJT
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://2m.ma/ar
Message:
Access to XMLHttpRequest at 'https://2m.ma/api/getSliderSection' from origin 'http://2m.ma' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://2m.ma/api/getSliderSection
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://2m.ma/ar
Message:
Access to XMLHttpRequest at 'https://2m.ma/api/mostViewed' from origin 'http://2m.ma' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://2m.ma/api/mostViewed
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://2m.ma/ar
Message:
Access to XMLHttpRequest at 'https://2m.ma/api/getBreakingNews' from origin 'http://2m.ma' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://2m.ma/api/getBreakingNews
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://2m.ma/ar
Message:
Access to XMLHttpRequest at 'https://2m.ma/api/get-iframe' from origin 'http://2m.ma' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://2m.ma/api/get-iframe
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://2m.ma/ar
Message:
Access to XMLHttpRequest at 'https://2m.ma/api/articlesrecent-paginated/0' from origin 'http://2m.ma' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://2m.ma/api/articlesrecent-paginated/0
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://2m.ma/ar
Message:
Access to XMLHttpRequest at 'https://2m.ma/api/getListEmissions' from origin 'http://2m.ma' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://2m.ma/api/getListEmissions
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://2m.ma/ar
Message:
Access to XMLHttpRequest at 'https://2m.ma/api/grille/list' from origin 'http://2m.ma' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://2m.ma/api/grille/list
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://2m.ma/ar
Message:
Access to XMLHttpRequest at 'https://2m.ma/api/getLiveSection' from origin 'http://2m.ma' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://2m.ma/api/getLiveSection
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://2m.ma/ar
Message:
Access to XMLHttpRequest at 'https://2m.ma/api/getSectionUne' from origin 'http://2m.ma' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://2m.ma/api/getSectionUne
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://2m.ma/ar
Message:
Access to XMLHttpRequest at 'https://2m.ma/api/getmastertags' from origin 'http://2m.ma' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://2m.ma/api/getmastertags
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://2m.ma/ar
Message:
Access to XMLHttpRequest at 'https://2m.ma/api/getmastertags' from origin 'http://2m.ma' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://2m.ma/api/getmastertags
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://2m.ma/ar
Message:
Access to XMLHttpRequest at 'https://2m.ma/mm-weather/get-forecast/1' from origin 'http://2m.ma' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://2m.ma/mm-weather/get-forecast/1
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: http://2m.ma/ar
Message:
Access to XMLHttpRequest at 'https://2m.ma/prieres/horaire-api.php?ville=58' from origin 'http://2m.ma' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://2m.ma/prieres/horaire-api.php?ville=58
Message:
Failed to load resource: net::ERR_FAILED
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022072702.js(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2m.ma
740bb56547582d625a4a5b83ba8bcbf6.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
b0db77346f8da5bae0c41a8a21ee1914f.profile.hyd50-c1.cloudfront.net
c.bing.com
c.clarity.ms
cdn.ampproject.org
cdn.onesignal.com
ced.sascdn.com
certify-js.alexametrics.com
certify.alexametrics.com
connect.facebook.net
f.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
id5-sync.com
imasdk.googleapis.com
onesignal.com
pagead2.googlesyndication.com
platform.twitter.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
region1.google-analytics.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
2m.ma
740bb56547582d625a4a5b83ba8bcbf6.safeframe.googlesyndication.com
104.20.13.136
104.244.42.72
141.95.98.71
142.250.186.162
2.18.79.133
20.234.93.27
20.84.22.197
2001:4860:4802:32::36
2600:1f16:bc:1202:6477:d5d3:5ea1:4c
2600:9000:2078:b200::
2606:2800:234:59:254c:406:2366:268c
2606:4700:440e::ac40:9c1a
2606:4700::6812:e234
2620:1ec:27::cafe:1425
2620:1ec:c11::200
2a00:1450:4001:806::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2001
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c06::9c
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f11c:8183:face:b00c:0:25de
99.86.4.6
99.86.4.90
0140437ec6cb29bc6ac6f8505f05f11603a430298e48c1ea483f7de390ba34a9
01785ab22125b443b82b41838b013a5e77891a4259a9161fed6ea744ab596957
0b064a5bea910926258f15bd96833f0845731236308e01ca13730c5217e0c40b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
138364753b8d31982576a0a268036891460813f57097fe4dc87272d9d8ef83d6
19297d0d24ad777c2059c8aa8f247d2623ed4416bebc5d283bcc6c7f579e1dbc
1d8d982b039f47f314531c9b4eb362c0803b4aea0446746c3b403b817929f738
1f56c2984babee36c5008ae3290384e27a63931814265ffe8ddda6a2fc38b41e
201d4e3abf8746820d279061cb6d27c41549e62bea3bdd5d8c97f4030d6e1b42
2375b57c1cb259fd0b19cee2063a62722c4b33e3e8e34f9bc167ace4cc2b732f
28213fa7bcdf1f07474ed01b6c3a93607a14c78e07aec0b7568280243e27a539
28408c328d2ca123c9deeafcb35c7347162f701cb3390138f14dec1d45aae1fb
2a92ea12d9a962a7dabc765f17bb662a6911774ed46c67fc7cc8d1de081e66fa
328cc866bbd43a73f3742f59aca4df9e04bf14354d8847461f6641279326de63
3d51f6bfc2c1d38c373d5ac07ae03439244c9cbc30a7e891a70af946df59a59e
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
45797994ca30e45d9f45dd8570b5713fdd22026b045b40128668bd973e0861e3
509667b7aa70dd067288fa173cb8b6623dac009fb394c7b28e4c0b61a0cd981d
52a2de38a98b958dd6355e62686e814f62bfbab13fb3f9322cae3e6dc734890d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569f0615d7b0e6cb50dcf3ea74ce5eaddd77fa8de79d5953db9738b36806f4df
590244eb05753e9d7bec9f818b65900a6e32b8723af4dca2f28e1ea9a5a449a6
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6480ae594ba586637bd0785ff4ea29dbd1c429e7f17d178293da414de7e64b98
6623f704ce7f401c4e0661a2a65ecd586845f75d2c8e0d221ce4d22bdb573ad5
6690a774ec527ff68616d91338a7a87c55a4aedceecbdd072e07b59dc9068569
687548f29975be7facf99d7aeb61312d8b9844992f2b28cff647f3ed85d3771c
689da25c68fd5ff7846bae7fb2e7818bb6e3d3ecc9a1d36b03e04e8044c4e782
69d23b0cb5f1756d251e0656590879b0bd9d1ec54a00df9035c572b931ada918
6bfdae4a96ded74a8b76984a830bba5e90a6a14a529f56ca4a2bf75021fe45fd
6c0cb57b800559bcf53c0118f1e36e00ffacec365ee6e61331377e20206609b1
6cda9d03d33bbac9d4dd9d2c3d826f89f4ed2e9961e4eb7d66b02c14eb49662c
6dc6677a280c8c6ec2672ad6e466860ac69ebe05b27b043ee7305bf5b04ac0ef
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
754fd98d3054bdb1ab20e0c5056e125b2ddc0f14992c2e8fbb12b5a0cd212d03
7fa38979b260b8046863afde7f5ed8c57cb43513b46129c1c33464d34ea6085b
7fc8630caf01d6ff6ef7a2dcb59e46497493e6b880daae8b571cffb056cdcae4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84ec4d46a42112e855a36f2f59b40897451ad769a6ae92385f1dacf467dfc9c1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
92aaa12adb4161114f57fe1c38584f80895525c642d8778be4d5b2d68fcab715
95eae15d7baf329b83317e474e831c0e25c4955d0891587cc504d712b5fd2d0f
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
987be6f0e092cb97f4e2218d5035a0f05bf4e25db73992e236ca4b449ee22758
99a4f2a0204fba9482eff0593850b915f6dd2244eb824477be07e4ae085eb1b9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9df1486c30794a66038424122c0610a2c0af663fc839fc72caff730a7742d23d
9efa7519fa43bce81efcb0f8546be490d37b3c6a3ec0075a043eef7e6c174c80
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a407bad2c5c1c6331c406392e74465bca0603fb1040b476e6592fe6fd4a56faf
a496ccc857176aefe7b0a2af8f8c3327b8cfefef769e8ae5fae18e36b011f350
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a60a65a52594c2ee976d3373d07164a273e38e177d2b31083205bf16ceab7473
a7a63627b417398685d3500b562ffe8b8c1af06304ee1c5d7a6317c6ef5f1358
aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af40e870d8a6cc54e5c6b876a12eef3831cef06ef7f412a414b7f34804f9bcda
b081f7bf790678b56a2c0502651d6873cbabc09e78fe40655df15f918b1e369b
b5be156f9cde38883afd665485913b489b111b2d41029fa6dcba35779564e8e8
b75df9059cf97bb36ca6c22d7ae94da4fda74755cb4f2c48590cb1c7358f5d93
ba257ab6608042d4589dfce1ff28a7a2f76f40696736bc7feb44a886506dc2e6
c2ab92ccf8fd412f9942d0e0975f688cedc6ddfd22d0dfa91a6abc11624ff8eb
ca078a47ab231ffad9ce0ce64a650d66065ca7863954ea32bbdf8115e94d04a9
ca97e1686c3f874301196bb1c8f4884531dd38a5d11615d566186b5dc86aef4b
ccaf59e06eb4f607fdedb30b166d8ab31ae2f92eaf4a2f998504204f1a2bf526
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd1b278b629a6291a56f37fca8f8a06210eef7540ba05b8aec92d6d486aa8062
d086443d95d33389d50664587fdfc152b8c5c3aff3c2e46223b212491d4776df
d2552b5a5b1d8d9b480866377443816318a135709b83b2e4009219d6dd082fcb
de8f431c146ab1feb612cb7ced0842ae5c4e2f12067d13db0badeca73977200b
dffe7d16ad8a596271f7e615fb9790fb5657db671c445edf775601e87690edef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fb9bbd6d2f847fdca40675c3e1e3276fdee5c4f1cca6b2306009adada1f504
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
e61d99c36f2231c90f3b761fb13497d5ffd46965f61befcb0928293ece44a881
e8aff6a8426e2182081c0e696ff05c3b10eeb43716fe56bbc9f8b3b3069c6736
e95e76f327b0da260c3c931dc5b4e9ca7068e0a6c58288d8f780b48799212a1f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4b42c44edc5205c62d2da94f0a96f7eecda84d398b53b0b591e897faac6d6da
f67077d8268ccafcca51f8470505bc37be21930b793b147c1ccb67a1e915818a
f6c2fe21a0cdfa248b8ea2419e50c1214c7addd6a91a1ff884011becb1cf9447
f8a861b8d6ba109b0595502cd595b1b7e7ab6cc78ac7f7777414b1201618cea7
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ffdfc591d8628204b0fdbf242ea0a460fb9de5d7201b700e2d5a026759dbd63d