Submitted URL: https://kellyclarksonkcn1.blogspot.com/
Effective URL: https://2m.ma/ar/
Submission Tags: falconsandbox
Submission: On February 18 via api from US — Scanned from DE

Summary

This website contacted 38 IPs in 8 countries across 27 domains to perform 128 HTTP transactions. The main IP is 104.20.14.136, located in and belongs to CLOUDFLARENET, US. The main domain is 2m.ma.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2022. Valid for: a year.
This is the only time 2m.ma was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
1 1 69.163.198.49 26347 (DREAMHOST-AS)
1 53 104.20.14.136 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 5.196.111.64 16276 (OVH)
1 2.18.79.142 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:2800:234... 15133 (EDGECAST)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:402... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
2 2620:1ec:4f:1... 8075 (MICROSOFT...)
1 162.19.138.119 16276 (OVH)
1 108.138.17.48 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 104.244.42.72 13414 (TWITTER)
1 2600:1f13:57e... 16509 (AMAZON-02)
1 2 20.205.115.81 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f11... 32934 (FACEBOOK)
3 52.167.85.21 8075 (MICROSOFT...)
1 51.178.93.105 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 142.250.180.226 15169 (GOOGLE)
3 2.18.37.133 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
128 38
Apex Domain
Subdomains
Transfer
53 2m.ma
2m.ma
973 KB
12 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
1068e58d273be72f538636020ec3ce41.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 137
77 KB
8 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 186
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313
155 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1167
c.clarity.ms — Cisco Umbrella Rank: 1651
i.clarity.ms — Cisco Umbrella Rank: 7737
22 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
region1.google-analytics.com — Cisco Umbrella Rank: 2506
40 KB
4 gstatic.com
fonts.gstatic.com
38 KB
4 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 3409
onesignal.com — Cisco Umbrella Rank: 1343
82 KB
3 moatads.com
z.moatads.com — Cisco Umbrella Rank: 436
px.moatads.com — Cisco Umbrella Rank: 506
106 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 72
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
227 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 735
syndication.twitter.com — Cisco Umbrella Rank: 1007
132 KB
3 sascdn.com
r.sascdn.com — Cisco Umbrella Rank: 211962
ced.sascdn.com — Cisco Umbrella Rank: 9576
33 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
185 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
87 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6232
adservice.google.de — Cisco Umbrella Rank: 9006
939 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 183
75 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
imasdk.googleapis.com — Cisco Umbrella Rank: 423
124 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 270
50 KB
1 habous.gov.ma
www.habous.gov.ma
3 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 241
743 B
1 a2z.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
48 B
1 alexametrics.com
certify-js.alexametrics.com — Cisco Umbrella Rank: 13160
certify.alexametrics.com Failed
2 KB
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 396
615 B
1 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 357
32 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 929
6 KB
1 malhomkhoua.com
malhomkhoua.com
196 B
1 blogspot.com
kellyclarksonkcn1.blogspot.com
15 KB
128 27
Domain Requested by
53 2m.ma 1 redirects kellyclarksonkcn1.blogspot.com
2m.ma
static.cloudflareinsights.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
kellyclarksonkcn1.blogspot.com
4 fonts.gstatic.com fonts.googleapis.com
4 www.google-analytics.com 2m.ma
www.google-analytics.com
3 i.clarity.ms www.clarity.ms
3 region1.google-analytics.com www.googletagmanager.com
3 www.googletagmanager.com 2m.ma
www.googletagmanager.com
2 px.moatads.com
2 www.facebook.com connect.facebook.net
2 c.clarity.ms 1 redirects
2 onesignal.com cdn.onesignal.com
2 connect.facebook.net 2m.ma
connect.facebook.net
2 www.clarity.ms 2m.ma
www.clarity.ms
2 www.google.com tpc.googlesyndication.com
2 www.googletagservices.com 2m.ma
securepubads.g.doubleclick.net
2 platform.twitter.com 2m.ma
platform.twitter.com
2 cdn.onesignal.com 2m.ma
cdn.onesignal.com
2 r.sascdn.com 2m.ma
1 s0.2mdn.net securepubads.g.doubleclick.net
1 z.moatads.com kellyclarksonkcn1.blogspot.com
1 googleads4.g.doubleclick.net kellyclarksonkcn1.blogspot.com
1 1068e58d273be72f538636020ec3ce41.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 www.habous.gov.ma
1 c.bing.com 1 redirects
1 redirect.prod.experiment.routing.cloudfront.aws.a2z.com
1 syndication.twitter.com platform.twitter.com
1 certify-js.alexametrics.com 2m.ma
1 id5-sync.com ced.sascdn.com
1 www.google.de
1 stats.g.doubleclick.net www.google-analytics.com
1 imasdk.googleapis.com 2m.ma
1 ced.sascdn.com 2m.ma
1 cdn.ampproject.org 2m.ma
1 static.cloudflareinsights.com 2m.ma
1 fonts.googleapis.com 2m.ma
1 malhomkhoua.com 1 redirects
1 kellyclarksonkcn1.blogspot.com
0 certify.alexametrics.com Failed
128 42
Subject Issuer Validity Valid
misc-sni.blogspot.com
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-07-05 -
2023-07-04
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
*.sascdn.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-02-28 -
2023-02-28
a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1
2022-10-06 -
2023-11-06
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
www.google.com
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
www.google.de
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2022-12-01 -
2023-12-01
a year crt.sh
*.id5-sync.com
R3
2023-01-25 -
2023-04-25
3 months crt.sh
certify-js.alexametrics.com
Amazon
2022-05-30 -
2023-06-27
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2022-11-27 -
2023-02-25
3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-03-07 -
2023-03-06
a year crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com
Amazon RSA 2048 M01
2023-02-09 -
2023-10-12
8 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 02
2022-06-07 -
2023-06-02
a year crt.sh
habous.gov.ma
Sectigo RSA Domain Validation Secure Server CA
2022-12-13 -
2023-12-13
a year crt.sh
*.google.de
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
*.google.com
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-16 -
2023-11-18
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-02-01 -
2023-04-26
3 months crt.sh

This page contains 7 frames:

Primary Page: https://2m.ma/ar/
Frame ID: 44CF4D0B16FA0137EDFA035231C9C02F
Requests: 119 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2F2m.ma
Frame ID: 5150BC6F46677896BDF179B7663A2D7F
Requests: 2 HTTP requests in this frame

Frame: https://1068e58d273be72f538636020ec3ce41.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0C7E4E0E928A66BAF0581DF72B1A7848
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BEFA2E5399135F73B6E99FF5E6A6F448
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C7C3527A109339F37E63FC1E58D6300F
Requests: 2 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuAVOxWV_x6_XCIGE6IW61ix3PPNBmRmCJjr9LpuWWn4JmxeyPpoTdtmmqLiYC6V51l82aSWXNcH6fLrFt1_2X_7k4XbBWZj0XbwlZlRUB7pGSE-V2yPFpiZ4H0-vzbtDpPTat_fFKTui0Ck7yqWQfq_6Sj3-kx8P51m7GV4HBQLUMhuy6EuFYYERkJPSAhE5xlwvnqOlZYK_4KFeaj1XzeR8ami0zd_ngnRMpAs9sag_sOZVM8cB0KXy6uYTBxaDlJQaP_E3iQCaccu3wSU_-vUBoROUKwsgv3Ae73JkDPvPg_R9QRlJ8zytgh6p_VPaa2go8QSrUFH28Wz7jV4xSY_Cja406B2RyUeWIMFHh2Pjknk-E4N7HimNGXirgORwyP5zQ0&sai=AMfl-YTiNT30aJTgM_U6aM2ipjDOJGKRKH6qw3uS4pEl576cMYtBYj9ZveCeoFtEnZUg0_g7WFSwHM-OR3UT1vJ5cKgMrTSWndmY57sYYmcD8CozqX0mGT5SLjWEL7arUw&sig=Cg0ArKJSzI8aB5A6By5CEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 06E05BF4F3421F9118C7AFF2E442F01B
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 39C95B4F3CEB9EB39E9AB549490E81F5
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

2M - الرئيسيةHoraire de priere

Page URL History Show full URLs

  1. https://kellyclarksonkcn1.blogspot.com/ Page URL
  2. https://malhomkhoua.com/DQR/728M74W63UP0KCN1/ HTTP 302
    https://2m.ma/ HTTP 302
    https://2m.ma/ar/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

128
Requests

98 %
HTTPS

69 %
IPv6

27
Domains

42
Subdomains

38
IPs

8
Countries

2281 kB
Transfer

6947 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://kellyclarksonkcn1.blogspot.com/ Page URL
  2. https://malhomkhoua.com/DQR/728M74W63UP0KCN1/ HTTP 302
    https://2m.ma/ HTTP 302
    https://2m.ma/ar/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 95
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4EE9A398E8404D4EB8A52D0B9FFE40EA&RedC=c.clarity.ms&MXFR=1FC52CCCD397600128883E70D7976E0A HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4EE9A398E8404D4EB8A52D0B9FFE40EA&MUID=3D30C7FFDE986857128AD543DFF369DB

128 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
kellyclarksonkcn1.blogspot.com/
64 KB
15 KB
Document
General
Full URL
https://kellyclarksonkcn1.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
gzip
content-length
14580
content-type
text/html; charset=UTF-8
date
Sat, 18 Feb 2023 07:21:19 GMT
etag
W/"e1714b1e083472330527fa79f55d35843e1df33f91f580d8f28f3768939581a6"
expires
Sat, 18 Feb 2023 07:21:19 GMT
last-modified
Sat, 18 Feb 2023 07:18:18 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Primary Request /
2m.ma/ar/
Redirect Chain
  • https://malhomkhoua.com/DQR/728M74W63UP0KCN1/
  • https://2m.ma/
  • https://2m.ma/ar/
339 KB
57 KB
Document
General
Full URL
https://2m.ma/ar/
Requested by
Host: kellyclarksonkcn1.blogspot.com
URL: https://kellyclarksonkcn1.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d49c1aadeb209f9d35412088af5b253c466235ff08fed6903388f5fd635c732d

Request headers

Referer
https://kellyclarksonkcn1.blogspot.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79b50162bba3bb38-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 18 Feb 2023 07:21:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4OOxS8G0sPNEX%2BljajiQcFeBq9nRejcxwWD2fnKZdGxkEWLtnl0HStpcVrvJ3J44408EiWPO8GfcURD1FsGOEOXanj2tMNcgAA2rhF3T2Y0QktqM44sFiw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
79b501621ad0bb38-FRA
date
Sat, 18 Feb 2023 07:21:21 GMT
location
/ar/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZxwKcsOlZCVIEVyTIjYOSALAMwin099FhJfOV2E%2BAlOCn7jqlQfz8bQ%2Ff2LFtGNrRhW7Qg8Lpbev6V7QkWM7ZdsIed0iYI71VRnEEm6vB68gGDbNHYpv8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vSC4oVFecTkvtww2xzzNkkv_C9Q.js
2m.ma/cdn-cgi/apps/head/
6 KB
3 KB
Script
General
Full URL
https://2m.ma/cdn-cgi/apps/head/vSC4oVFecTkvtww2xzzNkkv_C9Q.js
Requested by
Host: 2m.ma
URL: https://2m.ma/ar/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
569f0615d7b0e6cb50dcf3ea74ce5eaddd77fa8de79d5953db9738b36806f4df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
x-amz-version-id
4HHJdEJ.JxixMocvJZ1cXxy6vjd4PQrN
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
P1VB7R21K04J67YK
age
20733636
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
nBoKMUs9bFbozZrudf5v1dgh5q/wUXphnPx3tVcoK+PGYkssrCSe+4RC2zz4cAIdPHcJwqF4W4Q=
last-modified
Mon, 24 Jul 2017 18:55:15 GMT
server
cloudflare
etag
W/"c0c26b2684deb69268c2bfdfc6f204af"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V1dRplzkG%2FcRR4ETiDsVQjAjHuMgTLSBI%2B4PLDeR6rMKempt9q7DbfYMLHQuNg%2F%2Fjv20PJvtJT5CNs0GsdUhG6aEJaSkLtEvkIVR2UOKjAfCpmv8duSN0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
79b5016378fabbd9-FRA
priority
u=3,i=?0
css2
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Tajawal:wght@300;400;700&display=swap
Requested by
Host: 2m.ma
URL: https://2m.ma/ar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2a92ea12d9a962a7dabc765f17bb662a6911774ed46c67fc7cc8d1de081e66fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 18 Feb 2023 07:21:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 18 Feb 2023 07:21:21 GMT
fcdd942.js
2m.ma/_nuxt/
3 KB
2 KB
Script
General
Full URL
https://2m.ma/_nuxt/fcdd942.js
Requested by
Host: 2m.ma
URL: https://2m.ma/ar/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f87e83d40bb6703b256521c7a9d281dca6a8c5602876dbf13953b9887e61026d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Jan 2023 23:39:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2187653
etag
W/"d84-185e10069d8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xp79Bqn3s3CO%2BU3jd4nGDKJt%2F4%2FdvSkd2QKYnfe6k3PrhIU28HHU32FrTdPVYV7ezSvVTG%2FnevIdBxCCbkALx%2BFeSu%2Bd50hNLKKZhBxz4zqaeeofOjwM3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
79b5016378fcbbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i=?0
e761ebb.js
2m.ma/_nuxt/
241 KB
84 KB
Script
General
Full URL
https://2m.ma/_nuxt/e761ebb.js
Requested by
Host: 2m.ma
URL: https://2m.ma/ar/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8828e2be0050751407f6cc852478b1b9950cc4b4ea982c019d288f6a842645ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 09:03:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5177752
etag
W/"3c5c4-1852ec639b6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJRTswtM9xc0YbAIj5wtG4IaECXpJ6stnU3sUdvSVf1HjBQW6lsOFDhvU9MqdzF8gyYOeYR0ySdUYZwVrj5%2FU%2F4nkceOZc7iCPxb2esOkD6MOgpSRsOmpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
79b5016378febbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i=?0
a8ecfff.js
2m.ma/_nuxt/
1 MB
317 KB
Script
General
Full URL
https://2m.ma/_nuxt/a8ecfff.js
Requested by
Host: 2m.ma
URL: https://2m.ma/ar/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90f3ce50d631813354e1c8a436547ec3cea62fcdf685119e0b8f7693902dc69c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 09:03:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5177752
etag
W/"126d6b-1852ec639ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkeHHNxYVizRFhMrMzxCA4peTtmdp2IEAEtIg856ftSujsW7F6KVLkZCXRwIBfXo2YHBNFsLRt%2BKJ0NoibbcGRxQozFRgFT5kOAgAGlq1M1xDDFc8YDJ0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
79b501637901bbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i=?0
b5a680d.js
2m.ma/_nuxt/
612 KB
132 KB
Script
General
Full URL
https://2m.ma/_nuxt/b5a680d.js
Requested by
Host: 2m.ma
URL: https://2m.ma/ar/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
781b23bdb387966d207c9577baa224504673818fce48c771d9cf2d5ca2e8dcb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Jan 2023 23:39:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2187653
etag
W/"99098-185e10069c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGdz%2FoAbcTN7heUrlbonkUXulGdPD6%2BAHyS2sGc%2F47uLUsBM4V56D5IjwzY%2F2RSS%2BILWLzOdMwhVQxsUocVhuAtBrcHeQn7uGbHeWIGbyFZvUZLQ4c44zA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
79b501637902bbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i=?0
af02d63.js
2m.ma/_nuxt/
67 KB
17 KB
Script
General
Full URL
https://2m.ma/_nuxt/af02d63.js
Requested by
Host: 2m.ma
URL: https://2m.ma/ar/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da9069c8373f02b09222a859b34318894099610b104d260af185a66b40a131c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Jan 2023 23:39:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2187650
etag
W/"10ceb-185e10069c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vR1YTxlIR7dFpJcS4IjpfeRPjvi9KFMW7FWP%2BQNDkCRaQk1e63GeGuvaRQcFkFfaVYEGOCEU1yqQv4AHIqNQGMRP2W6q6ocl06qGd2vN%2BS8cB%2F4CBvLerw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
79b501637904bbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i=?0
bebc5c4.js
2m.ma/_nuxt/
100 KB
35 KB
Script
General
Full URL
https://2m.ma/_nuxt/bebc5c4.js
Requested by
Host: 2m.ma
URL: https://2m.ma/ar/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17c45f18bd6cfd29070e517a30e356bc7da0f32b3666751254ab776ed92bc800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 09:03:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5177752
etag
W/"19069-1852ec639ae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1Ikpyivy6Ul7NaIzkUo0tdqG1AiBPOkM7JkhacPJBE8dK9DSkk1RnFdqN4PQmsdgvfN7g5zM%2BvRGAsxhFvNzrvEV6ubWh3d%2BkAeaRPxVu9QsUXdSWixjw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
79b501637906bbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i=?0
9f7bb47.js
2m.ma/_nuxt/
73 KB
26 KB
Script
General
Full URL
https://2m.ma/_nuxt/9f7bb47.js
Requested by
Host: 2m.ma
URL: https://2m.ma/ar/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0de668ffbb871116cb13791b38a6816ba4949167ea2752a49ec67fee8e739d6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Jan 2023 23:39:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2187653
etag
W/"12413-185e10069bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkMKmvVk1m9eHGjGwRg7dZPfIBWYMt3xC42sb9Y9EV4RnUFpDz8pvrV90K104ZshwBh%2F9YnaI9yL9WakGBecPJZAwGD7J8lINfoloxvYuQtTTqbn2%2F5fFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
79b501637907bbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i=?0
71a7455.js
2m.ma/_nuxt/
32 KB
8 KB
Script
General
Full URL
https://2m.ma/_nuxt/71a7455.js
Requested by
Host: 2m.ma
URL: https://2m.ma/ar/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3afed2aacf8c0517f09305021b17928f6c859b61417544fa69ea1a12430ebafd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Jan 2023 23:39:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2187650
etag
W/"8106-185e10069bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ry4aXp9nO6rBlQHiJCV0wnc4p6hzdB%2BeEHrEzehLD02S4TA80kjAbwSJUhyZIxXGJCkJhd%2F%2FlMhCVQe5kVeRgsXM5M8YxNjFtH83P6RWiMwxMechq4lKNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
79b50163790abbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i=?0
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 2m.ma
URL: https://2m.ma/cdn-cgi/apps/head/vSC4oVFecTkvtww2xzzNkkv_C9Q.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 18 Feb 2023 07:12:06 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
555
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sat, 18 Feb 2023 09:12:06 GMT
rocket-loader.min.js
2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: 2m.ma
URL: https://2m.ma/ar/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 15 Feb 2023 14:31:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63ececa5-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zZVpM9xFanc1unVqLp17nxjP9AVikZ3S5qqowqpdeUh7EByhbIxyOBIwafQg38w2xPzzvCVunBa174wbl0F2nO9Plwg%2BdEFryP5WAgkUzIwi6ZXzN0kcbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
79b501646a94bbd9-FRA
expires
Mon, 20 Feb 2023 07:21:21 GMT
vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/
17 KB
6 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by
Host: 2m.ma
URL: https://2m.ma/ar/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer
https://2m.ma/
Origin
https://2m.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
gzip
last-modified
Fri, 21 Oct 2022 01:56:09 GMT
server
cloudflare
etag
W/2022.10.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
79b50164b934905b-FRA
ampAnalytic.js
2m.ma/js/
213 B
687 B
Script
General
Full URL
https://2m.ma/js/ampAnalytic.js
Requested by
Host: 2m.ma
URL: https://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffdfc591d8628204b0fdbf242ea0a460fb9de5d7201b700e2d5a026759dbd63d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 08 Mar 2022 16:45:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"d5-17f6a6bb690"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwPgWAOkfN%2BvtSNgnIn%2FIL%2BOc1D6ah7WMmu6Dx8sDCQNDSvj79ZTsn%2FCGfLJCOraumX6czpbJ7Q5tnoMqVjOACr%2BbV5F2%2BjKgcztsHqr17qcGcGJXKMuUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=7200
cf-ray
79b50164bb1cbbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i=?0
amp-analytics-0.1.js
cdn.ampproject.org/v0/
110 KB
32 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: 2m.ma
URL: https://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb7dadfee42703d011a9e651d5a3c15b415a1662aa3ed43f3358fb05d2c72b9e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sat, 18 Feb 2023 07:21:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32013
x-xss-protection
0
server
sffe
etag
"642d09b21bbca62c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 18 Feb 2023 07:21:21 GMT
AlexaCertify.js
2m.ma/js/
351 B
699 B
Script
General
Full URL
https://2m.ma/js/AlexaCertify.js
Requested by
Host: 2m.ma
URL: https://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28408c328d2ca123c9deeafcb35c7347162f701cb3390138f14dec1d45aae1fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 10 Mar 2022 16:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"15f-17f74c52dd3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5i4sk9mmdkny7wGHv4dDtpcK3LJOq0GZUQawIhP%2B307uVvv7TyPcS2UfPn9vQZfXv2vh67LFqcq%2Bz3%2FEKZ6N1OudFqAwQvdIcgULp6UNzsUwiZQIEp5xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=7200
cf-ray
79b50164bb1fbbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i=?0
smartadsettings.js
2m.ma/js/
304 B
687 B
Script
General
Full URL
https://2m.ma/js/smartadsettings.js
Requested by
Host: 2m.ma
URL: https://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35a84f47e05bda3d13c3f610bd344e26e11980512761e296e4c97383023a2204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Tue, 20 Dec 2022 09:02:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"130-1852ec4fce2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f6459vkSiyHgLhAo%2B1U84kaPErHXqhGao1JMIZHWrbJ83liWeuEQ9aXsSdMAwCs6%2F8mOem8gr%2FyoSzINupwB1vONFsS0n6rg8LzdxBll4NECGBuruTscMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=7200
cf-ray
79b50164db4abbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i=?0
controller.js
r.sascdn.com/video/
0
75 B
Script
General
Full URL
https://r.sascdn.com/video/controller.js
Requested by
Host: 2m.ma
URL: https://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.64 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip64.ip-5-196-111.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:20 GMT
content-length
0
config.js
r.sascdn.com/video/
0
75 B
Script
General
Full URL
https://r.sascdn.com/video/config.js
Requested by
Host: 2m.ma
URL: https://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.64 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip64.ip-5-196-111.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-length
0
smart.js
ced.sascdn.com/tag/3810/
97 KB
33 KB
Script
General
Full URL
https://ced.sascdn.com/tag/3810/smart.js
Requested by
Host: 2m.ma
URL: https://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.79.142 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-18-79-142.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3fac421f0e04198b535d169a2139f300c72b7aaa2cd81aec3c4fd93f270b3c92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Sat, 18 Feb 2023 07:21:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=7200
Connection
keep-alive
Content-Length
33301
Expires
Sat, 18 Feb 2023 09:21:21 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/
366 KB
123 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: 2m.ma
URL: https://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a4100482ef01d58945b592343830638ff208b8930d31c59eb936598dd92e21c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
124936
x-xss-protection
0
expires
Sat, 18 Feb 2023 07:21:21 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/
9 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: 2m.ma
URL: https://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3565ea346e63fda91cc67ba8fc11e95b7482d5873a4f4c6a47c4185b772d9a1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1750
etag
W/"5ffd70753209ca4d09cfef90e7c44df3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
79b501656b6692a2-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 21 Feb 2023 07:21:21 GMT
widgets.js
2m.ma/js/
96 KB
29 KB
Script
General
Full URL
https://2m.ma/js/widgets.js
Requested by
Host: 2m.ma
URL: https://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 27 Jan 2022 09:11:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"181b8-17e9ace1488"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bb0J15Ko%2BPIBOuU6%2Fc2IEMtq%2BOkTuq%2Fi5NzKGt0Gj%2B62ZrRulLVwxWUfMJm%2BjlmEsstTZzBZg2%2BDW42ozeGh4Kb%2FbT%2B0NlDURp%2F1WWce0WjbWOjZP%2FmcMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=7200
cf-ray
79b50164eb4ebbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i=?0
analytics.js
2m.ma/js/
452 B
770 B
Script
General
Full URL
https://2m.ma/js/analytics.js
Requested by
Host: 2m.ma
URL: https://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84ec4d46a42112e855a36f2f59b40897451ad769a6ae92385f1dacf467dfc9c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 27 Jan 2022 10:39:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1c4-17e9b1e68ea"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QgyyYHwIiBMnEU%2FsHbUc4UEQtLBPCT3P3m%2BVUlCifU%2FQ%2F6o88cjigzOGQVQrHFy1V%2FxC82sklyniV2VS8pAjSs%2FTmu0HT30cjxomBYCJIWor9x6uF9WaVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=7200
cf-ray
79b50164eb4fbbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i=?0
clarity.js
2m.ma/js/
335 B
709 B
Script
General
Full URL
https://2m.ma/js/clarity.js
Requested by
Host: 2m.ma
URL: https://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fa38979b260b8046863afde7f5ed8c57cb43513b46129c1c33464d34ea6085b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 12 Nov 2021 14:06:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"14f-17d1478a270"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GMVA6wR6pj7REu%2FegWgs9e1tAYtsMPJEXmwJhFPk6%2BsNUCQ9xSn2%2BVGJsZDcmyNpocQ7jNNG%2BPsL21XGRSoyMXCnZqoWuFiIozBQxooiYwp%2FVyLd51d3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=7200
cf-ray
79b50164eb50bbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i=?0
gtag.js
2m.ma/js/
175 B
635 B
Script
General
Full URL
https://2m.ma/js/gtag.js
Requested by
Host: 2m.ma
URL: https://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99a4f2a0204fba9482eff0593850b915f6dd2244eb824477be07e4ae085eb1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 12 Nov 2021 14:48:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"af-17d149f4510"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wr2Pr8rrmGkrUVMOWWvO5R013JZAwBV%2BqkCOgtIDN5mYDcBd6842g1sCjlP1baWg0eEvCVPT3EFKTF9cp9m5znsxe5Ckb7lhCx0j5PjVSQymAbksfP4niQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=7200
cf-ray
79b50164eb51bbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i=?0
widgets.js
platform.twitter.com/
91 KB
28 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: 2m.ma
URL: https://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC8) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Sat, 18 Feb 2023 07:21:21 GMT
Content-Encoding
gzip
Age
1435
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
x-amzn-internal-status
304
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (amb/6BC8)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
js
www.googletagmanager.com/gtag/
215 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G6GJSC0FFM
Requested by
Host: 2m.ma
URL: https://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3fe10eae3495c57a3e02ebb4e30efb2f2e7c03ca292dfc6274d1d14fa2baa8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77333
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 18 Feb 2023 07:21:21 GMT
ads.js
2m.ma/js/
4 KB
1 KB
Script
General
Full URL
https://2m.ma/js/ads.js
Requested by
Host: 2m.ma
URL: https://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
754fd98d3054bdb1ab20e0c5056e125b2ddc0f14992c2e8fbb12b5a0cd212d03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Fri, 28 Jan 2022 16:31:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"f00-17ea187095e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8sfEJaYgD7jnTp9nvFCDpPogBMorwO6RwF5AuAgGX6TCK7G3%2B9%2FZTGjTWJ8TkHvrVSu0TWC90cHi3QPriHvGCle0lav%2B3s7L8yYKyFngBVIccLnGUzGKMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=7200
cf-ray
79b50164eb53bbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i=?0
collect
www.google-analytics.com/j/
4 B
202 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1028088030&t=pageview&_s=1&dl=https%3A%2F%2F2m.ma%2Far%2F&dr=https%3A%2F%2Fkellyclarksonkcn1.blogspot.com%2F&ul=en-us&de=UTF-8&dt=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=47163538&gjid=1965368980&cid=685397713.1676704881&tid=UA-16439051-2&_gid=2061385076.1676704882&_r=1&_slc=1&z=1242472125
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://2m.ma/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 18 Feb 2023 07:21:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://2m.ma
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/
76 KB
26 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: 2m.ma
URL: https://2m.ma/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
852711ee8cd6e8c26f1f29118fa19e029e260980f3db7fd4979a7e070a58f8a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26544
x-xss-protection
0
server
sffe
etag
"1486 / 624 of 1000 / last-modified: 1676675148"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Feb 2023 07:21:21 GMT
collect
stats.g.doubleclick.net/j/
4 B
342 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-16439051-2&cid=685397713.1676704881&jid=47163538&gjid=1965368980&_gid=2061385076.1676704882&_u=IEBAAEAAAAAAACAAI~&z=850542474
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://2m.ma/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sat, 18 Feb 2023 07:21:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://2m.ma
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-16439051-2&cid=685397713.1676704881&jid=47163538&_u=IEBAAEAAAAAAACAAI~&z=1951232103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Feb 2023 07:21:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
408 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-16439051-2&cid=685397713.1676704881&jid=47163538&_u=IEBAAEAAAAAAACAAI~&z=1951232103
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Feb 2023 07:21:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2023021401.js
securepubads.g.doubleclick.net/gpt/
383 KB
130 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ae88f57f0348d9b11258f88926e791d4dc8dc66b365d8aca36cb731257b7fc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 19:55:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41149
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
132139
x-xss-protection
0
last-modified
Tue, 14 Feb 2023 09:35:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 17 Feb 2024 19:55:32 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
74 B
601 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=2m.ma
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9efa7519fa43bce81efcb0f8546be490d37b3c6a3ec0075a043eef7e6c174c80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59
x-xss-protection
0
expires
Sat, 18 Feb 2023 07:21:21 GMT
collect
region1.google-analytics.com/g/
0
247 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-G6GJSC0FFM&gtm=45je32f0&_p=1028088030&cid=685397713.1676704881&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676704881&sct=1&seg=0&dl=https%3A%2F%2F2m.ma%2Far%2F&dr=https%3A%2F%2Fkellyclarksonkcn1.blogspot.com%2F&dt=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G6GJSC0FFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Feb 2023 07:21:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://2m.ma
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
9aa85s764a
www.clarity.ms/tag/
1 KB
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/9aa85s764a
Requested by
Host: 2m.ma
URL: https://2m.ma/js/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d02fb496d513c66cfbb7b8550861f921d8a52222f7bfac26c30435bd81f3fb23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
application/x-javascript
date
Sat, 18 Feb 2023 07:21:21 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
0cnzwYwAAAAAuFvuBWHj+RqNxHOjjf3CxRlJBMzFFREdFMDQxMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 2m.ma
URL: https://2m.ma/js/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 18 Feb 2023 07:12:06 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
555
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Sat, 18 Feb 2023 09:12:06 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/
283 KB
68 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151515
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3af293c92bffe2f5f6f31753be6de274bf677ee5c4de05428cf394d63d4941
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1751
etag
W/"725985d8b3cb9e8905cfe4c97cc83600"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
79b501686e8792a2-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 21 Feb 2023 07:21:21 GMT
102.json
id5-sync.com/g/v2/
216 B
615 B
XHR
General
Full URL
https://id5-sync.com/g/v2/102.json
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/3810/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
6b021b8d2cebe6a4d6fe9f985b211641bd6f783758135c7a31bac56ac474218d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://2m.ma/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://2m.ma
date
Sat, 18 Feb 2023 07:21:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
atrk.js
certify-js.alexametrics.com/
4 KB
2 KB
Script
General
Full URL
https://certify-js.alexametrics.com/atrk.js
Requested by
Host: 2m.ma
URL: https://2m.ma/js/AlexaCertify.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-48.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Thu, 08 Sep 2022 02:09:54 GMT
Content-Encoding
gzip
Via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
Last-Modified
Tue, 27 Apr 2021 18:03:54 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P7
Age
14101889
ETag
W/"d89453438fbf10dcf4c13265c40d5160"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=26920000
Connection
keep-alive
X-Amz-Cf-Id
Kxqb6XgN5ZgDw8LJAVfJeQqZNrw7e0lZHG-JRWjHcqLDPm8od2HXww==
Iura6YBj_oCad4k1nzGBCw.woff2
fonts.gstatic.com/s/tajawal/v9/
10 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzGBCw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Tajawal:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b081f7bf790678b56a2c0502651d6873cbabc09e78fe40655df15f918b1e369b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2m.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 04:22:23 GMT
x-content-type-options
nosniff
age
269939
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10256
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:06:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Feb 2024 04:22:23 GMT
js
www.googletagmanager.com/gtag/
215 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JXCE5J40DP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G6GJSC0FFM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c1379f85917577d7d979cce41045b8a7f6af28559899a87f0da13c809df772f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77328
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 18 Feb 2023 07:21:22 GMT
js
www.googletagmanager.com/gtag/
215 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JXCE5J40DP&l=dataLayer
Requested by
Host: 2m.ma
URL: https://2m.ma/_nuxt/a8ecfff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
26b9b25b29f72e001eada0bd71c686a53a67804171383def492ea8c7fc36e258
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77334
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 18 Feb 2023 07:21:22 GMT
2fed41a.js
2m.ma/_nuxt/
81 KB
25 KB
Script
General
Full URL
https://2m.ma/_nuxt/2fed41a.js
Requested by
Host: 2m.ma
URL: https://2m.ma/_nuxt/fcdd942.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96a363cc28dc48cd1b13ec5a201056ae53b3fc5265d0f43c7e91ee2afd041d2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 09:03:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5177531
etag
W/"144ee-1852ec639ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JZxwQ6%2BTn4Mb1nrlIpCZvFimZgYWRUu4hnR50SQQqcFdoVEXy9KBWET5pjgRDv0XR%2FATPMpsYIZQu2j4Pw8L9NhlDVes7YPijxITURgduj%2Fp6Or89DWkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
79b50169cab8bbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i=?0
Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
fonts.gstatic.com/s/tajawal/v9/
10 KB
10 KB
Font
General
Full URL
https://fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Tajawal:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de8f431c146ab1feb612cb7ced0842ae5c4e2f12067d13db0badeca73977200b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2m.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 03:52:08 GMT
x-content-type-options
nosniff
age
271754
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9996
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Feb 2024 03:52:08 GMT
fa-solid-900.1551f4f.woff2
2m.ma/_nuxt/fonts/
76 KB
77 KB
Font
General
Full URL
https://2m.ma/_nuxt/fonts/fa-solid-900.1551f4f.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer
https://2m.ma/ar/
Origin
https://2m.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1877936
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78268
last-modified
Mon, 23 Jan 2023 23:39:38 GMT
server
cloudflare
etag
W/"131bc-185e1006994"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qspVJT51odlnmAhl7ByrvV%2B0YROIsV%2Fge9PQbiGy35cB9bBlpZKX9r0EtOCAZjtAvyEjEHxGxmVzK8PivacxXgky3PEYUC%2BYKXXD5A4Txlu8W18TSN8bQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
79b5016a1b1bbbd9-FRA
priority
u=2,i=?0
Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2
fonts.gstatic.com/s/tajawal/v9/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Tajawal:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
328cc866bbd43a73f3742f59aca4df9e04bf14354d8847461f6641279326de63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2m.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 16:40:54 GMT
x-content-type-options
nosniff
age
225628
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8712
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Feb 2024 16:40:54 GMT
Iura6YBj_oCad4k1nzSBC45I.woff2
fonts.gstatic.com/s/tajawal/v9/
9 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzSBC45I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Tajawal:wght@300;400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f56c2984babee36c5008ae3290384e27a63931814265ffe8ddda6a2fc38b41e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://2m.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 04:18:26 GMT
x-content-type-options
nosniff
age
270176
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8724
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:06:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Feb 2024 04:18:26 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: 2m.ma
URL: https://2m.ma/_nuxt/a8ecfff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
08796af5032a95b13e97b480698b016e6ed374232c4c6337b513f8065115841e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 18 Feb 2023 07:21:22 GMT
content-md5
JNlIPTN3cTyhrHUKa5xFQQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
YGueUZbltWl1n094o4oPBL+CcP3mHYzDw/iYKtIY4FtuKySfWl2WCyeigflufgL1PlGLd7lqRPcMsOxKMc2Rxw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
917726464
x-fb-content-md5
65cf823e06f61fb31b7bb93e42778cf8
cross-origin-opener-policy
same-origin-allow-popups
etag
"0edee5cca527d42bac2a7a09f90c7204"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-frame-options
DENY
timing-allow-origin
*
expires
Sat, 18 Feb 2023 07:33:06 GMT
calender.b9f2460.svg
2m.ma/_nuxt/img/
2 KB
995 B
Image
General
Full URL
https://2m.ma/_nuxt/img/calender.b9f2460.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8a861b8d6ba109b0595502cd595b1b7e7ab6cc78ac7f7777414b1201618cea7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Jun 2022 13:56:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20727695
etag
W/"607-1811f8d8fab"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxZCzKCUfToziYLfETcPwowpTdQRQcgkPZ7p5RvlnlpI0NQipASuTLKdjZznWVes5MmrZPr%2BtYD5%2BQklXBfZk9Gp9JbiKYRQmp22XQ35eyaAEx1k%2F4zlNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
79b5016a3b65bbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=4,i
truncated
/
871 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba257ab6608042d4589dfce1ff28a7a2f76f40696736bc7feb44a886506dc2e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
691 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c0cb57b800559bcf53c0118f1e36e00ffacec365ee6e61331377e20206609b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml
close.0ebedbe.svg
2m.ma/_nuxt/img/
57 KB
8 KB
Image
General
Full URL
https://2m.ma/_nuxt/img/close.0ebedbe.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a60a65a52594c2ee976d3373d07164a273e38e177d2b31083205bf16ceab7473

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 04 Mar 2022 21:51:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
30273598
etag
W/"e2fa-17f56eaac01"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v1KqexfMDcAagzrQiDMgIjCLUrinImBtTKoC03cr7P5iYs6ctXv3UirDGVCkIBrLDMLcZwghQL9eDpLxnbcdvrI1LJQ74PGdsWvBN68r%2Fwaa2fEjQDnh3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
79b5016a4b71bbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=4,i
truncated
/
865 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca078a47ab231ffad9ce0ce64a650d66065ca7863954ea32bbdf8115e94d04a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
558 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dffe7d16ad8a596271f7e615fb9790fb5657db671c445edf775601e87690edef

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
460 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
138364753b8d31982576a0a268036891460813f57097fe4dc87272d9d8ef83d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
610 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19297d0d24ad777c2059c8aa8f247d2623ed4416bebc5d283bcc6c7f579e1dbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0140437ec6cb29bc6ac6f8505f05f11603a430298e48c1ea483f7de390ba34a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
web
onesignal.com/api/v1/sync/7893e102-f366-416c-86b4-9f7cfbf011bf/
4 KB
2 KB
Script
General
Full URL
https://onesignal.com/api/v1/sync/7893e102-f366-416c-86b4-9f7cfbf011bf/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151515
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9741dd4c010517a7b54a621e8af7c0639149b16f9a5970288e0012e76b7559ab
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=15552000; includeSubDomains
age
1073
cf-polished
origSize=3960
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
baef1e20-dd34-4071-9d03-af5463aff9a5
x-runtime
0.076989
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"ffe18b4222125b2c8b1fd409fcf6f658"
x-download-options
noopen
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
79b5016a688c92a2-FRA
access-control-allow-headers
SDK-Version
expires
Sat, 18 Feb 2023 08:21:22 GMT
/
2m.ma/ip/
22 B
446 B
XHR
General
Full URL
https://2m.ma/ip/?format=json
Requested by
Host: 2m.ma
URL: https://2m.ma/_nuxt/e761ebb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ede93636a8abc463364f9352de0b0e7d53396aa027c22ed278c042ed3ed8623

Request headers

Accept
application/json, text/plain, */*
Referer
https://2m.ma/ar/
accept-language
de-DE,de;q=0.9
locale
ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PiBJdpzdcDLkboVYusuudaEHh1HAmyJ4tBBjXVo5tC6NfbGqzpRpExj9FJnJu8SxLvviRyB5MF9elKDPMBetDIaQKZ5ux2rbyhHMRanTeWVsx5XZ0jJDvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cf-ray
79b5016a4b84bbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=4,i
get-iframe
2m.ma/api/
6 KB
6 KB
XHR
General
Full URL
https://2m.ma/api/get-iframe
Requested by
Host: 2m.ma
URL: https://2m.ma/_nuxt/e761ebb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5012529136a5f0aaca92da7340a22e6da887595ce48dcaac26e490fe9706d0ea
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://2m.ma/ar/
accept-language
de-DE,de;q=0.9
locale
ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
79b5016a4b86bbd9-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
getSliderSection
2m.ma/api/
6 KB
6 KB
XHR
General
Full URL
https://2m.ma/api/getSliderSection
Requested by
Host: 2m.ma
URL: https://2m.ma/_nuxt/e761ebb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2c4e0c25f8905ca07310555c6912ec856554b65c8d22fd01ccdf684f2020142
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://2m.ma/ar/
accept-language
de-DE,de;q=0.9
locale
ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
79b5016a4b8bbbd9-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
getHotTopics
2m.ma/api/
6 KB
6 KB
XHR
General
Full URL
https://2m.ma/api/getHotTopics
Requested by
Host: 2m.ma
URL: https://2m.ma/_nuxt/e761ebb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c97b961169cacf48bca2ba8ea10e797953b4691583c3b8fd53f4acc08b69f0c7
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://2m.ma/ar/
accept-language
de-DE,de;q=0.9
locale
ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
79b5016a4b8cbbd9-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
articlesrecent
2m.ma/api/
6 KB
6 KB
XHR
General
Full URL
https://2m.ma/api/articlesrecent
Requested by
Host: 2m.ma
URL: https://2m.ma/_nuxt/e761ebb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0361961e7f70710ed9bbace05f9df029fbef3c50ae2b5d09b4f846047de6b6ea
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://2m.ma/ar/
accept-language
de-DE,de;q=0.9
locale
ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
79b5016a4b8ebbd9-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
getDossierSpecial
2m.ma/api/
6 KB
6 KB
XHR
General
Full URL
https://2m.ma/api/getDossierSpecial
Requested by
Host: 2m.ma
URL: https://2m.ma/_nuxt/e761ebb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6cdc31421453d1955b884275c715c5f13f78ea5da02cfb696dbd816d1e8ff63
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://2m.ma/ar/
accept-language
de-DE,de;q=0.9
locale
ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
79b5016a4b8fbbd9-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
getListEmissions
2m.ma/api/
6 KB
6 KB
XHR
General
Full URL
https://2m.ma/api/getListEmissions
Requested by
Host: 2m.ma
URL: https://2m.ma/_nuxt/e761ebb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1108edbbc7535a107cc9f3d4f6de1e5178f7d296ee870007ec2126de8c51347
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://2m.ma/ar/
accept-language
de-DE,de;q=0.9
locale
ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
79b5016a4b90bbd9-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
getListJT
2m.ma/api/
6 KB
6 KB
XHR
General
Full URL
https://2m.ma/api/getListJT
Requested by
Host: 2m.ma
URL: https://2m.ma/_nuxt/e761ebb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61ccb2741858c86750bae3cfd18f6f2ff87f9bfe0808acb1a4d3676f17cbdef4
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://2m.ma/ar/
accept-language
de-DE,de;q=0.9
locale
ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
79b5016a4b93bbd9-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
getSectionUne
2m.ma/api/
6 KB
6 KB
XHR
General
Full URL
https://2m.ma/api/getSectionUne
Requested by
Host: 2m.ma
URL: https://2m.ma/_nuxt/e761ebb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d94cffb6c23f13d19fb5be28d65e892e414ffbfa9877ac946688fc0c8614a01b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://2m.ma/ar/
accept-language
de-DE,de;q=0.9
locale
ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
79b5016a5b99bbd9-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
mostViewed
2m.ma/api/
6 KB
6 KB
XHR
General
Full URL
https://2m.ma/api/mostViewed
Requested by
Host: 2m.ma
URL: https://2m.ma/_nuxt/e761ebb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44645e0a17242e9cb5cbcdee27d339fed36cf5ed604398b0809d9810f8c14b8d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://2m.ma/ar/
accept-language
de-DE,de;q=0.9
locale
ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
79b5016a5b9bbbd9-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
getmastertags
2m.ma/api/
6 KB
6 KB
XHR
General
Full URL
https://2m.ma/api/getmastertags
Requested by
Host: 2m.ma
URL: https://2m.ma/_nuxt/e761ebb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94dcd3d970de1521446a302eb1e99c6d13f22493b9c90a477b13a49046ce586e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://2m.ma/ar/
accept-language
de-DE,de;q=0.9
locale
ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
79b5016a5b9cbbd9-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
0
2m.ma/api/articlesrecent-paginated/
6 KB
6 KB
XHR
General
Full URL
https://2m.ma/api/articlesrecent-paginated/0
Requested by
Host: 2m.ma
URL: https://2m.ma/_nuxt/e761ebb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
805aefa720deee7c1a388e961fb631be6cc7ea35fddce6295d75fd1d2a9e1715
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://2m.ma/ar/
accept-language
de-DE,de;q=0.9
locale
ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
79b5016a5b9ebbd9-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
getLiveSection
2m.ma/api/
6 KB
6 KB
XHR
General
Full URL
https://2m.ma/api/getLiveSection
Requested by
Host: 2m.ma
URL: https://2m.ma/_nuxt/e761ebb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff0c1645de02e1a078633f5a43339f7ce8fe75e9f0bce5549779d83cc42acd15
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://2m.ma/ar/
accept-language
de-DE,de;q=0.9
locale
ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
79b5016a5ba1bbd9-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
getmastertags
2m.ma/api/
6 KB
6 KB
XHR
General
Full URL
https://2m.ma/api/getmastertags
Requested by
Host: 2m.ma
URL: https://2m.ma/_nuxt/e761ebb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c842f82ce2736e2a09f091c9caf793577e926529edc5ceace55a2c8431cd0d19
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://2m.ma/ar/
accept-language
de-DE,de;q=0.9
locale
ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
79b5016a5ba4bbd9-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
getBreakingNews
2m.ma/api/
6 KB
6 KB
XHR
General
Full URL
https://2m.ma/api/getBreakingNews
Requested by
Host: 2m.ma
URL: https://2m.ma/_nuxt/e761ebb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cb444a951825c6214bcc489545961c49dfadb4c0cc01b3f399aea3efd9192d8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://2m.ma/ar/
accept-language
de-DE,de;q=0.9
locale
ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
79b5016a5ba7bbd9-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
1
2m.ma/mm-weather/get-forecast/
1 KB
990 B
XHR
General
Full URL
https://2m.ma/mm-weather/get-forecast/1
Requested by
Host: 2m.ma
URL: https://2m.ma/_nuxt/e761ebb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd85da9508541520503cad02a17e8d3ade1c79b808b2bd11dc0a5d3368c0c381
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://2m.ma/ar/
Referrer-Policy
strict-origin-when-cross-origin
x-requested-with
XMLHttpRequest
accept-language
de-DE,de;q=0.9
locale
ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bXJGbgzOtuOReQ07HAFeKLR0Dx4J2bJDTQrhroBSOASOcgcn%2FBYgwf72PgPgQJ3d3Ljkj70W4gZRULvGwHPB4LU9mL66YbDiPVMqLoiufeK04vMPU%2BokeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cf-ray
79b5016a5baabbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=4,i
expires
Sun, 19 Nov 1978 05:00:00 GMT
list
2m.ma/api/grille/
6 KB
6 KB
XHR
General
Full URL
https://2m.ma/api/grille/list
Requested by
Host: 2m.ma
URL: https://2m.ma/_nuxt/e761ebb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b31b22e83cb30293ea55004b334beff2b7ffd4af4fafe99b84ed0a44a9732833
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://2m.ma/ar/
accept-language
de-DE,de;q=0.9
locale
ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
referrer-policy
same-origin
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
79b5016a5bacbbd9-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
horaire-api.php
2m.ma/prieres/
16 KB
4 KB
XHR
General
Full URL
https://2m.ma/prieres/horaire-api.php?ville=58
Requested by
Host: 2m.ma
URL: https://2m.ma/_nuxt/e761ebb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f643d8884f06e54b6226221a074778f150559e47cea98a66558e7069dfb3711
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://2m.ma/ar/
accept-language
de-DE,de;q=0.9
locale
ar
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1f3yEIB1qDHE%2BKeT4%2BSOv1uPBI8uqvBJY6mAQ4TaCPHVjg%2B3a90x2llRCwhrgVx9%2BBs8pUMezXzcxUES%2FXb8zLYoF0gK02YGV%2FkFaMyVvTQFNWExEfzBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
79b5016a5badbbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=4,i
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame 5150
320 KB
104 KB
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2F2m.ma
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B94) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://2m.ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2108285
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Sat, 18 Feb 2023 07:21:22 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6B94)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
fa-regular-400.7a33376.woff2
2m.ma/_nuxt/fonts/
13 KB
13 KB
Font
General
Full URL
https://2m.ma/_nuxt/fonts/fa-regular-400.7a33376.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca

Request headers

Referer
https://2m.ma/ar/
Origin
https://2m.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1877936
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13224
last-modified
Mon, 23 Jan 2023 23:39:38 GMT
server
cloudflare
etag
W/"33a8-185e1006994"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMo12HZOhLHny8VHfuqmgl%2B2KgKTMPOXLMZmQ%2FPBkC0OO1WCt1pE0YFIKrocEi7fONsUSooQE1yXU0LCmQTzfi3%2BSRt7YP86R0JUO3mp%2BucBKrMPjEMsPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
79b5016a6bcabbd9-FRA
priority
u=2,i=?0
2m.86cf83a.png
2m.ma/_nuxt/img/
5 KB
6 KB
Image
General
Full URL
https://2m.ma/_nuxt/img/2m.86cf83a.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9df1486c30794a66038424122c0610a2c0af663fc839fc72caff730a7742d23d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1873571
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5173
last-modified
Mon, 23 Jan 2023 23:39:38 GMT
server
cloudflare
etag
W/"1435-185e1006984"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Fhda0lBzdT%2Br3C1XhZlAlDhukLt1d8%2BLmSkMxTE26HmHsQPP%2FVZ4f4Oswxhh1QZbrjb3ENtl24huYPLdmviX154Uu4HSJ5GRQh9MSdbYKuZTzln4mUUTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
79b5016a8bf2bbd9-FRA
priority
u=4,i
shape.5ab0126.png
2m.ma/_nuxt/img/
4 KB
5 KB
Image
General
Full URL
https://2m.ma/_nuxt/img/shape.5ab0126.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
987be6f0e092cb97f4e2218d5035a0f05bf4e25db73992e236ca4b449ee22758

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1873571
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4207
last-modified
Mon, 23 Jan 2023 23:39:38 GMT
server
cloudflare
etag
W/"106f-185e1006984"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2lV3HJiLRanvWnyXmYE56XiVQKcaL5n%2FFRnOk%2BHa%2FbS384ufT%2B%2Ftj3YiqpxT%2BHMqQbuoLVOz9EOgLR%2FDUKLrK9T7e9u7%2F5pOwc21jgewdSy4anGtKUksRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
79b5016a8bf5bbd9-FRA
priority
u=4,i
ma.6cbddc5.png
2m.ma/_nuxt/img/
4 KB
5 KB
Image
General
Full URL
https://2m.ma/_nuxt/img/ma.6cbddc5.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52a2de38a98b958dd6355e62686e814f62bfbab13fb3f9322cae3e6dc734890d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1232420
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4345
last-modified
Mon, 23 Jan 2023 23:39:38 GMT
server
cloudflare
etag
W/"10f9-185e1006984"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jrk7ciCvmMQ6iRHnwwzyMj%2Fptm69VrQ5qIMKvbTgzKvvTx98wmnjX6KJ1jKloMhwh3pog01Pr6XL3QL9yjwu6fcbxDeq91vdiHzoneW9UIeMcgd9pUixcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
79b5016a8bf7bbd9-FRA
priority
u=4,i
logo.d4ee7e1.png
2m.ma/_nuxt/img/
5 KB
5 KB
Image
General
Full URL
https://2m.ma/_nuxt/img/logo.d4ee7e1.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f67077d8268ccafcca51f8470505bc37be21930b793b147c1ccb67a1e915818a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1875973
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4778
last-modified
Mon, 23 Jan 2023 23:39:38 GMT
server
cloudflare
etag
W/"12aa-185e1006984"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJ1VgVgUo8swe60YovhRjgS%2Brexj4qBAem2zjwLMYZtN%2B8OGrIPvCUZrERiDIJnb3tKvCJsA1wSs9y3d3JD%2ByT5biQz5P5bp15h29ZVkT75ZgPRCMGkUlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
79b5016a8bf8bbd9-FRA
priority
u=4,i
AlFajr.ae83aab.svg
2m.ma/_nuxt/img/
2 KB
1 KB
Image
General
Full URL
https://2m.ma/_nuxt/img/AlFajr.ae83aab.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
201d4e3abf8746820d279061cb6d27c41549e62bea3bdd5d8c97f4030d6e1b42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 04 Mar 2022 21:51:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
30273338
etag
W/"963-17f56eaac09"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGBvJNnX5k4swtpoiPeCBP7p3u2sFNwZHci3OwjpEPDKVyZyCPGU9oszKcd%2BfGC4fibHwZ7CB81ZpCeBON0Yn%2BFP8dhydzIAlxNojEaYVwuDTk714dpALw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
79b5016a8bfabbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=4,i
Dohour.005700e.svg
2m.ma/_nuxt/img/
2 KB
1 KB
Image
General
Full URL
https://2m.ma/_nuxt/img/Dohour.005700e.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6c2fe21a0cdfa248b8ea2419e50c1214c7addd6a91a1ff884011becb1cf9447

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Jan 2023 23:39:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
287834
etag
W/"92c-185e1006990"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKx%2FtCXcxMh5THjEZ%2F6oAFgzk7qhcYESofAglMbiei6oP1g2%2Frjun9380S8cWErhGI41iAvGcUTf1MucU2%2FbCPanZSIWQTBg6H1QHfQyJTeZWz4nLk4g5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
79b5016a8bfcbbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=4,i
Achaa.f3a14b0.svg
2m.ma/_nuxt/img/
2 KB
1 KB
Image
General
Full URL
https://2m.ma/_nuxt/img/Achaa.f3a14b0.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
509667b7aa70dd067288fa173cb8b6623dac009fb394c7b28e4c0b61a0cd981d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 01 Jun 2022 13:56:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
20728515
etag
W/"996-1811f8d8faf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qa9whN%2FjnBBoZqkQlHn4OBiuqVNcY7fmkg%2BGfeXFSZ1wNz8SpM5xX7p7ag84FOs8GuJ9FNYDGFUDLoAFLOh0%2FasF1SCpULQTPsLJ5Skk4LURxPYxQvqKog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
79b5016a8bfebbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=4,i
Asr.2210455.svg
2m.ma/_nuxt/img/
2 KB
1 KB
Image
General
Full URL
https://2m.ma/_nuxt/img/Asr.2210455.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e61d99c36f2231c90f3b761fb13497d5ffd46965f61befcb0928293ece44a881

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 04 Mar 2022 21:51:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
30273337
etag
W/"954-17f56eaac09"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eL2H9Itdz7BLnZhI7mBzWkIkFwiwY50URChnd%2BfsDytif0RTYr0CX2Kax1EkfZfR57U2YpOP4n1SdOo9ouj5OsJq1Xazk7vCgs3WZHW%2BhIyUA%2Fo6gBNYrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
79b5016a8c00bbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=4,i
rum
2m.ma/cdn-cgi/
0
134 B
XHR
General
Full URL
https://2m.ma/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://2m.ma/ar/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type
application/json

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://2m.ma
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
79b5016aac35bbd9-FRA
settings
syndication.twitter.com/ Frame 5150
919 B
647 B
Fetch
General
Full URL
https://syndication.twitter.com/settings?session_id=a70f83e85e6ad4d2320dfc3992b2a7b60579b330
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2F2m.ma
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ee80cf3b15ea6f7dd08ba1b6bbb065994092b94415845536e0db3476ea80fad4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-response-time
112
date
Sat, 18 Feb 2023 07:21:22 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Sat, 18 Feb 2023 07:21:22 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
0227515355958c85
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
a47b0d2144db1ba04be59da9fee0f9ca7bc56ced1a0382084b450b85c2a69c07
content-length
326
atrk.gif
certify.alexametrics.com/
0
0

x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/
0
48 B
Image
General
Full URL
https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:57e:7b02:a56d:b4ae:1d46:39b0 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:23 GMT
server
Server
clarity.js
www.clarity.ms/eus2-c/s/0.7.2/
56 KB
19 KB
Script
General
Full URL
https://www.clarity.ms/eus2-c/s/0.7.2/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9aa85s764a
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4f:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
99b523edd72385876c466fc061393829b08dec3aa544963373b22a08fb97784f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:21 GMT
content-encoding
br
last-modified
Wed, 01 Jun 2022 12:22:22 GMT
server
Microsoft-IIS/10.0
x-azure-ref-originshield
0X6LvYwAAAACFEX8z3eqLQq5VDi4MWHy0RlJBMjMxMDUwNDE3MDI3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"1d94267da8e041c"
x-azure-ref
0cnzwYwAAAABabsoQ1XOdQ6SPA4GjcEG3RlJBMzFFREdFMDQxMQA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
cache-control
public,max-age=86400
accept-ranges
bytes
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=4EE9A398E8404D4EB8A52D0B9FFE40EA&RedC=c.clarity.ms&MXFR=1FC52CCCD397600128883E70D7976E0A
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4EE9A398E8404D4EB8A52D0B9FFE40EA&MUID=3D30C7FFDE986857128AD543DFF369DB
42 B
442 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4EE9A398E8404D4EB8A52D0B9FFE40EA&MUID=3D30C7FFDE986857128AD543DFF369DB
Protocol
H2
Server
20.205.115.81 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Feb 2023 07:21:22 GMT
last-modified
Fri, 17 Feb 2023 00:56:25 GMT
server
Microsoft-IIS/10.0
etag
"625d0a86a42d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Sat, 18 Feb 2023 07:21:22 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 14E2DA8817C64CBEBDD7EEF52D4D2544 Ref B: FRAEDGE1118 Ref C: 2023-02-18T07:21:23Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=4EE9A398E8404D4EB8A52D0B9FFE40EA&MUID=3D30C7FFDE986857128AD543DFF369DB
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sdk.js
connect.facebook.net/en_US/
301 KB
85 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=52a5ee1c84bdf3eab155d121a376b28d
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
17ea7f95a459af11b59d128a97432007aa1397aff400c27675cc725196742b87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://2m.ma/
Origin
https://2m.ma
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 18 Feb 2023 07:21:22 GMT
content-md5
obe3RFuy/fpgbuJZ3PYsig==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87019
x-fb-rlafr
0
x-fb-debug
j4KxhxF/EXCfpuQAI2LVfgTaynqDfDw8X+Td4IsLGwZsJLKwkEF+xmMW0qm2ENyEViSMzAUwRaI/TY70j9B8Yw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
45becd237d58ac06709858f81f1e826d
cross-origin-opener-policy
same-origin-allow-popups
etag
"4d4b0e0ecf95d90daf579c54d0bff571"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Sun, 18 Feb 2024 03:21:04 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=743692125982251&ev=fb_page_view&dl=https%3A%2F%2F2m.ma%2Far%2F&rl=https%3A%2F%2Fkellyclarksonkcn1.blogspot.com%2F&if=false&ts=1676704882580&sw=1600&sh=1200&at=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 18 Feb 2023 07:21:22 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=743692125982251&input_token&origin=1&redirect_uri=https%3A%2F%2F2m.ma%2Far%2F&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=52a5ee1c84bdf3eab155d121a376b28d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Sat, 18 Feb 2023 07:21:22 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
7R1i1YHxGnuqNWHm32HHlGhojDRoXLAPa/yXWLCjHL9Z4t35x6Ta3MGorsTwurflodPoEjP2qqVTJMHO0nvegg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://2m.ma
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
45 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JXCE5J40DP&gtm=45je32f0&_p=1028088030&cid=685397713.1676704881&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676704882&sct=1&seg=0&dl=https%3A%2F%2F2m.ma%2Far%2F&dr=https%3A%2F%2Fkellyclarksonkcn1.blogspot.com%2F&dt=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&en=scroll&_fv=1&_ss=1&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JXCE5J40DP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Feb 2023 07:21:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://2m.ma
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
i.clarity.ms/
0
157 B
XHR
General
Full URL
https://i.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.7.2/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://2m.ma/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin
https://2m.ma
date
Sat, 18 Feb 2023 07:21:22 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
icone-telechargement.png
www.habous.gov.ma/horaire%20de%20priere/
3 KB
3 KB
Image
General
Full URL
https://www.habous.gov.ma/horaire%20de%20priere/icone-telechargement.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.178.93.105 Bayonne, France, ASN16276 (OVH, FR),
Reverse DNS
ns61232723.ip-51-178-93.eu
Software
/
Resource Hash
df924256ff0ea17d47ccf659775ffb98345e71ec06cc428a20b44127ad77d2ad
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
public
date
Sat, 18 Feb 2023 07:21:23 GMT
strict-transport-security
max-age=15724800; includeSubDomains
last-modified
Sat, 18 Feb 2023 07:20:01 GMT
etag
"63f07c21-bb3"
content-type
image/png
cache-control
max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges
bytes
content-length
2995
expires
Sun, 18 Feb 2024 07:21:23 GMT
c0d12d1.js
2m.ma/_nuxt/
8 KB
3 KB
Script
General
Full URL
https://2m.ma/_nuxt/c0d12d1.js
Requested by
Host: 2m.ma
URL: https://2m.ma/_nuxt/fcdd942.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.20.14.136 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb5fdb696018dcde1ae6a86e7ad8ee6a210c7df9f46f5eb3ca99356190dfb566

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/ar/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 20 Dec 2022 09:03:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5177529
etag
W/"1e64-1852ec639be"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcMZntBMtYMruaUql0g7%2F5U4D9QbalXHOodtuAXNsopvXPo%2FptvbaJtBpE4%2FuA9xrMhDtMtI0WdFQCIQcRwKZj7hVcZtK43ojfcqBiS4DJag4eqGWE8mjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cf-ray
79b5016ccf6dbbd9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i=?0
OneSignalSDKStyles.css
onesignal.com/sdks/
82 KB
9 KB
Stylesheet
General
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151515
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:22 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains
age
1748
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
79b5016cc8e23a7f-FRA
access-control-allow-headers
OneSignal-Subscription-Id
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Mon, 20 Mar 2023 07:21:22 GMT
collect
i.clarity.ms/
0
48 B
XHR
General
Full URL
https://i.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.7.2/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://2m.ma/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin
https://2m.ma
date
Sat, 18 Feb 2023 07:21:23 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
json.gp
2m.ma/geo/
0
0

truncated
/
823 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b31b15b29d003faa6d463900bc21d6a14265f110748fbc6eab663df83e294caf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/svg+xml
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1028088030&t=event&ni=1&_s=2&dl=https%3A%2F%2F2m.ma%2Far%2F&dr=https%3A%2F%2Fkellyclarksonkcn1.blogspot.com%2F&ul=en-us&de=UTF-8&dt=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=5tq04t&_u=aHBAAEABAAAAACAAI~&jid=&gjid=&cid=685397713.1676704881&tid=UA-16439051-2&_gid=2061385076.1676704882&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F9aa85s764a%2F7uenwf%2F5tq04t&z=1182948279
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Feb 2023 16:24:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
53816
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=2m.ma
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=2m.ma
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
638 B
822 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2437167180245141&correlator=4443706782503320&eid=21065725%2C31071662&output=ldjh&gdfp_req=1&vrg=2023021401&ptt=17&impl=fifs&iu_parts=6013939%2CHabillage&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=264445373&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1676704883299&lmt=1676704883&dlt=1676704881188&idt=676&adxs=800&adys=200&biw=1600&bih=1200&scr_x=0&scr_y=26&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F2m.ma%2Far%2F&ref=https%3A%2F%2Fkellyclarksonkcn1.blogspot.com%2F&frm=20&vis=1&psz=1600x-1&msz=0x-1&fws=516&ohw=1600&ga_vid=685397713.1676704881&ga_sid=1676704883&ga_hid=1028088030&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e07f278cb6ca665d69b27cbce0d2fefafffc2a6753c59424cb3e87b676330eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
319
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://2m.ma
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023021401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
055076c8b26a4b8c28c8718a54e6e063c829026f187455aa69e9a58c37a06c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11149
x-xss-protection
0
container.html
1068e58d273be72f538636020ec3ce41.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0C7E
6 KB
3 KB
Document
General
Full URL
https://1068e58d273be72f538636020ec3ce41.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2m.ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Feb 2023 07:21:23 GMT
expires
Sun, 18 Feb 2024 07:21:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
516 B
292 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2437167180245141&correlator=4443706782503320&eid=21065725%2C31071662&output=ldjh&gdfp_req=1&vrg=2023021401&ptt=17&impl=fifs&iu_parts=6013939%2C970x90%2C250_AR&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=970x90%7C970x250&ifi=2&adks=530718237&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1676704883340&lmt=1676704883&dlt=1676704881188&idt=676&adxs=315&adys=188&biw=1600&bih=1200&scr_x=0&scr_y=26&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F2m.ma%2Far%2F&ref=https%3A%2F%2Fkellyclarksonkcn1.blogspot.com%2F&frm=20&vis=1&psz=1296x0&msz=1272x0&fws=4&ohw=1296&ga_vid=685397713.1676704881&ga_sid=1676704883&ga_hid=1028088030&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17e15f85432c5f33851d9e028012355abc879c6a3a3f69973b7bdcda4f8dd29c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
262
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://2m.ma
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
44 KB
24 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2437167180245141&correlator=4443706782503320&eid=21065725%2C31071662&output=ldjh&gdfp_req=1&vrg=2023021401&ptt=17&impl=fifs&iu_parts=6013939%2C300x250%2C600_Desk&enc_prev_ius=%2F0%2F1%2F%2F2&prev_iu_szs=300x250&ifi=3&adks=3714804199&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1676704883353&lmt=1676704883&dlt=1676704881188&idt=676&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=26&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2F2m.ma%2Far%2F&ref=https%3A%2F%2Fkellyclarksonkcn1.blogspot.com%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=685397713.1676704881&ga_sid=1676704883&ga_hid=1028088030&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25cb91e2f767b24133837fe308a973154a1a5692173dfaf6ef73a3f624de58a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24355
x-xss-protection
0
google-lineitem-id
6217325477
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138421863552
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://2m.ma
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Feb 2023 07:21:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BEFA
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2m.ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
40868
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Feb 2023 20:00:15 GMT
expires
Sat, 17 Feb 2024 20:00:15 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C7C3
783 B
968 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a203f52bca64db747dfb42b92138141f09468d55d933678e7105c47642f8bde8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lXopqgXcYZ1wDxowY0_pkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://2m.ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-lXopqgXcYZ1wDxowY0_pkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 18 Feb 2023 07:21:23 GMT
expires
Sat, 18 Feb 2023 07:21:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
googleads4.g.doubleclick.net/pcs/ Frame 06E0
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuAVOxWV_x6_XCIGE6IW61ix3PPNBmRmCJjr9LpuWWn4JmxeyPpoTdtmmqLiYC6V51l82aSWXNcH6fLrFt1_2X_7k4XbBWZj0XbwlZlRUB7pGSE-V2yPFpiZ4H0-vzbtDpPTat_fFKTui0Ck7yqWQfq_6Sj3-kx8P51m7GV4HBQLUMhuy6EuFYYERkJPSAhE5xlwvnqOlZYK_4KFeaj1XzeR8ami0zd_ngnRMpAs9sag_sOZVM8cB0KXy6uYTBxaDlJQaP_E3iQCaccu3wSU_-vUBoROUKwsgv3Ae73JkDPvPg_R9QRlJ8zytgh6p_VPaa2go8QSrUFH28Wz7jV4xSY_Cja406B2RyUeWIMFHh2Pjknk-E4N7HimNGXirgORwyP5zQ0&sai=AMfl-YTiNT30aJTgM_U6aM2ipjDOJGKRKH6qw3uS4pEl576cMYtBYj9ZveCeoFtEnZUg0_g7WFSwHM-OR3UT1vJ5cKgMrTSWndmY57sYYmcD8CozqX0mGT5SLjWEL7arUw&sig=Cg0ArKJSzI8aB5A6By5CEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: kellyclarksonkcn1.blogspot.com
URL: https://kellyclarksonkcn1.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.180.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s34-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
moatad.js
z.moatads.com/initiativemaorangedcmdisplay546069294969/ Frame 06E0
307 KB
105 KB
Script
General
Full URL
https://z.moatads.com/initiativemaorangedcmdisplay546069294969/moatad.js
Requested by
Host: kellyclarksonkcn1.blogspot.com
URL: https://kellyclarksonkcn1.blogspot.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.37.133 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-37-133.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
44d5462eee3e8c74386ca596e5db17131f15204ec0ffa3eb2bb35aa34241229a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:23 GMT
content-encoding
gzip
last-modified
Mon, 06 Feb 2023 17:51:05 GMT
server
AmazonS3
x-amz-request-id
2HG724ZZRGD3BMDQ
etag
"2a354175b23559c6e7810790fd60641f"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=58696
accept-ranges
bytes
content-length
107108
x-amz-id-2
9enwizVTiT8uo4CUJS5iFWO9pFKBBOUB141OR57lbl3lPiRp0pBe15zeSgfE7GHIJaB6rCNKlY0eafdAQ/Ctbg==
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 06E0
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: kellyclarksonkcn1.blogspot.com
URL: https://kellyclarksonkcn1.blogspot.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 05:21:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
179974
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Feb 2024 05:21:49 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 06E0
156 KB
48 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48814
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676465787912926"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 18 Feb 2023 07:21:23 GMT
17016510739831071891
s0.2mdn.net/simgad/ Frame 06E0
49 KB
50 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/17016510739831071891
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2fa17c1e9adc2aee6c26bbfedefee9c16f3aaaf2e4bc51c7bf8315c008bef6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 16 Feb 2023 13:14:25 GMT
x-content-type-options
nosniff
age
151618
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50558
x-xss-protection
0
last-modified
Fri, 03 Feb 2023 12:07:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Feb 2024 13:14:25 GMT
ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
pagead2.googlesyndication.com/bg/ Frame BEFA
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 20:21:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
39594
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14306
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Feb 2024 20:21:29 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 39C9
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2m.ma/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
144690
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Feb 2023 15:09:53 GMT
expires
Fri, 16 Feb 2024 15:09:53 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame C7C3
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023021401&jk=2437167180245141&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
pagead2.googlesyndication.com/bg/ Frame 39C9
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 17 Feb 2023 20:21:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
39594
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14306
x-xss-protection
0
last-modified
Mon, 13 Feb 2023 15:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Feb 2024 20:21:29 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 06E0
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8rrw2Ef2R_6ujDUP9decTDuKZMAklWWkOqh6zhc-6ryc0DSsPe54nlN_RfutSH7kJcp-_Csz_5-_t1QhuosdRZSZCwSd4C-bRva1LGdN4hq02rGawnReQwHJQR_8OG6CBOJ1dXBEgy-V50-PQ62bNoUTGgoFUSCZHHdaJ3kl1DaZ2908rmbb3cPYWsA1EsC2nLFUZeeWMG-4WZKGiwMAkeIp0lSHv0aJ-UnPWK8vYfAZoznGdjmj8erx00llv37wiolTMQujsSpSnOPxYPU-ufwhxngp01ZO_--AZgjTYoxYsBrSu3leOvoPWPoIXNIE&sai=AMfl-YQJ25mUiBYtAaMxXxu3mwXBUJ9OT7KMdH28kQBAJfBK5marzCJTcHr0-ZmrPq5atKlX2248IQN9IEDo_jxfIlvKBdEquut7UFpams5R-OEBv0qBAdnuG_uKlKcg6A&sig=Cg0ArKJSzCz73ZYcvroaEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 18 Feb 2023 07:21:23 GMT
generate_204
tpc.googlesyndication.com/ Frame BEFA
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?XwHrAg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 18 Feb 2023 07:21:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel.gif
px.moatads.com/
43 B
260 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=INITIATIVE_MA_ORANGE_DCM_DISPLAY1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=3&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=https%3A%2F%2Fkellyclarksonkcn1.blogspot.com&t=1676704883753&de=450703115919&m=0&ar=ce5c79c19dc-clean&iw=416a93f&q=2&cb=0&ym=0&cu=1676704883753&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=29351453%3A5789521%3A358805126%3A186386459&zMoatMarket=MA&zMoatADV=9740281&zGSRS=1&zGSRC=1&gu=https%3A%2F%2F2m.ma%2Far%2F&id=1&ii=4&bo=2m.ma&bd=2m.ma&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=initiativemaorangedcmdisplay546069294969&fd=1&it=500&ti=0&ih=2&pe=1%3A3206%3A3206%3A2429%3A2213&fs=202097&na=402841084&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.37.133 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-37-133.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Feb 2023 07:21:23 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 18 Feb 2023 07:21:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 39C9
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZREQc3zwY-vxFsaM9u8PhbiI0A4AAAAAOAHgBAI&bg=!KCulK3_NAAZYlHKzeJQ7ADkAdvg8WqDTyAOc_szZPYF_dN8yTX9MklOsj5XL-SHGV1gQa5SC42hR4YdLdAqLiwUCyaF3Hk2OBSoCAAABDlIAAAADaAEHCgCAyWK52-hkDJOwuC43owz6StOxqwuoJMTCIjQmwowM_dLeyqFwYjRvU6d94MTptI_2-6O9z_7Qh0f8D2oKzg_LbOVXundGtyeS0en6n1yOV8wIp622ZzsGAFwN85Jcj-IOJsh-eO7p8oIL0oe0u9lUVf591O69orQpRpbpwo5gkJ6ZArBhijo_bZok7X4uT0Qj6RQTrlq9DRXgDcn0gAZE1fTf7kHjfcISKqOnKGf_9FmZ8bDMdrr9rj61P7jW_RQEWKZ8QVKC1OO7Bf7sNhvrRDO6qtxB17-mheMTeQDy6NeJl6119ULnFVKMke7acTfF_Ux0wMogMryxivQixmYTf2UMsGolx-eEDNNt8pTAbUOs5zhDS1dDk0jt0u-EcsntyNQLm1eLJYBFloErPV0FZRAbQRn4-7Uj_26Aki2SzkC1sVL8PCKMTGJbx2uMljvTYIEPnxFuj6s5-6wcktjqEmDGTj4zSWM1Vg2bVxENCPHkJeC_4j8WwbKqwXmgGNuxQvJa3Z9yBBCc0Ekj4nS9QrbbsZHg9a04d3oMamZ6oYHWWw-6LGiJzhvjibDD4fZ-t0ollZ5wjbG3gZrtMSB4jzwKcdosJJjE3CS-mA2gX_zLkmND3sbdMPhxJvYAIhzVp1lLnxnj87sv4Qsz5FN4TGFN9DaEwMC3zWosub1lIkuQQdojZyywxFbA2wkM2eX1_czhLt21Em8ReewYX-P7O9LkfKwlQOG2n62kE0wJQG3HoRpA0ikmhIT9afZJ3CW6-Np4IxFWufGDoNHiw7WQJ9IAF-VgFpTRRECsTkOUGh-A0SCyeVdNPmsubsnjNiptYI3mf8ilqGcZ3uO9js1buavFI5kDuWMyZVz6q3v_Ac-waY3cWrbs3oxYivIx8VJgpovEuXq3SgZW-uHTWKO5O0wzTUSeCmINDMuvcEPL3Y29ArsvzAsENyTqqf9l_Vw-IFnNBp44gBS-j1rza_MAYMV_ugrhg401ZRh3ijwujGU00-dF8oqfVZ1t4jJPZQv-BCc80lul2wQWi4WXspLKr5SyvrmOSJppcSzChGSCjeWiFzKXY5R05ShM1TI88WRkJOtL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Feb 2023 07:21:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023021401&jk=2437167180245141&bg=!xsWlxZHNAAZYlHKzeJQ7ADkAdvg8WmTcndUSn_9_x0DNcCZ2ZfnULUancLrxiPgPZY0W-KDf_PDJJglMRRTQS4Hw6IamTVtl-FUCAAAAuFIAAAADaAEHmQKRDe8xYnCkhudxOoBO6i25mPw4ReJ6ItdDMwHQnZITD1x5NyG0C1F8D7GzLoujmDBd1GYOwCS2VpsYSTBDQ7Aubh1F3nDOMlODs9xSpOStkuGGU2C1zJp67imDs-jeNyn7vUkoLj6Ufo_Ako53EBXJyeWtxhnyxLqTxANNDy5cXf22bLvOt26lQUE8J2eWsTdbr7EE4DRZqbuHx_FcIPxDtFIhSS_pbPD8HkdATEem_ho617Wyc386_n9sesdyxVUMO70dGrpg7f8xepKfwuHL-9XDQvRMoxDE-cZj-A6CcOnXorqCePC73Lvf2aH5nI8mJmTysFkx5QoPTYSJ_2GZZlPhTHLcdFebAoQpuTDHsNEjk-uEacrggeE3FIq1oMt8srYtOMVS6Y4iBt5zPXzw_LkNZ5VeloZPULTM_US9NbmQan6zRo3np9AjjkLxvOJxqkwGQBY48ttkFZY8-VYcrOpES1M9hPx-0RqBSgNGx16jK9sOIFIJhrxJS9LCZBnXUmP6pReW7Ues5xMw-4Pj540gPCGa-wQHQYmDky65RCOg9aJnET1TPKVY9eR_W8eI_tAp50ilwoLXwNp72Ed5GR6F0wh6v0s2E4ypqEOTNHydnK7DJZybttgCk9RRIyZ1cxz2V2AgTzRgfSbMdfwqXypIC3msarbURV9KNWTVnvkY3AwqUVPbefJi2pwN0AfOHfH9Mh1keBh3wv-IhEbIXA7xCsmUhavNNKm7DrI6N2PdmvYTWSvSdextUz--spX9k_boGA4ughV7kNctjsJSbZ2eGJkfnxZmiN-mQv9ZlK0ImxZOm55yMV_PpHV46vO7AwsfWOTVscN26AB-RQTFXGLusoF5zEeZYALCmGPf1HDq
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

collect
i.clarity.ms/
0
48 B
XHR
General
Full URL
https://i.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-c/s/0.7.2/clarity.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.167.85.21 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://2m.ma/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin
https://2m.ma
date
Sat, 18 Feb 2023 07:21:24 GMT
access-control-allow-credentials
true
server
Microsoft-IIS/10.0
vary
Origin
request-context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
collect
region1.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-G6GJSC0FFM&gtm=45je32f0&_p=1028088030&cid=685397713.1676704881&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1676704881&sct=1&seg=0&dl=https%3A%2F%2F2m.ma%2Far%2F&dr=https%3A%2F%2Fkellyclarksonkcn1.blogspot.com%2F&dt=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&en=scroll&epn.percent_scrolled=90&_et=6
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G6GJSC0FFM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Feb 2023 07:21:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://2m.ma
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/
43 B
260 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=11&i=INITIATIVE_MA_ORANGE_DCM_DISPLAY1&hp=1&wf=1&ra=1&pxm=4&sgs=3&vb=3&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&k=&bq=0&f=0&j=https%3A%2F%2Fkellyclarksonkcn1.blogspot.com&t=1676704883753&de=450703115919&m=0&ar=ce5c79c19dc-clean&iw=416a93f&q=3&cb=0&ym=0&cu=1676704883753&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=29351453%3A5789521%3A358805126%3A186386459&zMoatMarket=MA&zMoatADV=9740281&zGSRS=1&zGSRC=1&gu=https%3A%2F%2F2m.ma%2Far%2F&id=1&ii=4&bo=2m.ma&bd=2m.ma&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&gw=initiativemaorangedcmdisplay546069294969&fd=1&it=500&ti=0&ih=2&pe=1%3A3206%3A3206%3A2429%3A2213&fs=202097&na=159535069&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.37.133 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-37-133.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2m.ma/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Feb 2023 07:21:33 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Sat, 18 Feb 2023 07:21:33 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
certify.alexametrics.com
URL
https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&time=1676704882414&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=https%3A%2F%2Fkellyclarksonkcn1.blogspot.com%2F&host_url=https%3A%2F%2F2m.ma%2Far%2F&random_number=17937375409&sess_cookie=98ee08f618663661eede6791d0f&sess_cookie_flag=1&user_cookie=98ee08f618663661eede6791d0f&user_cookie_flag=1&dynamic=true&domain=2m.ma&account=EoMPn1QolK10mh&jsv=20130128&user_lang=en-US
Domain
2m.ma
URL
https://2m.ma/geo/json.gp?ip=146.70.117.79

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 boolean| credentialless object| oncontentvisibilityautostatechange object| Eager object| CloudflareApps string| GoogleAnalyticsObject function| ga object| __cfQR object| __cfBeacon object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| googletagSetup object| googletag object| ggeac boolean| google_plmetrics object| google_js_reporting_queue undefined| google_measure_js_timing object| google_tag_manager object| dataLayer object| __twttrll object| twttr object| __twttr function| gtag function| onYouTubeIframeAPIReady function| clarity function| OneSignal object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent number| blockedPercentForAddtlConsent number| numberBetweenZeroAndOne boolean| isBlockingAddtlConsent object| sas boolean| sas_usePostStandard boolean| sas_blockAddtlConsent object| ID5 function| SasIabApi number| intervalCounterNumberCMP V2 number| intervalCounterNumberCCPA number| intervalCounterNumberGPP object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| sas_renderMode object| _atrk_opts object| __NUXT__ number| __oneSignalSdkLoadCount object| AMP boolean| __cfRLUnblockHandlers object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| vttjs function| WebVTT function| Hammer function| _ object| $nuxt function| fbAsyncInit function| __jp0 function| atrk boolean| _atrk_fired object| FB number| uidEvent object| __buffer object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| Moat#G26 boolean| Moat#EVA object| MoatSuperV26 object| google_image_requests

23 Cookies

Domain/Path Name / Value
malhomkhoua.com/ Name: PHPSESSID
Value: 50e68b31863b317f04d2855816619dbb
.2m.ma/ Name: _gid
Value: GA1.2.2061385076.1676704882
.2m.ma/ Name: _gat
Value: 1
.2m.ma/ Name: _ga
Value: GA1.1.685397713.1676704881
.2m.ma/ Name: _ga_G6GJSC0FFM
Value: GS1.1.1676704881.1.0.1676704881.0.0.0
www.clarity.ms/ Name: CLID
Value: 4cf883815cea4b67b05afd246106eb7a.20230218.20240218
.2m.ma/ Name: __asc
Value: 98ee08f618663661eede6791d0f
.2m.ma/ Name: __auc
Value: 98ee08f618663661eede6791d0f
.2m.ma/ Name: _clck
Value: 7uenwf|1|f98|0
2m.ma/ Name: cf_use_ob
Value: 0
.2m.ma/ Name: _ga_JXCE5J40DP
Value: GS1.1.1676704882.1.0.1676704882.0.0.0
2m.ma/ Name: cookiesession1
Value: 678B2871B06D6A60ED0F4F52E0A8375A
.2m.ma/ Name: _clsk
Value: 5tq04t|1676704883011|1|1|i.clarity.ms/collect
.bing.com/ Name: MUID
Value: 3D30C7FFDE986857128AD543DFF369DB
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 3D30C7FFDE986857128AD543DFF369DB
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 3D30C7FFDE986857128AD543DFF369DB
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.doubleclick.net/ Name: IDE
Value: AHWqTUlSRABHeZ5TghrgDJFMYsWct0k3WpWvH3yfMCifGQx_1ytxkLO_koNd9OYQyMI
.2m.ma/ Name: __gads
Value: ID=1f6ed6be61595e2a:T=1676704883:S=ALNI_MZbZjHHekBjrlQpZnu5rvYlEym2zw
.2m.ma/ Name: __gpi
Value: UID=00000bb8c32fa551:T=1676704883:RT=1676704883:S=ALNI_MYGHcsWD1ue2C2pO-jmlLtlwYVzVw

24 Console Messages

Source Level URL
Text
javascript error URL: https://2m.ma/_nuxt/e761ebb.js(Line 1)
Message:
Refused to set unsafe header "sec-ch-ua"
javascript error URL: https://2m.ma/_nuxt/e761ebb.js(Line 1)
Message:
Refused to set unsafe header "sec-ch-ua-mobile"
javascript error URL: https://2m.ma/_nuxt/e761ebb.js(Line 1)
Message:
Refused to set unsafe header "sec-ch-ua-platform"
javascript error URL: https://2m.ma/_nuxt/e761ebb.js(Line 1)
Message:
Refused to set unsafe header "sec-fetch-dest"
javascript error URL: https://2m.ma/_nuxt/e761ebb.js(Line 1)
Message:
Refused to set unsafe header "sec-fetch-mode"
javascript error URL: https://2m.ma/_nuxt/e761ebb.js(Line 1)
Message:
Refused to set unsafe header "sec-fetch-site"
javascript error URL: https://2m.ma/_nuxt/e761ebb.js(Line 1)
Message:
Refused to set unsafe header "cookie"
javascript error URL: https://2m.ma/_nuxt/e761ebb.js(Line 1)
Message:
Refused to set unsafe header "Referer"
network error URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&time=1676704882414&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=https%3A%2F%2Fkellyclarksonkcn1.blogspot.com%2F&host_url=https%3A%2F%2F2m.ma%2Far%2F&random_number=17937375409&sess_cookie=98ee08f618663661eede6791d0f&sess_cookie_flag=1&user_cookie=98ee08f618663661eede6791d0f&user_cookie_flag=1&dynamic=true&domain=2m.ma&account=EoMPn1QolK10mh&jsv=20130128&user_lang=en-US
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://2m.ma/api/get-iframe
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://2m.ma/api/getHotTopics
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://2m.ma/api/getSliderSection
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://2m.ma/api/getDossierSpecial
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://2m.ma/api/getListEmissions
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://2m.ma/api/mostViewed
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://2m.ma/api/getSectionUne
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://2m.ma/api/getmastertags
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://2m.ma/api/articlesrecent-paginated/0
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://2m.ma/api/grille/list
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://2m.ma/api/articlesrecent
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://2m.ma/api/getListJT
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://2m.ma/api/getmastertags
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://2m.ma/api/getLiveSection
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://2m.ma/api/getBreakingNews
Message:
Failed to load resource: the server responded with a status of 502 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1068e58d273be72f538636020ec3ce41.safeframe.googlesyndication.com
2m.ma
adservice.google.com
adservice.google.de
c.bing.com
c.clarity.ms
cdn.ampproject.org
cdn.onesignal.com
ced.sascdn.com
certify-js.alexametrics.com
certify.alexametrics.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads4.g.doubleclick.net
i.clarity.ms
id5-sync.com
imasdk.googleapis.com
kellyclarksonkcn1.blogspot.com
malhomkhoua.com
onesignal.com
pagead2.googlesyndication.com
platform.twitter.com
px.moatads.com
r.sascdn.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
region1.google-analytics.com
s0.2mdn.net
securepubads.g.doubleclick.net
static.cloudflareinsights.com
stats.g.doubleclick.net
syndication.twitter.com
tpc.googlesyndication.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.habous.gov.ma
z.moatads.com
2m.ma
certify.alexametrics.com
104.20.14.136
104.244.42.72
108.138.17.48
142.250.180.226
162.19.138.119
2.18.37.133
2.18.79.142
20.205.115.81
2001:4860:4802:32::36
2600:1f13:57e:7b02:a56d:b4ae:1d46:39b0
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6810:3965
2606:4700::6812:d63b
2620:1ec:4f:1::45
2620:1ec:c11::200
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2008
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:400d:804::2001
2a00:1450:400d:805::200a
2a00:1450:400d:806::2003
2a00:1450:400d:80a::2006
2a00:1450:400d:80a::200e
2a00:1450:400d:80c::2001
2a00:1450:400d:80d::2004
2a00:1450:400d:80e::2002
2a00:1450:4025:401::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
5.196.111.64
51.178.93.105
52.167.85.21
69.163.198.49
0140437ec6cb29bc6ac6f8505f05f11603a430298e48c1ea483f7de390ba34a9
0361961e7f70710ed9bbace05f9df029fbef3c50ae2b5d09b4f846047de6b6ea
055076c8b26a4b8c28c8718a54e6e063c829026f187455aa69e9a58c37a06c43
08796af5032a95b13e97b480698b016e6ed374232c4c6337b513f8065115841e
0de668ffbb871116cb13791b38a6816ba4949167ea2752a49ec67fee8e739d6e
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
138364753b8d31982576a0a268036891460813f57097fe4dc87272d9d8ef83d6
17c45f18bd6cfd29070e517a30e356bc7da0f32b3666751254ab776ed92bc800
17e15f85432c5f33851d9e028012355abc879c6a3a3f69973b7bdcda4f8dd29c
17ea7f95a459af11b59d128a97432007aa1397aff400c27675cc725196742b87
19297d0d24ad777c2059c8aa8f247d2623ed4416bebc5d283bcc6c7f579e1dbc
1cb444a951825c6214bcc489545961c49dfadb4c0cc01b3f399aea3efd9192d8
1f56c2984babee36c5008ae3290384e27a63931814265ffe8ddda6a2fc38b41e
201d4e3abf8746820d279061cb6d27c41549e62bea3bdd5d8c97f4030d6e1b42
25cb91e2f767b24133837fe308a973154a1a5692173dfaf6ef73a3f624de58a3
26b9b25b29f72e001eada0bd71c686a53a67804171383def492ea8c7fc36e258
28408c328d2ca123c9deeafcb35c7347162f701cb3390138f14dec1d45aae1fb
2a92ea12d9a962a7dabc765f17bb662a6911774ed46c67fc7cc8d1de081e66fa
328cc866bbd43a73f3742f59aca4df9e04bf14354d8847461f6641279326de63
35a84f47e05bda3d13c3f610bd344e26e11980512761e296e4c97383023a2204
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3ae88f57f0348d9b11258f88926e791d4dc8dc66b365d8aca36cb731257b7fc0
3afed2aacf8c0517f09305021b17928f6c859b61417544fa69ea1a12430ebafd
3c3af293c92bffe2f5f6f31753be6de274bf677ee5c4de05428cf394d63d4941
3fac421f0e04198b535d169a2139f300c72b7aaa2cd81aec3c4fd93f270b3c92
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
44645e0a17242e9cb5cbcdee27d339fed36cf5ed604398b0809d9810f8c14b8d
44d5462eee3e8c74386ca596e5db17131f15204ec0ffa3eb2bb35aa34241229a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4e07f278cb6ca665d69b27cbce0d2fefafffc2a6753c59424cb3e87b676330eb
4f643d8884f06e54b6226221a074778f150559e47cea98a66558e7069dfb3711
5012529136a5f0aaca92da7340a22e6da887595ce48dcaac26e490fe9706d0ea
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
509667b7aa70dd067288fa173cb8b6623dac009fb394c7b28e4c0b61a0cd981d
52a2de38a98b958dd6355e62686e814f62bfbab13fb3f9322cae3e6dc734890d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569f0615d7b0e6cb50dcf3ea74ce5eaddd77fa8de79d5953db9738b36806f4df
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ccb2741858c86750bae3cfd18f6f2ff87f9bfe0808acb1a4d3676f17cbdef4
6b021b8d2cebe6a4d6fe9f985b211641bd6f783758135c7a31bac56ac474218d
6c0cb57b800559bcf53c0118f1e36e00ffacec365ee6e61331377e20206609b1
754fd98d3054bdb1ab20e0c5056e125b2ddc0f14992c2e8fbb12b5a0cd212d03
781b23bdb387966d207c9577baa224504673818fce48c771d9cf2d5ca2e8dcb3
7fa38979b260b8046863afde7f5ed8c57cb43513b46129c1c33464d34ea6085b
805aefa720deee7c1a388e961fb631be6cc7ea35fddce6295d75fd1d2a9e1715
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84ec4d46a42112e855a36f2f59b40897451ad769a6ae92385f1dacf467dfc9c1
852711ee8cd6e8c26f1f29118fa19e029e260980f3db7fd4979a7e070a58f8a2
8828e2be0050751407f6cc852478b1b9950cc4b4ea982c019d288f6a842645ae
90f3ce50d631813354e1c8a436547ec3cea62fcdf685119e0b8f7693902dc69c
94dcd3d970de1521446a302eb1e99c6d13f22493b9c90a477b13a49046ce586e
96a363cc28dc48cd1b13ec5a201056ae53b3fc5265d0f43c7e91ee2afd041d2d
9741dd4c010517a7b54a621e8af7c0639149b16f9a5970288e0012e76b7559ab
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
987be6f0e092cb97f4e2218d5035a0f05bf4e25db73992e236ca4b449ee22758
99a4f2a0204fba9482eff0593850b915f6dd2244eb824477be07e4ae085eb1b9
99b523edd72385876c466fc061393829b08dec3aa544963373b22a08fb97784f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4100482ef01d58945b592343830638ff208b8930d31c59eb936598dd92e21c
9df1486c30794a66038424122c0610a2c0af663fc839fc72caff730a7742d23d
9ede93636a8abc463364f9352de0b0e7d53396aa027c22ed278c042ed3ed8623
9efa7519fa43bce81efcb0f8546be490d37b3c6a3ec0075a043eef7e6c174c80
a203f52bca64db747dfb42b92138141f09468d55d933678e7105c47642f8bde8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a60a65a52594c2ee976d3373d07164a273e38e177d2b31083205bf16ceab7473
a85af52452417453ae5ced98aa54a149925de2155e823234dce588c331d11aa0
aec1273daa6df2443053427acbd188f229d60ed9d83ef9bccba3f8a8f21fc3dc
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b081f7bf790678b56a2c0502651d6873cbabc09e78fe40655df15f918b1e369b
b31b15b29d003faa6d463900bc21d6a14265f110748fbc6eab663df83e294caf
b31b22e83cb30293ea55004b334beff2b7ffd4af4fafe99b84ed0a44a9732833
b3565ea346e63fda91cc67ba8fc11e95b7482d5873a4f4c6a47c4185b772d9a1
ba257ab6608042d4589dfce1ff28a7a2f76f40696736bc7feb44a886506dc2e6
c1379f85917577d7d979cce41045b8a7f6af28559899a87f0da13c809df772f6
c2fa17c1e9adc2aee6c26bbfedefee9c16f3aaaf2e4bc51c7bf8315c008bef6a
c842f82ce2736e2a09f091c9caf793577e926529edc5ceace55a2c8431cd0d19
c97b961169cacf48bca2ba8ea10e797953b4691583c3b8fd53f4acc08b69f0c7
ca078a47ab231ffad9ce0ce64a650d66065ca7863954ea32bbdf8115e94d04a9
cb5fdb696018dcde1ae6a86e7ad8ee6a210c7df9f46f5eb3ca99356190dfb566
cb7dadfee42703d011a9e651d5a3c15b415a1662aa3ed43f3358fb05d2c72b9e
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd85da9508541520503cad02a17e8d3ade1c79b808b2bd11dc0a5d3368c0c381
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d02fb496d513c66cfbb7b8550861f921d8a52222f7bfac26c30435bd81f3fb23
d2c4e0c25f8905ca07310555c6912ec856554b65c8d22fd01ccdf684f2020142
d49c1aadeb209f9d35412088af5b253c466235ff08fed6903388f5fd635c732d
d94cffb6c23f13d19fb5be28d65e892e414ffbfa9877ac946688fc0c8614a01b
da9069c8373f02b09222a859b34318894099610b104d260af185a66b40a131c7
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
de8f431c146ab1feb612cb7ced0842ae5c4e2f12067d13db0badeca73977200b
df924256ff0ea17d47ccf659775ffb98345e71ec06cc428a20b44127ad77d2ad
dffe7d16ad8a596271f7e615fb9790fb5657db671c445edf775601e87690edef
e1108edbbc7535a107cc9f3d4f6de1e5178f7d296ee870007ec2126de8c51347
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fe10eae3495c57a3e02ebb4e30efb2f2e7c03ca292dfc6274d1d14fa2baa8b
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
e61d99c36f2231c90f3b761fb13497d5ffd46965f61befcb0928293ece44a881
e6cdc31421453d1955b884275c715c5f13f78ea5da02cfb696dbd816d1e8ff63
ee80cf3b15ea6f7dd08ba1b6bbb065994092b94415845536e0db3476ea80fad4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f67077d8268ccafcca51f8470505bc37be21930b793b147c1ccb67a1e915818a
f6c2fe21a0cdfa248b8ea2419e50c1214c7addd6a91a1ff884011becb1cf9447
f87e83d40bb6703b256521c7a9d281dca6a8c5602876dbf13953b9887e61026d
f8a861b8d6ba109b0595502cd595b1b7e7ab6cc78ac7f7777414b1201618cea7
ff0c1645de02e1a078633f5a43339f7ce8fe75e9f0bce5549779d83cc42acd15
ffdfc591d8628204b0fdbf242ea0a460fb9de5d7201b700e2d5a026759dbd63d