Report - verifytounlockacc.servehttp.com/2b9d144e1a66a45/login.php

Report Overview

URL

verifytounlockacc.servehttp.com/2b9d144e1a66a45/login.php
IP

174.138.26.216

ASN

#14061 DIGITALOCEAN-ASN
Submitted

2023-06-03T16:25:46Z

Access

public
Tags

dyndns
urlquery detections

Suspicious - DynDNS domain

Detections

urlquery

2
Network Intrusion Detection

4
Threat Detection Systems

0

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
verifytounlockacc.servehttp.com (1)	unknown	No data	No data	513	395	174.138.26.216
2m.ma (67)	1634	2012-08-03 14:59:43	2023-06-02 22:05:04	30465	11413224	104.20.13.136
fonts.googleapis.com (1)	8877	2013-06-10 22:14:26	2023-06-02 22:31:04	477	1927	142.250.74.74
cdn.onesignal.com (1)	3015	2015-04-22 15:41:50	2023-06-02 18:12:07	404	4156	104.18.214.59
s.infogram.com (2)	24795	2017-08-15 13:40:00	2023-06-02 22:05:12	827	9324	34.251.205.104
ocsp.pki.goog (3)	175	2018-07-01 08:43:07	2023-06-02 18:12:05	999	2098	142.250.74.131
imasdk.googleapis.com (1)	11661	2014-10-30 18:42:18	2023-06-03 01:12:54	408	122990	142.250.74.170
static.cloudflareinsights.com (1)	1294	2019-09-24 16:34:56	2023-06-02 18:22:53	476	11572	104.16.56.101
ocsp.r2m02.amazontrust.com (5)	unknown	2022-10-12 16:01:39	2023-06-02 21:12:29	1700	4707	54.230.80.227
ocsp.r2m01.amazontrust.com (1)	unknown	2022-10-12 22:43:53	2023-06-02 21:38:54	340	942	54.230.80.227
fonts.gstatic.com (4)	unknown	2014-09-09 02:40:21	2023-06-03 00:31:03	2102	40997	142.250.74.35
2msoread-ww.amagi.tv (122)	unknown	2022-05-30 19:16:32	2023-06-03 01:17:10	58326	88817525	54.230.111.73
cdn.jifo.co (4)	23525	2017-02-20 14:56:02	2023-06-02 22:05:12	1743	2230770	104.26.6.6
infogram.com (3)	22028	2015-07-03 22:19:26	2020-06-15 12:08:32	1453	3410500	34.251.205.104
gfonts.jifo.co (14)	unknown	2022-11-01 13:25:32	2023-06-02 22:05:13	7308	470338	104.26.6.6
branding.jifo.co (4)	50679	2019-09-06 12:22:21	2023-06-03 01:17:26	1956	50879	104.26.6.6
images.jifo.co (2)	36072	2020-01-15 16:11:35	2023-06-02 22:05:14	836	58712	104.26.6.6
cdn.ampproject.org (1)	329	2015-10-09 06:27:01	2023-06-02 18:12:10	410	113771	216.58.207.193
www.googletagmanager.com (3)	75	2013-05-22 04:07:37	2023-06-02 19:28:07	1243	290945	142.250.74.72
www.habous.gov.ma (1)	unknown	2012-10-19 20:37:33	2023-06-02 22:05:10	453	0	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-03T16:25:13Z	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.servehttp .com
2023-06-03T16:25:13Z	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.servehttp .com
2023-06-03T16:25:13Z	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.servehttp .com
2023-06-03T16:25:13Z	medium	Client IP	Internal IP	ET POLICY DNS Query to DynDNS Domain *.servehttp .com

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

HTTP Transactions (241)

URL IP Response Size

verifytounlockacc.servehttp.com/2b9d144e1a66a45/login.php

174.138.26.216

302 Found

URL User Request GET HTTP/1.1

verifytounlockacc.servehttp.com/2b9d144e1a66a45/login.php
IP

174.138.26.216:443
ASN

#14061 DIGITALOCEAN-ASN

Certificate

IssuercPanel, Inc.

Subjectverifytounlockacc.servehttp.com

Fingerprint2D:41:36:31:70:8E:01:4B:E0:46:A5:61:29:FD:CD:C3:5F:1B:57:13

ValiditySat, 03 Jun 2023 00:00:00 GMT - Fri, 01 Sep 2023 23:59:59 GMT

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain

HTTP Headers

                                        GET /2b9d144e1a66a45/login.php HTTP/1.1
Host: verifytounlockacc.servehttp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 302 Found
Date: Sat, 03 Jun 2023 16:25:14 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=aaa5afe03fcc26b63a438f55ee19edee; path=/
Location: http://2m.ma
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

2m.ma/

104.20.13.136

302 Found

URL User Request GET HTTP/2

2m.ma/
IP

104.20.13.136:443
ASN

#13335 CLOUDFLARENET

Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

Fingerprint4F:09:5F:AE:EC:E1:CA:87:9A:5C:58:DD:3F:75:DA:C2:65:E8:A2:40

ValidityTue, 05 Jul 2022 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: 2m.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 301 Moved Permanently
Date: Sat, 03 Jun 2023 16:25:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 03 Jun 2023 17:25:16 GMT
Location: https://2m.ma/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9uz3eVDFJamuLKWzP4I1UI9hMMNelVgTelW96HHqKsxXC782dFzDkITiOWqylzEz5iax8yjQ5XA%2BAX%2Bb%2B2P97gVz8SXi4KFLy%2BAX3TDSf7wwgEMR7BpwwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d194a838b1f1c12-OSL
alt-svc: h2=":443"; ma=60

2m.ma/_nuxt/40651e2.js

104.20.14.136

200 OK

2258

URL GET HTTP/3

2m.ma/_nuxt/40651e2.js
IP

104.20.14.136:443
ASN

#13335 CLOUDFLARENET

Requested by

https://2m.ma/ar/
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

Fingerprint4F:09:5F:AE:EC:E1:CA:87:9A:5C:58:DD:3F:75:DA:C2:65:E8:A2:40

ValidityTue, 05 Jul 2022 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (3486), with no line terminators

Size

2258
Hash

71858746573502fe54dcac02cc63cea2

b6c596f41e74fbdd16f3d442a03fe0b5ad783d08

168de0514296b5196af7712e92363e01adf2e2646f4b5148e56be1d533bb2b6a

HTTP Headers

                                        GET /_nuxt/40651e2.js HTTP/1.1
Host: 2m.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2m.ma/ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
date: Sat, 03 Jun 2023 16:25:16 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 26 Apr 2023 16:37:19 GMT
etag: W/"d9e-187be6d30df"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3279953
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lB1kOcJpWTudwoJ5k%2Fmv6Obw7TBBgjTCWiGOvloT6Fp6gdkj0AO4neHxwJLdpsmNmPAbEwgcrD8g6QCJlcwOIqj%2BfqgUtVWRbO2kxTKyUPbUr9J3d1W1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d194a874b951bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Tajawal:wght@300;400;700&display=swap

142.250.74.74

200 OK

1297

URL GET HTTP/2

fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Tajawal:wght@300;400;700&display=swap
IP

142.250.74.74:443
ASN

#15169 GOOGLE

Requested by

https://2m.ma/ar/
Certificate

IssuerGoogle Trust Services LLC

Subjectupload.video.google.com

Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0

ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

Magic

gzip compressed data, max compression\012- data

Size

1297
Hash

897f82fa085fd462df84690fa5a297d5

269fd478a276edaf551064533c757dbad9992c7c

5fbb84d679c753b5981dfaa6668182aa23f9f3c43ae60dc69f30773896e34cf6

HTTP Headers

                                        GET /css2?family=Roboto:wght@400;700&family=Tajawal:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Jun 2023 16:25:16 GMT
date: Sat, 03 Jun 2023 16:25:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

a00f3dc75fd1587d3d2e84493ab8e680

c2e3fc5223bae816093bc5c4ac3f74fc4df0d23f

9a3d5ca383a6c93226435ab009b60b0676e777e84d821e2305534c13f630e68d

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 16:25:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

0c2c7b69894efc120cd8bab945a227b2

11800be962b5b0cf260591d3c55113d217cbfa3b

61fdd82d5869d4eb3e250031c6a63be89e282cfdc50e3a7f04de1e6ba17044f9

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 16:25:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

2m.ma/_nuxt/9f9d9b9.js

104.20.14.136

200 OK

48565

URL GET HTTP/3

2m.ma/_nuxt/9f9d9b9.js
IP

104.20.14.136:443
ASN

#13335 CLOUDFLARENET

Requested by

https://2m.ma/ar/
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

Fingerprint4F:09:5F:AE:EC:E1:CA:87:9A:5C:58:DD:3F:75:DA:C2:65:E8:A2:40

ValidityTue, 05 Jul 2022 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT

Magic

Unicode text, UTF-8 text, with very long lines (63510), with no line terminators

Size

48565
Hash

31f6f2430021125130cdad70096622f6

a4ba52f4cd90178aed62bab1558030b567942425

7a497826b620821eebaee33dbc76b22c353b2f7e0bb9b5987f7a405a15c9a083

HTTP Headers

                                        GET /_nuxt/9f9d9b9.js HTTP/1.1
Host: 2m.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2m.ma/ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
date: Sat, 03 Jun 2023 16:25:16 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 26 Apr 2023 16:37:19 GMT
etag: W/"10de7-187be6d30cf"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3279953
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qeh6OhJPSnO1cnYSH851ij0hZfm4FijzMC8Rr7LSfYPTMx0BxErEboYoxu%2BGauMdwqxVPKZoIQ9QOv3CmxhWrpFufB5KjYObc9a8zBMib9z%2BDEeiQjA%2FfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d194a875b9e1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

imasdk.googleapis.com/js/sdkloader/ima3.js

142.250.74.170

200 OK

122262

URL GET HTTP/2

imasdk.googleapis.com/js/sdkloader/ima3.js
IP

142.250.74.170:443
ASN

#15169 GOOGLE

Requested by

https://2m.ma/ar/
Certificate

IssuerGoogle Trust Services LLC

Subjectupload.video.google.com

Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0

ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

Magic

ASCII text, with very long lines (2675)

Size

122262
Hash

1efe6b20939d6b966f7591d955aab876

f07d1a94f36d5f7be8fac946c833947e7154f701

d1f7d57c54a2f168df796106063e89d2c6dc208ceeb2fca5257ed9297ec2bf88

HTTP Headers

                                        GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 122262
date: Sat, 03 Jun 2023 16:25:17 GMT
expires: Sat, 03 Jun 2023 16:25:17 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

2m.ma/_nuxt/1edf515.js

104.20.14.136

200 OK

35691

URL GET HTTP/3

2m.ma/_nuxt/1edf515.js
IP

104.20.14.136:443
ASN

#13335 CLOUDFLARENET

Requested by

https://2m.ma/ar/
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

Fingerprint4F:09:5F:AE:EC:E1:CA:87:9A:5C:58:DD:3F:75:DA:C2:65:E8:A2:40

ValidityTue, 05 Jul 2022 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT

Magic

Unicode text, UTF-8 text, with very long lines (65504), with no line terminators

Size

35691
Hash

7149830345fbe95eecd8ce2e6521427e

70871cae721645f7d185c89552e3e1e47348f949

22cba971c434a4b0609536f7df5d8b2b0673ca17f7a42efdffcdc7f2ca483f6e

HTTP Headers

                                        GET /_nuxt/1edf515.js HTTP/1.1
Host: 2m.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2m.ma/ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
date: Sat, 03 Jun 2023 16:25:16 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Sun, 16 Apr 2023 15:03:02 GMT
etag: W/"19069-1878a9745d2"
vary: Accept-Encoding
cf-cache-status: HIT
age: 4151861
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gf0Ub5a7KLEXW9G%2Blma%2F%2Fw5H3tHP%2BxO%2BVXIsB%2BR6j2vdsjNSo1taHA%2FHY72%2BJJiFf1tsUFEQ7ujDGHWNFNAP9DHWXd1NxaVNKRddfjpKzouKACYkmdw5UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d194a875ba21bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

2m.ma/_nuxt/4ca321b.js

104.20.14.136

200 OK

27138

URL GET HTTP/3

2m.ma/_nuxt/4ca321b.js
IP

104.20.14.136:443
ASN

#13335 CLOUDFLARENET

Requested by

https://2m.ma/ar/
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

Fingerprint4F:09:5F:AE:EC:E1:CA:87:9A:5C:58:DD:3F:75:DA:C2:65:E8:A2:40

ValidityTue, 05 Jul 2022 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT

Magic

Unicode text, UTF-8 text, with very long lines (65289)

Size

27138
Hash

fac557da1af29c46f64c86f22a5556cf

7a1e60e8b4782cc8b4a23a2b93639babdb590aad

42ce25a6c970b32fd17d3ede083f4bca2ba9068b3e9fdfb68f6e01f603a89474

HTTP Headers

                                        GET /_nuxt/4ca321b.js HTTP/1.1
Host: 2m.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2m.ma/ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
date: Sat, 03 Jun 2023 16:25:16 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 26 Apr 2023 16:37:19 GMT
etag: W/"12413-187be6d30c3"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3279953
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=93%2ByU%2FiSq9qdf2frSxJ3Eh%2BL7SShQHJNKgg3cVsxIgGz%2BlMe53E9ZKw0K891wPxZvJcy%2FKEuk%2FnEdil1vbdQSdFqfZnkfmKfQwMkam3HzZr4Z44qLCALaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d194a875ba51bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.googletagmanager.com/gtag/js?id=G-G6GJSC0FFM

142.250.74.72

200 OK

80480

URL GET HTTP/2

www.googletagmanager.com/gtag/js?id=G-G6GJSC0FFM
IP

142.250.74.72:443
ASN

#15169 GOOGLE

Requested by

https://2m.ma/ar/
Certificate

IssuerGoogle Trust Services LLC

Subject*.google-analytics.com

Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C

ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT

Magic

ASCII text, with very long lines (3288)

Size

80480
Hash

132b92f803953ed77ecc39eb0abf38b6

166ba9967a725e5524049550ae139b73bfb7d0b5

3918f1863541872fcec66941842582d138415eed1bfae25d5e8fe3c9ae8af678

HTTP Headers

                                        GET /gtag/js?id=G-G6GJSC0FFM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Jun 2023 16:25:17 GMT
expires: Sat, 03 Jun 2023 16:25:17 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80480
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzGBCw.woff2

142.250.74.35

200 OK

10256

URL GET HTTP/2

fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzGBCw.woff2
IP

142.250.74.35:443
ASN

#15169 GOOGLE

Requested by

https://2m.ma/ar/
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5

ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

Magic

Web Open Font Format (Version 2), TrueType, length 10256, version 1.0\012- data

Size

10256
Hash

f18eb7346bae415c6367ed0907125227

a9e8e937c5afc2f9feb46bfcb8fa854728a494a8

b081f7bf790678b56a2c0502651d6873cbabc09e78fe40655df15f918b1e369b

HTTP Headers

                                        GET /s/tajawal/v9/Iura6YBj_oCad4k1nzGBCw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://2m.ma
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10256
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 00:20:04 GMT
expires: Thu, 30 May 2024 00:20:04 GMT
cache-control: public, max-age=31536000
age: 317113
last-modified: Wed, 27 Apr 2022 16:06:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471

URL

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

0c2c7b69894efc120cd8bab945a227b2

11800be962b5b0cf260591d3c55113d217cbfa3b

61fdd82d5869d4eb3e250031c6a63be89e282cfdc50e3a7f04de1e6ba17044f9

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Jun 2023 16:25:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

2m.ma/_nuxt/icons/icon_512x512.e53428.png

104.20.14.136

200 OK

32889

URL GET HTTP/3

2m.ma/_nuxt/icons/icon_512x512.e53428.png
IP

104.20.14.136:443
ASN

#13335 CLOUDFLARENET

Requested by

https://2m.ma/ar/
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

Fingerprint4F:09:5F:AE:EC:E1:CA:87:9A:5C:58:DD:3F:75:DA:C2:65:E8:A2:40

ValidityTue, 05 Jul 2022 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT

Magic

PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data

Size

32889
Hash

b38cde185b4c0a4d5c79c1ed8758e3d8

7471f2f7bb53e16d29c82378f2a18e076aed46f9

25ce3394801b8eafcccab023be475525d91718dd7c3b70c122a14d27b26a13f7

HTTP Headers

                                        GET /_nuxt/icons/icon_512x512.e53428.png HTTP/1.1
Host: 2m.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2m.ma/ar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
date: Sat, 03 Jun 2023 16:25:17 GMT
content-type: image/png
content-length: 32889
cache-control: public, max-age=31536000
last-modified: Wed, 10 May 2023 14:17:18 GMT
etag: W/"8079-188060605f9"
cf-cache-status: HIT
age: 769839
accept-ranges: bytes
priority: u=4,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ub%2FT5o4%2FAJiJdAUYcoUO8f1GYarqXs%2FDoZd1VloFiCDHI8bZAtLyx%2BQNX6ZkFUmQGBXkudD%2F%2FpbeCNXJs%2FZoWDgvHM1a70G3ihyTOJ2cW73GfbSzXWDVdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d194a8ba84e1bfe-OSL
alt-svc: h3=":443"; ma=86400

cdn.onesignal.com/sdks/OneSignalSDK.js

104.18.214.59

200 OK

3359

URL GET HTTP/2

cdn.onesignal.com/sdks/OneSignalSDK.js
IP

104.18.214.59:443
ASN

#13335 CLOUDFLARENET

Requested by

https://2m.ma/ar/
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

Fingerprint68:AF:AC:17:CA:79:7A:8F:ED:F8:D8:57:93:79:CA:FB:69:50:9B:19

ValidityWed, 03 May 2023 00:00:00 GMT - Thu, 02 May 2024 23:59:59 GMT

Magic

ASCII text, with very long lines (9163)

Size

3359
Hash

06f50014011c1fcd9e21b6b0481979de

3abc04cc0a3ee2e844f2b8bb6e50baa451882aa0

194addf8fd862999286b33cf83116babe8c700ba3a28111777f49ca72c429970

HTTP Headers

                                        GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
date: Sat, 03 Jun 2023 16:25:17 GMT
content-type: application/javascript
etag: W/"06f50014011c1fcd9e21b6b0481979de"
access-control-allow-headers: OneSignal-Subscription-Id
via: 1.1 google
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 1867
expires: Tue, 06 Jun 2023 16:25:17 GMT
cache-control: public, max-age=259200
set-cookie: __cf_bm=GEiuRUL26_Y52CKTfz4d95Up4rFQkvHNHM_UTRgQ1_U-1685809517-0-ASClS2VXRqktQBFL4Ngrxf6u1IiiPokXi10We0g09hUKHuNHJOmfhx+OlfHO2kQrtBCjIg2Rkg5Z0fItI1w8+vA=; path=/; expires=Sat, 03-Jun-23 16:55:17 GMT; domain=.onesignal.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 7d194a893c8c0afa-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-JXCE5J40DP&l=dataLayer

142.250.74.72

200 OK

80485

URL GET HTTP/3

www.googletagmanager.com/gtag/js?id=G-JXCE5J40DP&l=dataLayer
IP

142.250.74.72:443
ASN

#15169 GOOGLE

Requested by

https://2m.ma/ar/
Certificate

IssuerGoogle Trust Services LLC

Subject*.google-analytics.com

Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C

ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT

Magic

ASCII text, with very long lines (3288)

Size

80485
Hash

78b56424ced5c3794447cc36528e6554

db789311f04fe4256fb89810d1bbfee8fe743c0b

ab7be822ba921ae53d659ebb097b163db07482b716ebf916e0e84477ede0358d

HTTP Headers

                                        GET /gtag/js?id=G-JXCE5J40DP&l=dataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Jun 2023 16:25:17 GMT
expires: Sat, 03 Jun 2023 16:25:17 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 80485
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816

104.16.56.101

200 OK

11180

URL GET HTTP/2

static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
IP

104.16.56.101:443
ASN

#13335 CLOUDFLARENET

Requested by

https://2m.ma/ar/
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

Fingerprint89:79:35:ED:04:A2:CA:50:F7:9A:B8:FE:DF:A5:0C:B1:F2:E6:DD:E8

ValidityMon, 10 Apr 2023 00:00:00 GMT - Tue, 09 Apr 2024 23:59:59 GMT

Magic

gzip compressed data, from Unix\012- data

Size

11180
Hash

90a4d6da59f2309ce98544982f97855a

ab4249c0ea66f3c8ba68b720fd11271602c80f61

2347a6497a784bb58f810126b4f1473fb7e1c6c862d3b8cd7145f16fb2dc27c7

HTTP Headers

                                        GET /beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://2m.ma
DNT: 1
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
date: Sat, 03 Jun 2023 16:25:16 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2023.4.2
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d194a878a92b505-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

2m.ma/_nuxt/150ac7a.js

104.20.14.136

200 OK

30735

URL GET HTTP/3

2m.ma/_nuxt/150ac7a.js
IP

104.20.14.136:443
ASN

#13335 CLOUDFLARENET

Requested by

https://2m.ma/ar/
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

Fingerprint4F:09:5F:AE:EC:E1:CA:87:9A:5C:58:DD:3F:75:DA:C2:65:E8:A2:40

ValidityTue, 05 Jul 2022 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT

Magic

ASCII text, with very long lines (65485)

Size

30735
Hash

d972b80d2650742cb03317ed3f9f74b8

7b65141f3ed642120db8e2b2e01b709e7361abf7

e59f2e3f96f013b6177ffcfdc8f0452aeca3dfb938ee16baaa7aadff3737b947

HTTP Headers

                                        GET /_nuxt/150ac7a.js HTTP/1.1
Host: 2m.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2m.ma/ar/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
date: Sat, 03 Jun 2023 16:25:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
last-modified: Wed, 26 Apr 2023 16:37:19 GMT
etag: W/"144ee-187be6d30df"
vary: Accept-Encoding
cf-cache-status: HIT
age: 3279953
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NO9IZtHuHiFj8jSlxyJGFAyByQ5QX9wA6mkd6cKvua1tzmdRViDH7ORlTBydQn8IAqXb4O2UUnVN9tOTcnrVOQCCJ0p4e1C6a4%2B4lgjfJ1SfBDhGbtOBug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d194a8f5c0c1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

2m.ma/_nuxt/img/shape.5ab0126.png

104.20.14.136

200 OK

4207

URL GET HTTP/3

2m.ma/_nuxt/img/shape.5ab0126.png
IP

104.20.14.136:443
ASN

#13335 CLOUDFLARENET

Requested by

https://2m.ma/ar/
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

Fingerprint4F:09:5F:AE:EC:E1:CA:87:9A:5C:58:DD:3F:75:DA:C2:65:E8:A2:40

ValidityTue, 05 Jul 2022 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT

Magic

PNG image data, 141 x 141, 8-bit/color RGBA, non-interlaced\012- data

Size

4207
Hash

c5fb17edc93d7b2549247b609477b997

7d513675f8e6103924b527796f2b08e2924f36b6

987be6f0e092cb97f4e2218d5035a0f05bf4e25db73992e236ca4b449ee22758

HTTP Headers

                                        GET /_nuxt/img/shape.5ab0126.png HTTP/1.1
Host: 2m.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2m.ma/ar/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
date: Sat, 03 Jun 2023 16:25:18 GMT
content-type: image/png
content-length: 4207
cache-control: public, max-age=31536000
last-modified: Wed, 10 May 2023 14:16:59 GMT
etag: W/"106f-1880605bca5"
cf-cache-status: HIT
age: 716721
accept-ranges: bytes
priority: u=4,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KX40WV%2FZEKwacCPRuW4a8eIqM3d22JRtZzoG7oZ8YqziJLVC02XT8WHyunFPtkRXbndruPUP9O0374zjj9mf9OLVL6bLzKBn0l%2BCQOfrJiRFYN%2BXNFv%2FNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d194a8fcc6d1bfe-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2

142.250.74.35

200 OK

9996

URL GET HTTP/2

fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
IP

142.250.74.35:443
ASN

#15169 GOOGLE

Requested by

https://2m.ma/ar/
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5

ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

Magic

Web Open Font Format (Version 2), TrueType, length 9996, version 1.0\012- data

Size

9996
Hash

e9c38c1110be8eac901fbe1fa4dff374

aba40d14b54e93d55124da50975b075c28969a41

de8f431c146ab1feb612cb7ced0842ae5c4e2f12067d13db0badeca73977200b

HTTP Headers

                                        GET /s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://2m.ma
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9996
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 08:06:33 GMT
expires: Fri, 31 May 2024 08:06:33 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:11:33 GMT
content-type: font/woff2
age: 202725
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2

142.250.74.35

200 OK

8712

URL GET HTTP/2

fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2
IP

142.250.74.35:443
ASN

#15169 GOOGLE

Requested by

https://2m.ma/ar/
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5

ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

Magic

Web Open Font Format (Version 2), TrueType, length 8712, version 1.0\012- data

Size

8712
Hash

a560bce992322f72d6abc068846a3f93

869883a30861df05f8402581fb89560aef96b221

328cc866bbd43a73f3742f59aca4df9e04bf14354d8847461f6641279326de63

HTTP Headers

                                        GET /s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://2m.ma
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 13:52:29 GMT
expires: Thu, 30 May 2024 13:52:29 GMT
cache-control: public, max-age=31536000
age: 268369
last-modified: Wed, 27 Apr 2022 16:11:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

2m.ma/_nuxt/fonts/fa-solid-900.1551f4f.woff2

104.20.14.136

200 OK

78268

URL GET HTTP/3

2m.ma/_nuxt/fonts/fa-solid-900.1551f4f.woff2
IP

104.20.14.136:443
ASN

#13335 CLOUDFLARENET

Requested by

https://2m.ma/ar/
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

Fingerprint4F:09:5F:AE:EC:E1:CA:87:9A:5C:58:DD:3F:75:DA:C2:65:E8:A2:40

ValidityTue, 05 Jul 2022 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT

Magic

Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196\012- data

Size

78268
Hash

d824df7eb2e268626a2dd9a6a741ac4e

0ccb2c814a7e4ca12c4778821633809cb0361eaa

9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

HTTP Headers

                                        GET /_nuxt/fonts/fa-solid-900.1551f4f.woff2 HTTP/1.1
Host: 2m.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://2m.ma/ar/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
date: Sat, 03 Jun 2023 16:25:18 GMT
content-type: font/woff2
content-length: 78268
cache-control: public, max-age=31536000
last-modified: Mon, 23 Jan 2023 23:39:38 GMT
etag: W/"131bc-185e1006994"
cf-cache-status: HIT
age: 7097874
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=seVZQrP%2F%2BxBxce3CrTpMxyEzBTrTst3wViZajfecIvH1UaUVkcu7N4le1s%2F0gq4rphpBRLpeGrRHQ9O0Ks%2BJd2Ji7ECq64qF78mgYM0Q6NreNxcHeb7jYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d194a90cd591bfe-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzSBC45I.woff2

142.250.74.35

200 OK

8724

URL GET HTTP/3

fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzSBC45I.woff2
IP

142.250.74.35:443
ASN

#15169 GOOGLE

Requested by

https://2m.ma/ar/
Certificate

IssuerGoogle Trust Services LLC

Subject*.gstatic.com

FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5

ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

Magic

Web Open Font Format (Version 2), TrueType, length 8724, version 1.0\012- data

Size

8724
Hash

20217aa9d3eaac472e24b02bcdcd6c9b

ee278f79d297f09fd3bf15fe453332649b1aa69e

1f56c2984babee36c5008ae3290384e27a63931814265ffe8ddda6a2fc38b41e

HTTP Headers

                                        GET /s/tajawal/v9/Iura6YBj_oCad4k1nzSBC45I.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://2m.ma
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 23:35:21 GMT
expires: Thu, 30 May 2024 23:35:21 GMT
cache-control: public, max-age=31536000
age: 233397
last-modified: Wed, 27 Apr 2022 16:06:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

2m.ma/_nuxt/fonts/fa-regular-400.7a33376.woff2

104.20.14.136

200 OK

13224

URL GET HTTP/3

2m.ma/_nuxt/fonts/fa-regular-400.7a33376.woff2
IP

104.20.14.136:443
ASN

#13335 CLOUDFLARENET

Requested by

https://2m.ma/ar/
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

Fingerprint4F:09:5F:AE:EC:E1:CA:87:9A:5C:58:DD:3F:75:DA:C2:65:E8:A2:40

ValidityTue, 05 Jul 2022 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT

Magic

Web Open Font Format (Version 2), TrueType, length 13224, version 331.-31196\012- data

Size

13224
Hash

b91d376b8d7646d671cd820950d5f7f1

13517529affa39e2585c591acae6dc336b6aa917

e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca

HTTP Headers

                                        GET /_nuxt/fonts/fa-regular-400.7a33376.woff2 HTTP/1.1
Host: 2m.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://2m.ma/ar/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 200 OK
date: Sat, 03 Jun 2023 16:25:18 GMT
content-type: font/woff2
content-length: 13224
cache-control: public, max-age=31536000
last-modified: Wed, 26 Apr 2023 16:37:19 GMT
etag: W/"33a8-187be6d306f"
cf-cache-status: HIT
age: 2412571
accept-ranges: bytes
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9BqsXEVYr7gZoJY6Nk%2FlAWuJCOYiLX74HzkG0eIN7g2TaQ7OovP4ycIudAHFzAkw%2FRmRBIihq29%2FPdF2g48Psrpq3SOhC6jlAOB%2BZueV%2BSEONLQBjASgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d194a91be611bfe-OSL
alt-svc: h3=":443"; ma=86400

2m.ma/api/getDossierSpecial

104.20.14.136

204 No Content

URL GET HTTP/3

2m.ma/api/getDossierSpecial
IP

104.20.14.136:443
ASN

#13335 CLOUDFLARENET

Requested by

https://2m.ma/ar/
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

Fingerprint4F:09:5F:AE:EC:E1:CA:87:9A:5C:58:DD:3F:75:DA:C2:65:E8:A2:40

ValidityTue, 05 Jul 2022 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /api/getDossierSpecial HTTP/1.1
Host: 2m.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
locale: ar
DNT: 1
Connection: keep-alive
Referer: https://2m.ma/ar/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 204 No Content
date: Sat, 03 Jun 2023 16:25:18 GMT
cache-control: max-age=0, must-revalidate, private
pragma: no-cache
expires: Sat, 03 Jun 2023 16:25:18 GMT
cf-cache-status: DYNAMIC
priority: u=4,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WSejpofumphypTss68yhpokFsp5O2GioPbpQvKHuYSIcCQ19muQMVvBqVk%2BnkHTZY%2BgYpZvac07W5gJs4QE%2F4k%2B5P7rzuMcmz3U5hyaSphvPftx8Sracw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d194a917e1e1bfe-OSL
alt-svc: h3=":443"; ma=86400

2m.ma/api/getBreakingNews

104.20.14.136

204 No Content

URL GET HTTP/3

2m.ma/api/getBreakingNews
IP

104.20.14.136:443
ASN

#13335 CLOUDFLARENET

Requested by

https://2m.ma/ar/
Certificate

IssuerCloudflare, Inc.

Subjectsni.cloudflaressl.com

Fingerprint4F:09:5F:AE:EC:E1:CA:87:9A:5C:58:DD:3F:75:DA:C2:65:E8:A2:40

ValidityTue, 05 Jul 2022 00:00:00 GMT - Tue, 04 Jul 2023 23:59:59 GMT

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET /api/getBreakingNews HTTP/1.1
Host: 2m.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
locale: ar
DNT: 1
Connection: keep-alive
Referer: https://2m.ma/ar/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/3 204 No Content
date: Sat, 03 Jun 2023 16:25:18 GMT
cache-control: max-age=0, must-revalidate, private
pragma: no-cache
expires: Sat, 03 Jun 2023 16:25:18 GMT
cf-cache-status: DYNAMIC
priority: u=4,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Loz1h1aO8dyD7ybviPCN3d5F%2Bwwc%2B1GnkGln%2FvaHeFnVG9auNVHfbdr0QdK5jV%2BkBEmD3kXJgcF9CcHB2LOcF33rBfdw9qHv5vpFUMJ9vg%2B6Q1JQs5AYLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d194a918e381bfe-OSL
alt-svc: h3=":443"; ma=86400

ocsp.r2m02.amazontrust.com/

54.230.80.227

471

URL

ocsp.r2m02.amazontrust.com/
IP

54.230.80.227:0
ASN

#16509 AMAZON-02

Magic

data

Size

471
Hash

bdbff6c33c9ae944830e42b05114b877

ba55c7112c82b6ee47931b20243d0f1f1e66ef23

de0e8447ed6eebbcde6fef02b8ca4ea9947dcca4782de71f1e4c0b2a07587e87

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 03 Jun 2023 16:25:18 GMT
Last-Modified: Sat, 03 Jun 2023 16:09:04 GMT
Server: ECAcc (nya/7968)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: F7IvXeBg51XmQm8nO_IrbS3gMv_dRuSDxm-2GgTBXjp9xLYbwGuDvg==
Age: 974

ocsp.r2m02.amazontrust.com/

54.230.80.227

471

URL

ocsp.r2m02.amazontrust.com/
IP

54.230.80.227:0
ASN

#16509 AMAZON-02

Magic

data

Size

471
Hash

bdbff6c33c9ae944830e42b05114b877

ba55c7112c82b6ee47931b20243d0f1f1e66ef23

de0e8447ed6eebbcde6fef02b8ca4ea9947dcca4782de71f1e4c0b2a07587e87

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 03 Jun 2023 16:25:18 GMT
Last-Modified: Sat, 03 Jun 2023 16:15:46 GMT
Server: ECAcc (nya/1C5C)
X-Cache: Miss from cloudfront
Via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JA3r-d2Y5-zYF95i3GZzBiuhIhXdz-EqaXSSVPCMgSSf3-0gkA4UoA==
Age: 572

ocsp.r2m02.amazontrust.com/

54.230.80.227

471

URL

ocsp.r2m02.amazontrust.com/
IP

54.230.80.227:0
ASN

#16509 AMAZON-02

Magic

data

Size

471
Hash

bdbff6c33c9ae944830e42b05114b877

ba55c7112c82b6ee47931b20243d0f1f1e66ef23

de0e8447ed6eebbcde6fef02b8ca4ea9947dcca4782de71f1e4c0b2a07587e87

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 03 Jun 2023 16:25:18 GMT
Last-Modified: Sat, 03 Jun 2023 16:09:04 GMT
Server: ECAcc (nya/7946)
X-Cache: Miss from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _XOZKOePJAr9KXplkkMyXWN-O9v3alkIcyyiByd2oODZt_M8kMhnVQ==
Age: 974

ocsp.r2m02.amazontrust.com/

54.230.80.227

471

URL

ocsp.r2m02.amazontrust.com/
IP

54.230.80.227:0
ASN

#16509 AMAZON-02

Magic

data

Size

471
Hash

bdbff6c33c9ae944830e42b05114b877

ba55c7112c82b6ee47931b20243d0f1f1e66ef23

de0e8447ed6eebbcde6fef02b8ca4ea9947dcca4782de71f1e4c0b2a07587e87

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 03 Jun 2023 16:25:18 GMT
Last-Modified: Sat, 03 Jun 2023 14:50:14 GMT
Server: ECAcc (bsa/EA8F)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: U6B7M52nSipSTKTapNhvtncGgkleVTv_c-p5e7thljomaRDRASv2ng==
Age: 5704

2msoread-ww.amagi.tv/mediasfiles/videos/images/2023/06/02/16857396868-1.png

54.230.111.73

200 OK

353555

URL GET HTTP/2

2msoread-ww.amagi.tv/mediasfiles/videos/images/2023/06/02/16857396868-1.png
IP

54.230.111.73:443
ASN

#16509 AMAZON-02

Requested by

https://2m.ma/ar/
Certificate

IssuerAmazon

Subject*.amagi.tv

Fingerprint9D:D5:0E:FA:66:B5:E0:9F:25:FC:2F:9A:6F:3A:CB:D4:C6:B3:38:00

ValidityTue, 21 Feb 2023 00:00:00 GMT - Sat, 13 Jan 2024 23:59:59 GMT

Magic

JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1920x1080, components 3\012- data

Size

353555
Hash

e5fb5359ef4986cfc7026d92c2e4f36f

705630643c950e7482a7b639d09a108e6a5fddcd

9a527cda56b55bef2875bdc70de0b6d2f9208e133cbd3728367e95c9774eff5c

HTTP Headers

                                        GET /mediasfiles/videos/images/2023/06/02/16857396868-1.png HTTP/1.1
Host: 2msoread-ww.amagi.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/2 200 OK
content-type: image/png
content-length: 353555
server: nginx/1.19.6
date: Sat, 03 Jun 2023 09:54:48 GMT
last-modified: Fri, 02 Jun 2023 21:01:26 GMT
etag: "647a58a6-56513"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cuYyLgSbDiV066pU5vRQhxMrDeUPZjHZ4WjmzLEcLx4jTNTRfJmAxw==
age: 23429
X-Firefox-Spdy: h2

2msoread-ww.amagi.tv/mediasfiles/videos/images/2023/06/02/1685734921MVI_1538.png

54.230.111.73

200 OK

359441

URL GET HTTP/2

2msoread-ww.amagi.tv/mediasfiles/videos/images/2023/06/02/1685734921MVI_1538.png
IP

54.230.111.73:443
ASN

#16509 AMAZON-02

Requested by

https://2m.ma/ar/
Certificate

IssuerAmazon

Subject*.amagi.tv

Fingerprint9D:D5:0E:FA:66:B5:E0:9F:25:FC:2F:9A:6F:3A:CB:D4:C6:B3:38:00

ValidityTue, 21 Feb 2023 00:00:00 GMT - Sat, 13 Jan 2024 23:59:59 GMT

Magic

JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1920x1080, components 3\012- data

Size

359441
Hash

6161965caf52de415b81874ef4599da1

8d88ae255673ccd8ed91365df1657423ab040a8f

ad9a5a34d37dec991ce81bc3aada41ddabeadbdb2e33dd352f39d28c55c06857

HTTP Headers

                                        GET /mediasfiles/videos/images/2023/06/02/1685734921MVI_1538.png HTTP/1.1
Host: 2msoread-ww.amagi.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                        HTTP/2 200 OK
content-type: image/png
content-length: 359441
server: nginx/1.19.6
date: Fri, 02 Jun 2023 22:24:37 GMT
last-modified: Fri, 02 Jun 2023 19:42:01 GMT
etag: "647a4609-57c11"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oBONRPUAztn-ZTlAHj9om63v1lF12CHV01dixL5QqENKSjQKzOTutA==
age: 64841
X-Firefox-Spdy: h2

ocsp.r2m02.amazontrust.com/

54.230.80.227

471

URL

ocsp.r2m02.amazontrust.com/
IP

54.230.80.227:0
ASN

#16509 AMAZON-02

Magic

data

Size

471
Hash

bdbff6c33c9ae944830e42b05114b877

ba55c7112c82b6ee47931b20243d0f1f1e66ef23

de0e8447ed6eebbcde6fef02b8ca4ea9947dcca4782de71f1e4c0b2a07587e87

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 03 Jun 2023 16:25:18 GMT
Last-Modified: Sat, 03 Jun 2023 14:50:14 GMT
Server: ECAcc (bsa/EA8F)
X-Cache: Miss from cloudfront
Via: 1.1 3bff78035f818b6a3185b0f5f4586410.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mE5UZsfahlmwfNCK_u8Zg5vX1eMhZUng5JUT2QtAlILVhCbamFWNMg==
Age: 5704

2msoread-ww.amagi.tv/mediasfiles/images/2022/06/29/carre_1656458608xc.png

54.230.111.73

200 OK

731429

URL GET HTTP/2

2msoread-ww.amagi.tv/mediasfiles/images/2022/06/29/carre_1656458608xc.png
IP

54.230.111.73:443
ASN

#16509 AMAZON-02

Requested by

https://2m.ma/ar/
Certificate

IssuerAmazon

Subject*.amagi.tv

Fingerprint9D:D5:0E:FA:66:B5:E0:9F:25:FC:2F:9A:6F:3A:CB:D4:C6:B3:38:00

ValidityTue, 21 Feb 2023 00:00:00 GMT - Sat, 13 Jan 2024 23:59:59 GMT

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (50)

#1 JS:Script (size: 4691)

#2 JS:Script (size: 74771)

#3 JS:Script (size: 227994)

#4 JS:Script (size: 46509)

#5 JS:Script (size: 3840)

#6 JS:Script (size: 128169)

#7 JS:Script (size: 102505)

#8 JS:Script (size: 366423)

#9 JS:Script (size: 39019)

#10 JS:Script (size: 628271)

#11 JS:Script (size: 1536)

#12 JS:Script (size: 136)

#13 JS:Script (size: 11670)

#14 JS:Script (size: 26940)

#15 JS:Script (size: 17126)

#16 JS:Script (size: 717662)

#17 JS:Script (size: 83182)

#18 JS:Script (size: 147)

#19 JS:Script (size: 19667)

#20 JS:Script (size: 33112)

#21 JS:Script (size: 1207660)

#22 JS:Script (size: 1684)

#23 JS:Script (size: 401)

#24 JS:Script (size: 19927)

#25 JS:Script (size: 175)

#26 JS:Script (size: 16896)

#27 JS:Script (size: 4741)

#28 JS:Script (size: 452)

#29 JS:Script (size: 147628)

#30 JS:Script (size: 797416)

#31 JS:Script (size: 69095)

#32 JS:Script (size: 1019)

#33 JS:Script (size: 351)

#34 JS:Script (size: 28441)

#35 JS:Script (size: 13104)

#36 JS:Script (size: 98744)

#37 JS:Script (size: 2882909)

#38 JS:Script (size: 3486)

#39 JS:Script (size: 112207)

#40 JS:Script (size: 9204)

#41 JS:Script (size: 247237)

#42 JS:Script (size: 5817)

#43 JS:Script (size: 29739)

#44 JS:Script (size: 5790)

#45 JS:Script (size: 12332)

#46 JS:Script (size: 213)

#47 JS:Script (size: 335)

#48 JS:Script (size: 227994)

#49 JS:Script (size: 304)

#50 JS:Script (size: 161850)

HTTP Transactions (241)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

Magic