firefox.settings.services.mozilla.com/v1/
18.165.201.80200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.165.201.80:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 23:03:22 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4c52c2a46d6ce20208b2160aa3b35a5a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: awLCj4-Owjpy6guSx4XRLkwoHakGd60-togrPJVSME2F76LiyfpnwQ==
Age: 2626
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11762
Expires: Mon, 03 Oct 2022 03:03:10 GMT
Date: Sun, 02 Oct 2022 23:47:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
108.156.28.102200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 108.156.28.102:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a6a1a17bbe377bf7c4423397c71959da.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: WlnDVQES6_qlm59-K7MoVSxH8W2-Nh0ZkPlRLhxjFwGx2Gi5a9iOeQ==
age: 72833
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 23:47:09 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
wesleyvirgin.com/Verification/Package/usps/
74.115.32.74302 Found 0 B URL HTTP/1.1 wesleyvirgin.com/Verification/Package/usps/
IP 74.115.32.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /Verification/Package/usps/ HTTP/1.1
Host: wesleyvirgin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sun, 02 Oct 2022 23:47:08 GMT
Server: Apache
Location: http://2m.ma
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
2m.ma/
104.20.14.136301 Moved Permanently 0 B IP 104.20.14.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 2m.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 02 Oct 2022 23:47:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 03 Oct 2022 00:47:09 GMT
Location: https://2m.ma/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w0da5Qp3dmRkfEwH99WToXtHticFVM8lCv3ihI1gttwepxF4N14zkBHwxkbWFKzqPAuRg7U92fVORBhz8vPSrwspOXg412334jwvNxTwkFAjEWuB84UF2g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7541524f7d7efab8-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.165.201.80200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.165.201.80:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 23:32:56 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 23:47:43 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 1872df29670137f21773bdb80da38e36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: NlG-dj93qcTc7MIw-ZcchqiGKSRVuyqEYZwK3n63CvREwgPQFOtJgw==
Age: 856
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4677
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 23:47:09 GMT
Last-Modified: Sun, 02 Oct 2022 22:29:12 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 17 kB IP 142.250.74.3:0
Hash 0679bc7c49e3cf2f1fca3d8be6c895c4
283e7627db2acab9d4eb7ad78e866fd97127b959
8734c4e4e10b27405abdfe3f61584344cd0eb9abdb4f07e7a8cce3dbf02951cf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 23:47:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 4.4 kB IP 142.250.74.3:0
File type gzip compressed data, from Unix\012- data
Hash 7fa8588a9940720a0b6dfc90ecc15f87
71a69f0dbd3b05c4099a087fa10513205c2e41a3
e93acd4daa9e66cadd88a6357ec7e5d1c55483cc68286da4bc65443f4a3519f5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 23:47:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 919794e19207c0f954c5a6f682ecb276
f5384436c8dabcc57a42325fa117ea42f9ce35bf
a635113188994b765d405d87e774118e34603890e831bd6606912a23dd27b92f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5737
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 23:47:09 GMT
Last-Modified: Sun, 02 Oct 2022 22:11:32 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0a868a5ebd51b24339f7f06f567f1fa0
5ab78ae8a20770a68cd44fe1b69e7ec3135cd2c7
b9a62d362a6d255eae42ab51d605bdbe10613c93e5d28f129a7f53bd12c2c31d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 23:47:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.163.147.190101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.147.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 04GA5OijYL7ZMlAMbycSUg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: f7TDzqpCVjHfcQoIcFiok70Pq90=
ced.sascdn.com/tag/3810/smart.js
23.36.77.24200 OK 33 kB URL HTTP/1.1 ced.sascdn.com/tag/3810/smart.js
IP 23.36.77.24:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65319)
Hash a34b1886a99ef356b7e53fdf35ca1e58
0167e57953769e24e1987f59ea23914197110033
239412b1e5a24e6fe754509c3d28279cd898fb153c59624611584399b4c42246
GET /tag/3810/smart.js HTTP/1.1
Host: ced.sascdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 32582
Cache-Control: public, max-age=7200
Expires: Mon, 03 Oct 2022 01:47:10 GMT
Date: Sun, 02 Oct 2022 23:47:10 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 23:47:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 919794e19207c0f954c5a6f682ecb276
f5384436c8dabcc57a42325fa117ea42f9ce35bf
a635113188994b765d405d87e774118e34603890e831bd6606912a23dd27b92f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5738
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 23:47:10 GMT
Last-Modified: Sun, 02 Oct 2022 22:11:32 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 278
cdn.ampproject.org/v0/amp-analytics-0.1.js
216.58.211.1200 OK 163 kB URL HTTP/2 cdn.ampproject.org/v0/amp-analytics-0.1.js
IP 216.58.211.1:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 163 kB (163295 bytes)
Hash 95c00caad5165ff4529be6d99167bf91
9e2959155429ae6b7c2d9ea937dd1983243a77b3
2daf8b5ded82d79d71f14607fc12920b9c6d83dfae64bd5b72ff09d101031686
GET /v0/amp-analytics-0.1.js HTTP/1.1
Host: cdn.ampproject.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
timing-allow-origin: *
content-length: 31967
date: Sun, 02 Oct 2022 23:47:10 GMT
expires: Sun, 02 Oct 2022 23:47:10 GMT
cache-control: private, max-age=604800, stale-while-revalidate=604800
etag: "dfda97fe2a1b5ffc"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 23:47:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.twitter.com/widgets.js
93.184.220.66200 OK 31 kB URL HTTP/1.1 platform.twitter.com/widgets.js
IP 93.184.220.66:0
Hash d92c2eafc8e589458acb342451b1921a
7a40640262517276cab0a0bc7d334b7d85561142
fec731c7df3ba7c0e3119417101d9a229499070317306dfb7973c17c60b13d70
GET /widgets.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Age: 1034
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Date: Sun, 02 Oct 2022 23:47:10 GMT
Etag: "f26384f93da6974ed577808dfa1fede5+gzip"
Last-Modified: Wed, 28 Sep 2022 20:05:37 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F712)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=,edge;dur=1
Vary: Accept-Encoding
x-amzn-internal-status: 304
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 29223
fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzGBCw.woff2
216.58.207.195200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzGBCw.woff2
IP 216.58.207.195:0
Hash de844c181c69790729f9aad92b7decdc
1f905dd8c90a6ac649bbe523c9da15ec0cacaf30
39d7b7fe878a8fcb1bbada167d1e227737f41c24e744ac16b1b7bb7e2cd3c147
GET /s/tajawal/v9/Iura6YBj_oCad4k1nzGBCw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://2m.ma
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10256
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:55:05 GMT
expires: Thu, 28 Sep 2023 19:55:05 GMT
cache-control: public, max-age=31536000
age: 359525
last-modified: Wed, 27 Apr 2022 16:06:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2m.ma/ar/
104.20.13.136200 OK 131 kB IP 104.20.13.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (59588)
Size 131 kB (131232 bytes)
Hash a6dad25183f27173f9eb268e2c51020c
3579e31c2f0764df50e471b16b9f716206ff8c50
234f698119a8d3b3507053ef7c440b58dccf7b8b912d5d49e24f25c8fa8b013c
GET /ar/ HTTP/1.1
Host: 2m.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 23:47:09 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MpcFlvmdwz50o%2BxmYOsYL9VIPhvq1rUiqzfYGHQ5Fgm%2FVUSAgW8pplplO70Kq7O4m%2B7D00g0N2rKGC1FTBmtA1UqavEyKsQ3fvXTrp45ZdhR49r6tHwDig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75415250ed83b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
imasdk.googleapis.com/js/sdkloader/ima3.js
142.250.74.138200 OK 130 kB URL HTTP/2 imasdk.googleapis.com/js/sdkloader/ima3.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (2831)
Size 130 kB (129452 bytes)
Hash 8db5c8346f879a9436ff111fe4b92797
cbd2a6e483e615cdb5b87fa579e007dff4e4d39a
306a84b1d5eca59a4aa29dd439eece6dddebc2413d168eb37ba944282b97edfd
GET /js/sdkloader/ima3.js HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 129452
date: Sun, 02 Oct 2022 23:47:10 GMT
expires: Sun, 02 Oct 2022 23:47:10 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0a868a5ebd51b24339f7f06f567f1fa0
5ab78ae8a20770a68cd44fe1b69e7ec3135cd2c7
b9a62d362a6d255eae42ab51d605bdbe10613c93e5d28f129a7f53bd12c2c31d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 23:47:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 23:47:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 23:47:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sun, 02 Oct 2022 22:41:09 GMT
expires: Mon, 03 Oct 2022 00:41:09 GMT
cache-control: public, max-age=7200
age: 3961
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 23:47:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagservices.com/tag/js/gpt.js
142.250.74.130200 OK 28 kB URL HTTP/2 www.googletagservices.com/tag/js/gpt.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (45165)
Hash e626c8c301a20e6a75d025ec901f542a
048fd71d153376c4895c90d20964c79061e00be9
0a26bcb71da83bf1463223fcf4fff153dbe746836952f987d01b97896f04b9c3
GET /tag/js/gpt.js HTTP/1.1
Host: www.googletagservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27690
date: Sun, 02 Oct 2022 23:47:10 GMT
expires: Sun, 02 Oct 2022 23:47:10 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1352 / 889 of 1000 / last-modified: 1664575501"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 23:47:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-16439051-2&cid=1162316325.1664754430&jid=2070553491&gjid=345724399&_gid=1423050824.1664754430&_u=IEBAAEAAAAAAAC~&z=576496298
74.125.131.154200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-16439051-2&cid=1162316325.1664754430&jid=2070553491&gjid=345724399&_gid=1423050824.1664754430&_u=IEBAAEAAAAAAAC~&z=576496298
IP 74.125.131.154:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-16439051-2&cid=1162316325.1664754430&jid=2070553491&gjid=345724399&_gid=1423050824.1664754430&_u=IEBAAEAAAAAAAC~&z=576496298 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://2m.ma
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://2m.ma
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 02 Oct 2022 23:47:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
216.58.207.194200 OK 131 kB URL HTTP/2 securepubads.g.doubleclick.net/gpt/pubads_impl_2022092701.js
IP 216.58.207.194:0
File type ASCII text, with very long lines (65439)
Size 131 kB (131011 bytes)
Hash 7899f0ee9fd803d3184f687e9e51c08a
1ecbc68dbadb9078b893c9035e1f1b02e52588d8
838e5ed28453d0b0f6f8215f1855f8b6ff977452346d4a1ffe5f0143d1f29077
GET /gpt/pubads_impl_2022092701.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 131011
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 11:27:03 GMT
expires: Sun, 01 Oct 2023 11:27:03 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 27 Sep 2022 08:38:39 GMT
content-type: text/javascript
age: 130807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDK.js
104.18.225.52200 OK 3.3 kB URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDK.js
IP 104.18.225.52:0
File type ASCII text, with very long lines (9097)
Hash 6225205799818193a403c85c4aa07ad6
327e467b1ffd02b20f8ef489afbea88aaba6fefe
1b4d2975e66c610eba4aa4b2929b6d8836c49bfb634938f9077098a8180cc27d
GET /sdks/OneSignalSDK.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 23:47:09 GMT
content-type: application/javascript
etag: W/"ae63ef8ff03da61fffaa7f165729897a"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 1142
expires: Wed, 05 Oct 2022 23:47:09 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 754152536b59b4eb-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53aa134dc3b33b709b6ccf39e549055f
2e85a28ef73d7c403ad693fc8602e95fe3d803f3
877de7cadd4fc848afaac488f89ed987929505b563a03eb79e4e9d8fa0b41a0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 23:47:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
securepubads.g.doubleclick.net/pagead/ppub_config?ippd=2m.ma
216.58.207.194200 OK 6.6 kB URL HTTP/2 securepubads.g.doubleclick.net/pagead/ppub_config?ippd=2m.ma
IP 216.58.207.194:0
Hash 687872037802f327d8108d34bea4b285
39deb18af9300e0db093f15d112bacc8bb9a87b5
339844def0906a0e55b12c6f55453e22fa7d6d405bf372dcad7da08dab746cce
GET /pagead/ppub_config?ippd=2m.ma HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://2m.ma
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
date: Sun, 02 Oct 2022 23:47:10 GMT
expires: Sun, 02 Oct 2022 23:47:10 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 72
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 03-Oct-2022 00:02:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
104.18.47.230200 OK 35 kB URL HTTP/2 static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
IP 104.18.47.230:0
Hash 72aeb4123aec0216e45ae68122405b46
03929790884190f18729cb2b98d2290efcc321ff
e2a07e8f00abb5bfd86520d75464e8309fbfb2465d837b52f563831c51a9e0f0
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://2m.ma
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 23:47:09 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 75415252ca95b4eb-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-16439051-2&cid=1162316325.1664754430&jid=2070553491&_u=IEBAAEAAAAAAAC~&z=259212534
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-16439051-2&cid=1162316325.1664754430&jid=2070553491&_u=IEBAAEAAAAAAAC~&z=259212534
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-16439051-2&cid=1162316325.1664754430&jid=2070553491&_u=IEBAAEAAAAAAAC~&z=259212534 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 23:47:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 50366815306618737b22afb3327c4db9
d362647235cb883e1a58b6d4d6e6144813667119
8b8aa0dbd637f517324351c700f038a94fc87f5444576c337f2e7c6d860e2c50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 23:47:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8c665d81a8995febfec300bd9f554c90
aa3599f282cff5e07d5681ec4854b70a82590f6d
57cd30b987eb23f54208b51c04daefd3657fdd84325f4035817b32e4ad5b5461
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 23:47:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22757282d8018e8a8a59b45853bd8410
921dbd08d39a50418b25efa11b9e8890749b3da9
39b59a860c14f821845c72b5656feca1aa4779a1562e920c3a580628fadedfc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39B59A860C14F821845C72B5656FECA1AA4779A1562E920C3A580628FADEDFC9"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20369
Expires: Mon, 03 Oct 2022 05:26:39 GMT
Date: Sun, 02 Oct 2022 23:47:10 GMT
Connection: keep-alive
certify-js.alexametrics.com/atrk.js
108.138.217.64200 OK 1.6 kB URL HTTP/1.1 certify-js.alexametrics.com/atrk.js
IP 108.138.217.64:0
File type ASCII text, with very long lines (4255), with no line terminators
Hash 5d5ae61c111bc3e116f4764bc74f1b6d
cd5ee2d8374080be231b80aa3e7f08f16549fa4a
7f87d4ed9c6d30b7dd5260c20966c35415b038101a5f9769469ad2729368a702
GET /atrk.js HTTP/1.1
Host: certify-js.alexametrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Date: Mon, 07 Mar 2022 06:05:29 GMT
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Cache-Control: max-age=26920000
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 7cb11ed28173c541fc01b012ea9b85aa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P3
X-Amz-Cf-Id: NuSXkXF-_K5DYCw2yrHO-b1uQvlmoAje4lbLbj_E4eXVkjO1WHuh8w==
Age: 18121302
id5-sync.com/g/v2/102.json
162.19.138.82200 216 B URL HTTP/1.1 id5-sync.com/g/v2/102.json
IP 162.19.138.82:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9f7ac8ec26798e7f4bd25f6d3cbd795d
fc7e12fb7ff9a6b1f5da5e221259c4bd80670834
3f1ff49b42e7c5cf2bf27fd9a4bd68b900653455b380094e7862dd8a66f181a9
POST /g/v2/102.json HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 147
Origin: https://2m.ma
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-origin: https://2m.ma
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
date: Sun, 02 Oct 2022 23:47:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
www.clarity.ms/tag/9aa85s764a
13.107.227.53200 OK 27 kB URL HTTP/2 www.clarity.ms/tag/9aa85s764a
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash afcfc19ad8516af14d3afe7efee22c14
2d3872677d75c86d079e228bbe3d288b0cad3df5
064ccc4d307c8178615c5ad11e5315a03b53766eb845b733db911c364b8e1438
GET /tag/9aa85s764a HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: application/x-javascript
expires: -1
set-cookie: CLID=f48ca182a4134f5a9455b8c9ff1654b9.20221002.20231002; expires=Mon, 02 Oct 2023 23:47:10 GMT; path=/; secure; samesite=none; httponly
request-context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0/iI6YwAAAAD7a8xc6S3TSo8FrL8cM8dcT1NMMjMxMDUwMjA1MDI5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Sun, 02 Oct 2022 23:47:10 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20028
Expires: Mon, 03 Oct 2022 05:20:59 GMT
Date: Sun, 02 Oct 2022 23:47:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20028
Expires: Mon, 03 Oct 2022 05:20:59 GMT
Date: Sun, 02 Oct 2022 23:47:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20028
Expires: Mon, 03 Oct 2022 05:20:59 GMT
Date: Sun, 02 Oct 2022 23:47:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20028
Expires: Mon, 03 Oct 2022 05:20:59 GMT
Date: Sun, 02 Oct 2022 23:47:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:00 GMT
age: 68771
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21b653ea-1faa-4101-b02e-44da6b46de9c.jpeg
34.120.237.76200 OK 44 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21b653ea-1faa-4101-b02e-44da6b46de9c.jpeg
IP 34.120.237.76:0
Hash 05f7051332733e29a3613c9d7d48ecb1
9e10a254cdf8aa70180d8031a797ea69424eac9e
2b8634113c13a0b61120637c1fcbd0364a9cb60b9e747f6c876b11fcd96b4b82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21b653ea-1faa-4101-b02e-44da6b46de9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9095
x-amzn-requestid: 9f6cbd35-adf6-4163-aaf0-a3534bfc25c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZNes7G79oAMF2DQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633544b8-306a82aa5f91bcdb3b349b87;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 07:09:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9pqwazWdgS9eR0U_HxtfgHvTUTnUyN0IRVZlQUzrimpv-9dMLHlcVg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:59:36 GMT
age: 6455
etag: "f964cf69ae825bb32eef4b364df8227c5fb73fce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb166fe-e146-46cf-a93b-905deefbae87.jpeg
34.120.237.76200 OK 3.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb166fe-e146-46cf-a93b-905deefbae87.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9a96da552b7ddb23b1f2fb506de2aed4
2926163d332abfb70f9565a45f7546f2efdc7716
2da0e160e0e8a116ab76614e29609e43d132cc9e56636ad91399f33e53346a23
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb166fe-e146-46cf-a93b-905deefbae87.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3272
x-amzn-requestid: b2ace456-0abd-416c-9c1c-799eb5c73269
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWabG8zIAMF-PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0442-3e61e1e9283bd78e76731b47;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: oHEIG44XMoSu6XEYOPW8LNkvZPbIrgo6KuLHluknV7Hgfv-3IOWL2A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:44:42 GMT
age: 7349
etag: "2926163d332abfb70f9565a45f7546f2efdc7716"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F164f8a71-9ffb-4a25-b46d-b30e7c374f6a.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F164f8a71-9ffb-4a25-b46d-b30e7c374f6a.jpeg
IP 34.120.237.76:0
Hash 2ce79accfa1f9e632c0991f622ccd16d
9cebd435dcc4e6cff85f5d8d57a24cb0d67a376a
a6168dabcdc1cc5dec4142e8865a61949804dc87311d0e918ec99adb5f3849ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F164f8a71-9ffb-4a25-b46d-b30e7c374f6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9760
x-amzn-requestid: 275e6188-8683-43cb-8118-2e85dbc1aa1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWacGf7IAMFryA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0442-2ad71e46388ea4a07bfa523f;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:02 GMT
x-amz-cf-pop: YVR50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lnRX-2sQl0Ueu6lu_tqwA4kjwJGjlHn0UxSAQlAY224i26NgpHfJuA==
via: 1.1 4201bd1d1fc37ea7749b3bd1b64fce02.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:44:41 GMT
age: 7350
etag: "0b865e797846520ccc6fff6fb2ee38d8836bd2c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d589035-4143-4e43-a45c-b842ae27b9a3.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d589035-4143-4e43-a45c-b842ae27b9a3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34ba42086104460665f7f4f579235592
58f10485c5273cbed8159c98b9065b192ba3d00b
79f1febc020ab611c5d9a8bc1af237a63420f8215963fd97f6c4b9bccfa17d24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d589035-4143-4e43-a45c-b842ae27b9a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4522
x-amzn-requestid: cc836204-3c4f-48d0-9569-b1622e6d2178
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMVoRH9toAMFwig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334cfce-096ff90412945ca06335e987;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 22:50:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BzgI7sWS7fsSOANaDI0S4qrT_2iIkp2TOt3bPfm56T0m9jmxRFfSIA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 12:52:35 GMT
age: 39276
etag: "58f10485c5273cbed8159c98b9065b192ba3d00b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8a8cc8-8c9a-4305-bb96-a248c5e44655.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8a8cc8-8c9a-4305-bb96-a248c5e44655.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f1af609199093985d73fd1d256482c12
a54f3f4af645c1c93299360bc7dcf06bbae8de81
047e15a2d3ea5b7d1f3d22cdac2ac0446c6267c99deb0b12576366088d29d5b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8a8cc8-8c9a-4305-bb96-a248c5e44655.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8657
x-amzn-requestid: 172be66b-6140-4ff6-a061-22d177e75c23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YtlXZGujoAMF2vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63288295-6f74795f2b26d54409b2f388;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 14:54:13 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JuivAaE3zJE1Hyn9GdpPB3Z94FvDmfvGyuIYPrAOFlhyClh9yQfefQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:59:39 GMT
age: 6452
etag: "a54f3f4af645c1c93299360bc7dcf06bbae8de81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
216.58.207.195200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
IP 216.58.207.195:0
Hash 150ad25ae6fb885881a486108c56c4cd
6049eebd76b52e84b2417f11fda82ff26161c2b4
674d8ceed7a083a5f6cfb979f23e5dcbc1525394348b3ee532b6e7ce5185d1f7
GET /s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://2m.ma
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9996
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:53:49 GMT
expires: Thu, 28 Sep 2023 19:53:49 GMT
cache-control: public, max-age=31536000
age: 359602
last-modified: Wed, 27 Apr 2022 16:11:33 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2
216.58.207.195200 OK 8.7 kB URL HTTP/2 fonts.gstatic.com/s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 8712, version 1.0\012- data
Hash a560bce992322f72d6abc068846a3f93
869883a30861df05f8402581fb89560aef96b221
328cc866bbd43a73f3742f59aca4df9e04bf14354d8847461f6641279326de63
GET /s/tajawal/v9/Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://2m.ma
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 20:05:56 GMT
expires: Thu, 28 Sep 2023 20:05:56 GMT
cache-control: public, max-age=31536000
age: 358875
last-modified: Wed, 27 Apr 2022 16:11:35 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzSBC45I.woff2
216.58.207.195200 OK 8.7 kB URL HTTP/2 fonts.gstatic.com/s/tajawal/v9/Iura6YBj_oCad4k1nzSBC45I.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 8724, version 1.0\012- data
Hash 20217aa9d3eaac472e24b02bcdcd6c9b
ee278f79d297f09fd3bf15fe453332649b1aa69e
1f56c2984babee36c5008ae3290384e27a63931814265ffe8ddda6a2fc38b41e
GET /s/tajawal/v9/Iura6YBj_oCad4k1nzSBC45I.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://2m.ma
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 20:09:06 GMT
expires: Tue, 26 Sep 2023 20:09:06 GMT
cache-control: public, max-age=31536000
age: 531485
last-modified: Wed, 27 Apr 2022 16:06:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2F2m.ma
93.184.220.66200 OK 105 kB URL HTTP/1.1 platform.twitter.com/widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2F2m.ma
IP 93.184.220.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56043)
Size 105 kB (105433 bytes)
Hash 9ad25b279d9409c21f3b1d2fd4ec7c9c
340c755b7b0d627db7b4fe1399a229035ffc0f0f
659c804a6ebe1fc3c0af9e431ec7724b47010a77a6994c59131139090b0509df
GET /widgets/widget_iframe.8f764d5bd2778f88121d31d7d8d8e1e3.html?origin=https%3A%2F%2F2m.ma HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 265153
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 02 Oct 2022 23:47:11 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 19 Jan 2022 19:04:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F71C)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433
2msoread-ww.amagi.tv//tagimg/78431f73fbb247a334e3a0d49cd59a56.png
108.156.46.109200 OK 228 kB URL HTTP/2 2msoread-ww.amagi.tv//tagimg/78431f73fbb247a334e3a0d49cd59a56.png
IP 108.156.46.109:0
File type PNG image data, 736 x 151, 8-bit/color RGB, non-interlaced\012- data
Size 228 kB (227999 bytes)
Hash 2ec920ea171d58c7155e58026ee94bb1
cb3956c5abc9b6b98a6445c5cba49a83dee3d43d
7f27016439f4c6e457c57be4e6f500dd3892c45d6f35967b56cf07bc4965f9f0
GET //tagimg/78431f73fbb247a334e3a0d49cd59a56.png HTTP/1.1
Host: 2msoread-ww.amagi.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 227999
server: nginx/1.19.6
last-modified: Fri, 24 Dec 2021 16:06:57 GMT
accept-ranges: bytes
date: Sun, 02 Oct 2022 10:00:35 GMT
etag: "61c5f021-37a9f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ecb81e1ddb3e9c0e95ccd92ba71aedc4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: tavko8EALU9hBRNDvMplbdSLefV-vJ-23GNxr5UgeytLTM0C930UJQ==
age: 49596
X-Firefox-Spdy: h2
2msoread-ww.amagi.tv/mediasfiles/2018/9/13/1536838329/1536838329%D8%B3%D8%B1%D8%B7%D8%A7%D9%86_J78vRkX.jpg
108.156.46.109200 OK 26 kB URL HTTP/2 2msoread-ww.amagi.tv/mediasfiles/2018/9/13/1536838329/1536838329%D8%B3%D8%B1%D8%B7%D8%A7%D9%86_J78vRkX.jpg
IP 108.156.46.109:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 828x460, components 3\012- data
Hash 0f5b0438010767ddac060045c2e492be
d1b78be953b64a0152fe3ca35101f208234b0d36
0ebb25034899b5a758d17c18ba26ca6643be90947f7c5f90521342fdd15963d2
GET /mediasfiles/2018/9/13/1536838329/1536838329%D8%B3%D8%B1%D8%B7%D8%A7%D9%86_J78vRkX.jpg HTTP/1.1
Host: 2msoread-ww.amagi.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 25913
server: nginx/1.19.6
date: Sun, 02 Oct 2022 20:46:22 GMT
last-modified: Thu, 13 Sep 2018 11:32:10 GMT
etag: "5b9a4aba-6539"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 ecb81e1ddb3e9c0e95ccd92ba71aedc4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: 8p1F1SpEeqfNmYgRzbkezl0Q7V19RBGJXbFVyQ_KXbj128oq30ZjHA==
age: 10848
X-Firefox-Spdy: h2
2msoread-ww.amagi.tv/mediasfiles/videos/images/2022/10/02/1664735106Maa-Ramdani-1--02_10_2022.png
108.156.46.109200 OK 278 kB URL HTTP/2 2msoread-ww.amagi.tv/mediasfiles/videos/images/2022/10/02/1664735106Maa-Ramdani-1--02_10_2022.png
IP 108.156.46.109:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 90", baseline, precision 8, 1920x1080, components 3\012- data
Size 278 kB (277669 bytes)
Hash 5d00ab2babc190c5fcd97a76baf0395f
41cb88ba8d22a87b2001498975c430581682d798
b9c5eb075136564b9e44f23d2ebab3d77d7d7adfd31ed0832e9452ef10557ef6
GET /mediasfiles/videos/images/2022/10/02/1664735106Maa-Ramdani-1--02_10_2022.png HTTP/1.1
Host: 2msoread-ww.amagi.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 277669
server: nginx/1.19.6
date: Sun, 02 Oct 2022 20:37:29 GMT
last-modified: Sun, 02 Oct 2022 18:25:06 GMT
etag: "6339d782-43ca5"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 ecb81e1ddb3e9c0e95ccd92ba71aedc4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: epMB07viClo2xYxwVyjynx12USkOtmTYlz2jjfQKuHywjhk4sx5ytQ==
age: 11382
X-Firefox-Spdy: h2
2msoread-ww.amagi.tv/mediasfiles/images/2022/09/28/slider_1664376579WhatsApp-Image-2022-09-28-at-16.30.28.jpg
108.156.46.109200 OK 720 kB URL HTTP/2 2msoread-ww.amagi.tv/mediasfiles/images/2022/09/28/slider_1664376579WhatsApp-Image-2022-09-28-at-16.30.28.jpg
IP 108.156.46.109:0
Size 720 kB (720119 bytes)
Hash b1f3a612610759ea5cb2b94c47ad112c
2c664bd8f609c3889d53f686e72539e510921f4c
5ab1ba3c2dc9584d0e71e205485138d16d7203e58e2ca7edcc4884867fde8c46
GET /mediasfiles/images/2022/09/28/slider_1664376579WhatsApp-Image-2022-09-28-at-16.30.28.jpg HTTP/1.1
Host: 2msoread-ww.amagi.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 719986
server: nginx/1.19.6
date: Sun, 02 Oct 2022 20:46:22 GMT
last-modified: Wed, 28 Sep 2022 14:49:39 GMT
etag: "63345f03-afc72"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 ecb81e1ddb3e9c0e95ccd92ba71aedc4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: -8OUKGb6YDwS3yHIozYf50z2dbsRwkI50kqPBteGoxXui2ivxK90yQ==
age: 10849
X-Firefox-Spdy: h2
2msoread-ww.amagi.tv//tagimg/5f6bcc63c0209a98adb42055b20c3009.jpg
108.156.46.109200 OK 33 kB URL HTTP/2 2msoread-ww.amagi.tv//tagimg/5f6bcc63c0209a98adb42055b20c3009.jpg
IP 108.156.46.109:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 970x200, components 3\012- data
Hash 53ae35c7bf6e62ee5d595faacb91bcae
1b743f769906ea433761f373a12752f8e1f1d552
ec9105a127778305f626f2e6223a952b593b2d3f6acf650de3b8827e91e599fb
GET //tagimg/5f6bcc63c0209a98adb42055b20c3009.jpg HTTP/1.1
Host: 2msoread-ww.amagi.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 32911
server: nginx/1.19.6
last-modified: Sun, 31 Oct 2021 19:23:03 GMT
accept-ranges: bytes
date: Sun, 02 Oct 2022 07:40:47 GMT
etag: "617eed17-808f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ecb81e1ddb3e9c0e95ccd92ba71aedc4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: IQM-Tf_XLMrM_5jqqitoUQnCTcRQOfqlJxSWvH8yVd6VG3rdsj9rhQ==
age: 57984
X-Firefox-Spdy: h2
2msoread-ww.amagi.tv//tagimg/794e862b01f8e7f6ea4338b32d3ad1fb.png
108.156.46.109200 OK 173 kB URL HTTP/2 2msoread-ww.amagi.tv//tagimg/794e862b01f8e7f6ea4338b32d3ad1fb.png
IP 108.156.46.109:0
File type PNG image data, 736 x 151, 8-bit/color RGB, non-interlaced\012- data
Size 173 kB (172681 bytes)
Hash bc5fc98a900a3f905e71d712ec8c8b75
ed5664724de2103b64e9e31c699833b251a5c41d
41d256bcb0af6aa1231bb35aa3bd22902425dba7f9a04f4ba87b153abea976c3
GET //tagimg/794e862b01f8e7f6ea4338b32d3ad1fb.png HTTP/1.1
Host: 2msoread-ww.amagi.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 172681
server: nginx/1.19.6
last-modified: Thu, 06 Jan 2022 09:58:05 GMT
accept-ranges: bytes
date: Sun, 02 Oct 2022 07:40:47 GMT
etag: "61d6bd2d-2a289"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ecb81e1ddb3e9c0e95ccd92ba71aedc4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: Jmr_9SMHtTCdR0i5yzM2to3WoOoaCDTncLPCOg0GtS0Ozy8TPU7XkQ==
age: 57984
X-Firefox-Spdy: h2
2msoread-ww.amagi.tv//tagimg/2afb6fef0dc8719567a2a0aff8cb9571.jpeg
108.156.46.109200 OK 75 kB URL HTTP/2 2msoread-ww.amagi.tv//tagimg/2afb6fef0dc8719567a2a0aff8cb9571.jpeg
IP 108.156.46.109:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x262, components 3\012- data
Hash cad816e2ad8075e197b924182680ce07
e7449b829d824c24250d29a0b9ecbd200945eb29
506c0d28593bf408e04609b6c0ff62686b19ea4cd65893cf7725795704731b30
GET //tagimg/2afb6fef0dc8719567a2a0aff8cb9571.jpeg HTTP/1.1
Host: 2msoread-ww.amagi.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 75239
server: nginx/1.19.6
last-modified: Thu, 27 Jan 2022 13:35:13 GMT
accept-ranges: bytes
date: Sun, 02 Oct 2022 07:24:31 GMT
etag: "61f29f91-125e7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ecb81e1ddb3e9c0e95ccd92ba71aedc4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: UoiI3ooUw0m_Ry-PxGakx72tIgcWd2B2XuHdh-I6nvUFEEpoBZlMvA==
age: 58959
X-Firefox-Spdy: h2
2msoread-ww.amagi.tv//tagimg/b15b35542e0e7e8e1bcc29beb61510e0.png
108.156.46.109200 OK 188 kB URL HTTP/2 2msoread-ww.amagi.tv//tagimg/b15b35542e0e7e8e1bcc29beb61510e0.png
IP 108.156.46.109:0
File type PNG image data, 736 x 151, 8-bit/color RGB, non-interlaced\012- data
Size 188 kB (188256 bytes)
Hash 338375899e9d1c09428a7181cbf2d1bf
f2144df5164db774959604f1b5f33e39f05465d1
fabb6fd23c848a4538bd1d8ac08f416f6fcdb6378f0b343b2c16c4d1cea25b3c
GET //tagimg/b15b35542e0e7e8e1bcc29beb61510e0.png HTTP/1.1
Host: 2msoread-ww.amagi.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 188256
server: nginx/1.19.6
last-modified: Fri, 24 Dec 2021 15:11:46 GMT
accept-ranges: bytes
date: Sun, 02 Oct 2022 10:00:35 GMT
etag: "61c5e332-2df60"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ecb81e1ddb3e9c0e95ccd92ba71aedc4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: _g43MjpNDQ7S7IOlhSVlOgL0vJtRtuIMEMjmO1m1IM0U4YHi30NhsA==
age: 49596
X-Firefox-Spdy: h2
2msoread-ww.amagi.tv//tagimg/214fa605584c1552d079778dcb0388c0.jpeg
108.156.46.109200 OK 71 kB URL HTTP/2 2msoread-ww.amagi.tv//tagimg/214fa605584c1552d079778dcb0388c0.jpeg
IP 108.156.46.109:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x262, components 3\012- data
Hash 84e820ef2550861a62d99ebee0ceddb7
7a50858edb1bfff50f8b6c2fba95c314dcfff863
0bde0bca9c7aa9f6b2d8f42420a585879b057e225196b4d7c1db98e4f83edb60
GET //tagimg/214fa605584c1552d079778dcb0388c0.jpeg HTTP/1.1
Host: 2msoread-ww.amagi.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 71212
server: nginx/1.19.6
last-modified: Mon, 12 Sep 2022 12:01:38 GMT
accept-ranges: bytes
date: Sun, 02 Oct 2022 12:07:34 GMT
etag: "631f1fa2-1162c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ecb81e1ddb3e9c0e95ccd92ba71aedc4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: FerIRSyvEQEiZ3Gcho2BCIXJyiSaKOaZ_HfXAVevdnX-jWgSIUOyIw==
age: 41977
X-Firefox-Spdy: h2
2msoread-ww.amagi.tv/mediasfiles/2016/12/9/1481313947/ef0a7aaeb9b513c93750223b8e7e4108_XL_9b1joD9.article.jpg
108.156.46.109200 OK 12 kB URL HTTP/2 2msoread-ww.amagi.tv/mediasfiles/2016/12/9/1481313947/ef0a7aaeb9b513c93750223b8e7e4108_XL_9b1joD9.article.jpg
IP 108.156.46.109:0
Hash 6acad1740f5af18bbb196e970dc09eed
9fa8de394ddd5906d3b3f5f331bef9147f404d4c
73d54d3289c9715430049a0c64064eabc6d9b863209d0a6b6d5c88ed8ef94922
GET /mediasfiles/2016/12/9/1481313947/ef0a7aaeb9b513c93750223b8e7e4108_XL_9b1joD9.article.jpg HTTP/1.1
Host: 2msoread-ww.amagi.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 10149
server: nginx/1.19.6
last-modified: Fri, 09 Dec 2016 20:14:55 GMT
accept-ranges: bytes
date: Sun, 02 Oct 2022 16:30:07 GMT
etag: "584b10bf-27a5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ecb81e1ddb3e9c0e95ccd92ba71aedc4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: No-r1-8QuPBA9ztwoneQU1hbORVubbtpdgpT0eCKBVVMTk02QAyVHA==
age: 26224
X-Firefox-Spdy: h2
2msoread-ww.amagi.tv/mediasfiles/videos/images/2022/09/28/16643685702_4.png
108.156.46.109200 OK 378 kB URL HTTP/2 2msoread-ww.amagi.tv/mediasfiles/videos/images/2022/09/28/16643685702_4.png
IP 108.156.46.109:0
Size 378 kB (378284 bytes)
Hash 38ecc06ef8d8acb3de34871b0c9515ce
c8539d317ddf743d9506fc9f0d648822a6deb43e
b0bfb86e99e3ed8e1d174fa38ac20669bfc1e8fa939b1c37faf1710f7152c1bf
GET /mediasfiles/videos/images/2022/09/28/16643685702_4.png HTTP/1.1
Host: 2msoread-ww.amagi.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 374680
server: nginx/1.19.6
date: Sun, 02 Oct 2022 14:22:45 GMT
last-modified: Wed, 28 Sep 2022 12:36:10 GMT
etag: "63343fba-5b798"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 ecb81e1ddb3e9c0e95ccd92ba71aedc4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: NpQdyosNheYVqQTR_4k9C-JCoRrnxNpyiJ87-4fwnNRa9v0rcXJ5eQ==
age: 33866
X-Firefox-Spdy: h2
2msoread-ww.amagi.tv/mediasfiles/videos/images/2022/09/30/16645700168-5.png
108.156.46.109200 OK 352 kB URL HTTP/2 2msoread-ww.amagi.tv/mediasfiles/videos/images/2022/09/30/16645700168-5.png
IP 108.156.46.109:0
Size 352 kB (351980 bytes)
Hash 2040809d3053e9ba98edf3856662d4c2
b54538e968319c199cb38d9ac5dda8a95779e8f5
698b044c11b5872546e72c91621dac6df28284e72274fba08174e645dbddcbe7
GET /mediasfiles/videos/images/2022/09/30/16645700168-5.png HTTP/1.1
Host: 2msoread-ww.amagi.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 351796
server: nginx/1.19.6
date: Sun, 02 Oct 2022 20:00:18 GMT
last-modified: Fri, 30 Sep 2022 20:33:36 GMT
etag: "633752a0-55e34"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 ecb81e1ddb3e9c0e95ccd92ba71aedc4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: OE84UDrkhoBkYWtckPg8iv7sSLOUH8U5jUEP2Pf1rP3PEL1gsysDRg==
age: 13613
X-Firefox-Spdy: h2
2msoread-ww.amagi.tv/mediasfiles/images/2022/10/02/carre_1664727147devdenviron-85.000-euros.jpg
108.156.46.109200 OK 932 kB URL HTTP/2 2msoread-ww.amagi.tv/mediasfiles/images/2022/10/02/carre_1664727147devdenviron-85.000-euros.jpg
IP 108.156.46.109:0
Size 932 kB (931493 bytes)
Hash ca613fd2e0ac84ae51873eff9d478ed0
ebdd61fe5cf53fe6802f5c45072f64577469b490
17142cff4489ac4e5f64c03aa51de94ff5a744c416939b85e61866cdf36ef70c
GET /mediasfiles/images/2022/10/02/carre_1664727147devdenviron-85.000-euros.jpg HTTP/1.1
Host: 2msoread-ww.amagi.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 931385
server: nginx/1.19.6
date: Sun, 02 Oct 2022 20:03:34 GMT
last-modified: Sun, 02 Oct 2022 16:12:27 GMT
etag: "6339b86b-e3639"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 ecb81e1ddb3e9c0e95ccd92ba71aedc4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: Y35ViBruOwM84rApOSCWo4aiHR3PvorjF8oBHfvwWUt1_3ocP7UMjA==
age: 13417
X-Firefox-Spdy: h2
2msoread-ww.amagi.tv//tagimg/fe1e93da07f5f24aa4086891a4a5ac95.jpeg
108.156.46.109200 OK 61 kB URL HTTP/2 2msoread-ww.amagi.tv//tagimg/fe1e93da07f5f24aa4086891a4a5ac95.jpeg
IP 108.156.46.109:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x261, components 3\012- data
Hash 08d2836eec496bfaf0d364bd57cb0c88
c4a99169de244064a3fbd65834b6cb4636abed67
398c5c6d8939d77d54a67c5b0835687d19839139298966b40d12cb284eccb811
GET //tagimg/fe1e93da07f5f24aa4086891a4a5ac95.jpeg HTTP/1.1
Host: 2msoread-ww.amagi.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 60919
server: nginx/1.19.6
last-modified: Tue, 05 Apr 2022 11:40:50 GMT
accept-ranges: bytes
date: Sun, 02 Oct 2022 10:00:35 GMT
etag: "624c2ac2-edf7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ecb81e1ddb3e9c0e95ccd92ba71aedc4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: HTIqJaoLMVUBJ_SuYVmaFrfOiZTsLweGM4qSinK3FZOmX0j6FIkA_A==
age: 49596
X-Firefox-Spdy: h2
2msoread-ww.amagi.tv//tagimg/ae661502f5b4f16794e36ed64be3264b.jpeg
108.156.46.109200 OK 76 kB URL HTTP/2 2msoread-ww.amagi.tv//tagimg/ae661502f5b4f16794e36ed64be3264b.jpeg
IP 108.156.46.109:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x262, components 3\012- data
Hash 8fd4b6bf91a67b8c715aa473b4d83252
e54e6f06a0132ff184b52d56c8774a17791dc64d
44cd6813edf6e377b8e205fe84d82c204316c38bb380530cee72611bbda55704
GET //tagimg/ae661502f5b4f16794e36ed64be3264b.jpeg HTTP/1.1
Host: 2msoread-ww.amagi.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 75468
server: nginx/1.19.6
last-modified: Thu, 27 Jan 2022 16:47:46 GMT
accept-ranges: bytes
date: Sun, 02 Oct 2022 10:00:35 GMT
etag: "61f2ccb2-126cc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ecb81e1ddb3e9c0e95ccd92ba71aedc4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: oMyyc-BmaCon8kycJXO6WrUszOsxePd3dUn80DpoDuaflwxovwF0LA==
age: 49596
X-Firefox-Spdy: h2
2msoread-ww.amagi.tv/mediasfiles/images/2022/09/30/slider_1664556722Mohammed-El-Guerrouj.jpg
108.156.46.109200 OK 2.1 MB URL HTTP/2 2msoread-ww.amagi.tv/mediasfiles/images/2022/09/30/slider_1664556722Mohammed-El-Guerrouj.jpg
IP 108.156.46.109:0
File type PNG image data, 1858 x 1045, 8-bit/color RGBA, non-interlaced\012- data
Size 2.1 MB (2079678 bytes)
Hash fd57b23dcf00d7d8ca14eb92df80d6b6
bb9290daca6993a14e48cfe6d76c0104fd9b5af5
8ff546c42d818ce674ba07cdc6d33e57531c2a3103cfc5f3ef06e87d20936ea4
GET /mediasfiles/images/2022/09/30/slider_1664556722Mohammed-El-Guerrouj.jpg HTTP/1.1
Host: 2msoread-ww.amagi.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2079678
server: nginx/1.19.6
date: Sun, 02 Oct 2022 20:49:37 GMT
last-modified: Fri, 30 Sep 2022 16:52:02 GMT
etag: "63371eb2-1fbbbe"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 ecb81e1ddb3e9c0e95ccd92ba71aedc4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: 5vCed1rUDqw2dlZ1YUPLncYa0rDIQcV5HbErzArdLt6apT8u9gJInQ==
age: 10654
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
216.137.34.194200 OK 4.3 kB URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 216.137.34.194:0
Hash 8d9c7b41babe33204c2c5f793e562a9d
605ae4d632239976cc20d44df28e747fb6175e74
1c042ffb701ec4a16fc71d2dd2bc36eb23dc6f165fb66596bb00126f95d0f3d0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 23:47:12 GMT
Last-Modified: Sun, 02 Oct 2022 23:40:06 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 2eb19ccd40bc3ab33c9eed96d984c41e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P2
X-Amz-Cf-Id: heBKxGMOkt1-49FpG8jBBEtZ6qqU6zOAUNx0Jta783XwIvxhNenkkg==
Age: 426
2msoread-ww.amagi.tv/mediasfiles/images/2022/09/29/slider_16644766156BB5CFCC-6A1D-4D74-A679-1626F62F5785.jpeg
108.156.46.109200 OK 1.2 MB URL HTTP/2 2msoread-ww.amagi.tv/mediasfiles/images/2022/09/29/slider_16644766156BB5CFCC-6A1D-4D74-A679-1626F62F5785.jpeg
IP 108.156.46.109:0
File type PNG image data, 2048 x 1152, 8-bit/color RGBA, non-interlaced\012- data
Size 1.2 MB (1246431 bytes)
Hash fa53499e273d4df6f9e77b4c7a8278d3
855fb3cc1f205a075dd27331e93e33adccffbf48
fc037f61a3a1aea3d37335803f76fc740a876cccb6110dc285f74a9a3452ba4d
GET /mediasfiles/images/2022/09/29/slider_16644766156BB5CFCC-6A1D-4D74-A679-1626F62F5785.jpeg HTTP/1.1
Host: 2msoread-ww.amagi.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1246431
server: nginx/1.19.6
date: Sun, 02 Oct 2022 20:49:37 GMT
last-modified: Thu, 29 Sep 2022 18:36:55 GMT
etag: "6335e5c7-1304df"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 ecb81e1ddb3e9c0e95ccd92ba71aedc4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: ROsVeVluhDMyNuoRk414EQOLEuRvePG5WzTM7N3SBMcXjGRcMgJ_lw==
age: 10654
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 37d1a42615b110c64e9c9a3226a1bde8
e8fb05f619d0b2bc6b115cf4ecf5f84282a68ab0
451b36840ef09dbd087a28b2c68f1bbfa67c30885ffe31fe259bbd54d3f4dfe5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3804
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 23:47:12 GMT
Last-Modified: Sun, 02 Oct 2022 22:43:48 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 313
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash f02cdf1aaa3a1574e9e349f7cc65483f
af02d1b1d59bb9d4807c16638c8e5303e9a76017
8e75b6d3be0ce79b40349774f97425a884bd632217b3ea7e69448f371518441b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 23:47:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 01 Oct 2022 21:41:00 GMT
Expires: Sat, 08 Oct 2022 21:40:59 GMT
Etag: "af02d1b1d59bb9d4807c16638c8e5303e9a76017"
Cache-Control: max-age=510226,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75415264dd75b50c-OSL
www.habous.gov.ma/horaire%20de%20priere/icone-telechargement.png
51.178.93.105200 OK 3.0 kB URL HTTP/2 www.habous.gov.ma/horaire%20de%20priere/icone-telechargement.png
IP 51.178.93.105:0
File type PNG image data, 129 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 90ebf92a303aeb3f4b11c53355bf9a0a
313992b1f9bd97ff09a8bab6f17a760a2b5311f2
df924256ff0ea17d47ccf659775ffb98345e71ec06cc428a20b44127ad77d2ad
GET /horaire%20de%20priere/icone-telechargement.png HTTP/1.1
Host: www.habous.gov.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 23:47:12 GMT
content-type: image/png
content-length: 2995
last-modified: Sun, 02 Oct 2022 23:45:02 GMT
etag: "633a227e-bb3"
expires: Mon, 02 Oct 2023 23:47:12 GMT
pragma: public
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
54.68.88.222204 No Content 0 B URL HTTP/2 redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
IP 54.68.88.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x.png HTTP/1.1
Host: redirect.prod.experiment.routing.cloudfront.aws.a2z.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 02 Oct 2022 23:47:12 GMT
server: Server
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-G6GJSC0FFM>m=2oe9s0&_p=893044832&cid=1162316325.1664754430&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664754431&sct=1&seg=0&dl=https%3A%2F%2F2m.ma%2Far%2F&dt=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&en=page_view&_fv=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-G6GJSC0FFM>m=2oe9s0&_p=893044832&cid=1162316325.1664754430&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664754431&sct=1&seg=0&dl=https%3A%2F%2F2m.ma%2Far%2F&dt=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&en=page_view&_fv=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-G6GJSC0FFM>m=2oe9s0&_p=893044832&cid=1162316325.1664754430&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664754431&sct=1&seg=0&dl=https%3A%2F%2F2m.ma%2Far%2F&dt=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://2m.ma
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://2m.ma
date: Sun, 02 Oct 2022 23:47:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
syndication.twitter.com/settings?session_id=23637d5618c13f1e5e19288f02ffd5f7851621ac
104.244.42.200200 OK 323 B URL HTTP/2 syndication.twitter.com/settings?session_id=23637d5618c13f1e5e19288f02ffd5f7851621ac
IP 104.244.42.200:0
File type JSON data\012- , ASCII text, with very long lines (770), with no line terminators
Hash 136d5ac4ceb5e1973a889a7c7c44133c
b260cbd1eda60550f4b6d63d6ab7222a30101eaf
05a670a0c765e49d5e0d39031bdf7754493f0644e68cdf1c8ed5db2d0fc1730d
GET /settings?session_id=23637d5618c13f1e5e19288f02ffd5f7851621ac HTTP/1.1
Host: syndication.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://platform.twitter.com/
Origin: https://platform.twitter.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 23:47:12 GMT
perf: 7626143928
vary: Origin
server: tsa_o
content-type: application/json; charset=utf-8
cache-control: must-revalidate, max-age=600
last-modified: Sun, 02 Oct 2022 23:47:12 GMT
content-length: 323
content-encoding: gzip
x-transaction-id: 4904f0c44068a652
strict-transport-security: max-age=631138519
access-control-allow-origin: https://platform.twitter.com
access-control-allow-credentials: true
x-response-time: 115
x-connection-hash: 44566ba826ac413575e16bbdddeae3aaff61b1f36c91dc58a6a8f92a443602d0
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=2m.ma
142.250.74.98200 OK 9.0 kB URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=2m.ma
IP 142.250.74.98:0
Hash a9a51b0ddca70444589d42ceaba2eb8d
1c95a27cabdeeccb3f3ed7bfab130db48f919dce
dc8eaad6a8479f7505b1f9763484cc08add1dd1a61f413b233115483b811cd2b
GET /adsid/integrator.js?domain=2m.ma HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 02 Oct 2022 23:47:13 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8c665d81a8995febfec300bd9f554c90
aa3599f282cff5e07d5681ec4854b70a82590f6d
57cd30b987eb23f54208b51c04daefd3657fdd84325f4035817b32e4ad5b5461
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 23:47:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=2m.ma
142.250.74.162200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=2m.ma
IP 142.250.74.162:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=2m.ma HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 02 Oct 2022 23:47:13 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72e8c21988f5ecd736fde162321f0984
4bb9f82a2f6114b344600d920f91f1cc9260bc42
326533b2b3a8b24f0b21dbe9b94e5d9086f862ad74a1d01942fb829dff0352f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4624
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 23:47:13 GMT
Last-Modified: Sun, 02 Oct 2022 22:30:09 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 3.9 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
Hash 7e40660a847fce86d9caa2e4b9255761
42c6132e9a805db0e03e0dede2d8c16bb17741d3
c9b38e388de558a1bede98352bd313040571e6d16a79bde442ec1c0913875432
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 89eeabfac2cbc423a1184a1f1e12b4c3
etag: "9edcc5203e1eec68ef4e64ab16f1dbc7"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 02 Oct 2022 23:56:52 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: JR2brbU6S/6elvj1SutmMA==
x-fb-debug: Gl2H7I1uM4FnS3ZjFlytzMyE9h3Hpvyyn51j8V9GFqupRFt4Z09kNyi9y3yFuGdBv/h6SSauRCgMKe60wk3a7A==
content-length: 1684
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 23:47:13 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
certify.alexametrics.com/atrk.gif?frame_height=939&frame_width=1280&iframe=0&title=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&time=1664754431284&time_zone_offset=0&screen_params=1280x1024x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2F2m.ma%2Far%2F&random_number=6464470986&sess_cookie=82747a711839b18b532c741d049&sess_cookie_flag=1&user_cookie=82747a711839b18b532c741d049&user_cookie_flag=1&dynamic=true&domain=2m.ma&account=EoMPn1QolK10mh&jsv=20130128&user_lang=en-US
108.156.28.34200 OK 43 B URL HTTP/1.1 certify.alexametrics.com/atrk.gif?frame_height=939&frame_width=1280&iframe=0&title=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&time=1664754431284&time_zone_offset=0&screen_params=1280x1024x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2F2m.ma%2Far%2F&random_number=6464470986&sess_cookie=82747a711839b18b532c741d049&sess_cookie_flag=1&user_cookie=82747a711839b18b532c741d049&user_cookie_flag=1&dynamic=true&domain=2m.ma&account=EoMPn1QolK10mh&jsv=20130128&user_lang=en-US
IP 108.156.28.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /atrk.gif?frame_height=939&frame_width=1280&iframe=0&title=2M%20-%20%D8%A7%D9%84%D8%B1%D8%A6%D9%8A%D8%B3%D9%8A%D8%A9&time=1664754431284&time_zone_offset=0&screen_params=1280x1024x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2F2m.ma%2Far%2F&random_number=6464470986&sess_cookie=82747a711839b18b532c741d049&sess_cookie_flag=1&user_cookie=82747a711839b18b532c741d049&user_cookie_flag=1&dynamic=true&domain=2m.ma&account=EoMPn1QolK10mh&jsv=20130128&user_lang=en-US HTTP/1.1
Host: certify.alexametrics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
x-amz-meta-alexa-last-modified: 20110117123941
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 02 Oct 2022 03:20:50 GMT
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Via: 1.1 c58391b07051938ceda6615614fbabb0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P1
X-Amz-Cf-Id: jUa0JI_HSOW3vw-GPLwl44aUXnjdlhpk0oTK5EcQ-ITiMQQOICgPGw==
Age: 73584
pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092701&st=env
142.250.74.34200 OK 11 kB URL HTTP/2 pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092701&st=env
IP 142.250.74.34:0
File type JSON data\012- , ASCII text, with very long lines (14637), with no line terminators
Hash cd1ad65895786c06099756960cd8264a
f3f57d53635a69dc48240114bc5f063d101fdf27
583fd02ee2079faa0ab6c9566d7cfecc1042cbc0acf783cba6a75b6df45c4326
GET /getconfig/sodar?sv=200&tid=gpt&tv=2022092701&st=env HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://2m.ma
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-type: application/json; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 02 Oct 2022 23:47:13 GMT
server: cafe
cache-control: private
content-length: 11113
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ead9e582a63a12c3f76d31889443607b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
142.250.74.65200 OK 8.0 kB URL HTTP/2 ead9e582a63a12c3f76d31889443607b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
IP 142.250.74.65:0
Hash 47534e6a1d9b2e5013f82750dc9ced3d
1e8e17930a402e0e88885cd83fb630eb7357a0ec
439fae405e57565b78822de2c8b29013a508fbe5498bfd52079e1c18dee7e30f
GET /safeframe/1-0-38/html/container.html HTTP/1.1
Host: ead9e582a63a12c3f76d31889443607b.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 02 Oct 2022 23:47:13 GMT
expires: Mon, 02 Oct 2023 23:47:13 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72e8c21988f5ecd736fde162321f0984
4bb9f82a2f6114b344600d920f91f1cc9260bc42
326533b2b3a8b24f0b21dbe9b94e5d9086f862ad74a1d01942fb829dff0352f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4624
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 23:47:13 GMT
Last-Modified: Sun, 02 Oct 2022 22:30:09 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
c.clarity.ms/c.gif
20.234.93.27302 Found 0 B IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.bing.com/c.gif?CtsSyncId=C0A5C8EAA97F4098A7AC486C566B91AA&RedC=c.clarity.ms&MXFR=0105594321E264BF23984B7225E26A63
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SM=T; domain=c.clarity.ms; path=/; SameSite=None; Secure;
MUID=0105594321E264BF23984B7225E26A63; domain=.clarity.ms; expires=Fri, 27-Oct-2023 23:47:13 GMT; path=/; SameSite=None; Secure; Priority=High;
date: Sun, 02 Oct 2022 23:47:12 GMT
content-length: 0
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=ee99f8d9aa1fbf99da4907a7fec1f72c
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=ee99f8d9aa1fbf99da4907a7fec1f72c
IP 31.13.72.12:0
File type ASCII text, with very long lines (13192)
Hash 3fc7850b99f2f79e4c118430259cf102
30cdf1329d9d001fe3ed5f9366d3827afbbe9d77
2ef86e8f1d5400c73d45101bbb1e13c02bc2ca6fc7d9b22dfc67d45c4851b205
GET /en_US/sdk.js?hash=ee99f8d9aa1fbf99da4907a7fec1f72c HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://2m.ma
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 27e0cf0707b466f6b906d954d01fc27a
etag: "a4713b170bfdf15ecd7c4540874bddfd"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 02 Oct 2023 23:20:24 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: P8eFC5ny955MEYQwJZzxAg==
x-fb-debug: OcXLOa3JYVGgDGsdp/CMeabSXecy3tH90tXwuEDO3P2jfjUTzuctwmARgx5K1h0pwr8Av8SoMeyHz/M8z6RNZg==
priority: u=3,i
content-length: 86932
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 23:47:13 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fb52d91ef821fa976d93510f1f1be11e
139e9f578346acfdee8276831c3fa1946fb917a0
411a9160de93abacf184321c47c19aa9bbb3cbe43b52e4e7c930fee26b3ff21f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 23:47:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c.bing.com/c.gif?CtsSyncId=C0A5C8EAA97F4098A7AC486C566B91AA&RedC=c.clarity.ms&MXFR=0105594321E264BF23984B7225E26A63
13.107.21.200302 Found 0 B URL HTTP/2 c.bing.com/c.gif?CtsSyncId=C0A5C8EAA97F4098A7AC486C566B91AA&RedC=c.clarity.ms&MXFR=0105594321E264BF23984B7225E26A63
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c.gif?CtsSyncId=C0A5C8EAA97F4098A7AC486C566B91AA&RedC=c.clarity.ms&MXFR=0105594321E264BF23984B7225E26A63 HTTP/1.1
Host: c.bing.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2m.ma/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
location: https://c.clarity.ms/c.gif?CtsSyncId=C0A5C8EAA97F4098A7AC486C566B91AA&MUID=351895D066F069200B9B87E1670568AC
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: SRM_B=351895D066F069200B9B87E1670568AC; domain=c.bing.com; expires=Fri, 27-Oct-2023 23:47:13 GMT; path=/; SameSite=None; Secure;
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B64991ED3679413F92EA7CB86F66ACD1 Ref B: OSL30EDGE0215 Ref C: 2022-10-02T23:47:13Z
date: Sun, 02 Oct 2022 23:47:13 GMT
content-length: 0
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 02 Oct 2022 23:47:13 GMT
expires: Sun, 02 Oct 2022 23:47:13 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
142.250.74.33200 OK 1.4 kB URL HTTP/2 tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1120)
Hash 80cd5cb3c635786273462df0f5f46e1a
419d5c86598430982672063ef04bb4966c94b9e8
f7f4c535ed4b9713150261c1c37ad1c2a883d08aef0ed2d6ce38736dd28d7301
GET /pagead/js/r20220928/r20110914/client/window_focus_fy2021.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1359
x-xss-protection: 0
date: Sun, 02 Oct 2022 23:43:33 GMT
expires: Sun, 16 Oct 2022 23:43:33 GMT
cache-control: public, max-age=1209600
etag: 1484984001845508991
content-type: text/javascript; charset=UTF-8
age: 220
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.clarity.ms/eus2/s/0.6.42/clarity.js
13.107.227.53200 OK 23 kB URL HTTP/2 www.clarity.ms/eus2/s/0.6.42/clarity.js
IP 13.107.227.53:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (54141)
Hash f016daac053b80575e11e20b6644142b
bc23277b8eae567b77c3dfc3f03b91fb054feda7
ee91529c076bf5e87a26b3c045e0b6e63326e6aa871dafea1c1509f73454123d
GET /eus2/s/0.6.42/clarity.js HTTP/1.1
Host: www.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: public,max-age=86400
content-type: application/javascript;charset=utf-8
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
accept-ranges: bytes
etag: "1d8d4495324d7d4"
vary: Accept-Encoding
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0ASM6YwAAAADEcbFcrki1Q4m/zp4LwzDhT1NMMjMxMDUwMjA1MDI5ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
date: Sun, 02 Oct 2022 23:47:12 GMT
X-Firefox-Spdy: h2
c.clarity.ms/c.gif?CtsSyncId=C0A5C8EAA97F4098A7AC486C566B91AA&MUID=351895D066F069200B9B87E1670568AC
20.234.93.27200 OK 42 B URL HTTP/2 c.clarity.ms/c.gif?CtsSyncId=C0A5C8EAA97F4098A7AC486C566B91AA&MUID=351895D066F069200B9B87E1670568AC
IP 20.234.93.27:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 32023bb33cfb2a1990a4ef2d85b6ac16
23dcc6d4b5bfe00357fd0248bb5955b8e36bb8f1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
GET /c.gif?CtsSyncId=C0A5C8EAA97F4098A7AC486C566B91AA&MUID=351895D066F069200B9B87E1670568AC HTTP/1.1
Host: c.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2m.ma/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
content-type: image/gif
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
accept-ranges: bytes
etag: "8d3298b0aac7d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
set-cookie: ANONCHK=0; domain=c.clarity.ms; expires=Sun, 02-Oct-2022 23:57:13 GMT; path=/; SameSite=None; Secure;
date: Sun, 02 Oct 2022 23:47:13 GMT
content-length: 42
X-Firefox-Spdy: h2
tpc.googlesyndication.com/simgad/16302755861486666982
142.250.74.33200 OK 152 kB URL HTTP/2 tpc.googlesyndication.com/simgad/16302755861486666982
IP 142.250.74.33:0
File type GIF image data, version 89a, 970 x 250\012- data
Size 152 kB (152157 bytes)
Hash 48045247a5d50b3adb32c356a08b09f9
fd51f1932e41986bb776fd13dae78da4fb0313d7
3856e65f45cd244daf87dbed2c8a5b698caa6a0c60f524a974695fc29b7973b9
GET /simgad/16302755861486666982 HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
content-length: 152157
x-content-type-options: nosniff
x-dns-prefetch-control: off
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 07:08:21 GMT
expires: Sun, 01 Oct 2023 07:08:21 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 22 Sep 2022 14:43:13 GMT
content-type: image/gif
age: 146332
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=743692125982251&ev=fb_page_view&dl=https%3A%2F%2F2m.ma%2Far%2F&rl=&if=false&ts=1664754433262&sw=1280&sh=1024&at=
31.13.72.36200 OK 25 B URL HTTP/2 www.facebook.com/tr/?id=743692125982251&ev=fb_page_view&dl=https%3A%2F%2F2m.ma%2Far%2F&rl=&if=false&ts=1664754433262&sw=1280&sh=1024&at=
IP 31.13.72.36:0
Hash b8f5efe8dd460ea4c368a26470dc0593
287cd8f27a4a3abcb72a398ea1ba42ee0d181b2f
11ae0cb9db365aaa9503d5d18657d0bce5ea16d24a1cd24959d304b79e3a9f44
GET /tr/?id=743692125982251&ev=fb_page_view&dl=https%3A%2F%2F2m.ma%2Far%2F&rl=&if=false&ts=1664754433262&sw=1280&sh=1024&at= HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Sun, 02 Oct 2022 23:47:13 GMT
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUZry22Woz-sTt9pXuUTUB9hWmMM1I4v6WWAxqw9vsMw89dwOK0eFOTA1ThewuPDzdpwt8R2JQBOME0-b-mACLYzuf0gs7vCX6foNYrbNFH6GxfnjFV8mZpJN0xOeD5tYPobsyI5xlDl5d7EoXa596YvqDy2CUm-PeeVd_8VRWvGeWGnhHEJzYhB3Dfz2YAkpNPVwp_7QFQB2jzkve1JNYfKlOyuPvR-B11SZ9nnp_kVh1bUpBqpDo19gRUx5IPeZPn7fBzGMQCpJmX0g83xHeux2Pr5woUhHub_J_W03XXStDlkDUEmXf7so&sai=AMfl-YShwa9Qbr3_Aq3qpnnlR6wEe_mfYnAZ2Th3Who1mXZ6cUK40NJacgah5wGMZRVTq9A0ZS878HiTmoYyal2AfvB1Y9CZOmQdrRhqKzuyodg7eD4vgWDdBZpzTWCXzPY4gEK1wA&sig=Cg0ArKJSzFvnrDW0r_exEAE&uach_m=[UACH]&adurl=
216.58.207.194200 OK 0 B URL HTTP/2 securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUZry22Woz-sTt9pXuUTUB9hWmMM1I4v6WWAxqw9vsMw89dwOK0eFOTA1ThewuPDzdpwt8R2JQBOME0-b-mACLYzuf0gs7vCX6foNYrbNFH6GxfnjFV8mZpJN0xOeD5tYPobsyI5xlDl5d7EoXa596YvqDy2CUm-PeeVd_8VRWvGeWGnhHEJzYhB3Dfz2YAkpNPVwp_7QFQB2jzkve1JNYfKlOyuPvR-B11SZ9nnp_kVh1bUpBqpDo19gRUx5IPeZPn7fBzGMQCpJmX0g83xHeux2Pr5woUhHub_J_W03XXStDlkDUEmXf7so&sai=AMfl-YShwa9Qbr3_Aq3qpnnlR6wEe_mfYnAZ2Th3Who1mXZ6cUK40NJacgah5wGMZRVTq9A0ZS878HiTmoYyal2AfvB1Y9CZOmQdrRhqKzuyodg7eD4vgWDdBZpzTWCXzPY4gEK1wA&sig=Cg0ArKJSzFvnrDW0r_exEAE&uach_m=[UACH]&adurl=
IP 216.58.207.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pcs/view?xai=AKAOjssUZry22Woz-sTt9pXuUTUB9hWmMM1I4v6WWAxqw9vsMw89dwOK0eFOTA1ThewuPDzdpwt8R2JQBOME0-b-mACLYzuf0gs7vCX6foNYrbNFH6GxfnjFV8mZpJN0xOeD5tYPobsyI5xlDl5d7EoXa596YvqDy2CUm-PeeVd_8VRWvGeWGnhHEJzYhB3Dfz2YAkpNPVwp_7QFQB2jzkve1JNYfKlOyuPvR-B11SZ9nnp_kVh1bUpBqpDo19gRUx5IPeZPn7fBzGMQCpJmX0g83xHeux2Pr5woUhHub_J_W03XXStDlkDUEmXf7so&sai=AMfl-YShwa9Qbr3_Aq3qpnnlR6wEe_mfYnAZ2Th3Who1mXZ6cUK40NJacgah5wGMZRVTq9A0ZS878HiTmoYyal2AfvB1Y9CZOmQdrRhqKzuyodg7eD4vgWDdBZpzTWCXzPY4gEK1wA&sig=Cg0ArKJSzFvnrDW0r_exEAE&uach_m=[UACH]&adurl= HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2m.ma/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cache-control: private
access-control-allow-origin: *
content-type: image/gif
x-content-type-options: nosniff
date: Sun, 02 Oct 2022 23:47:13 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 03-Oct-2022 00:02:13 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 02 Oct 2022 23:47:13 GMT
X-Firefox-Spdy: h2
www.facebook.com/x/oauth/status?client_id=743692125982251&input_token&origin=1&redirect_uri=https%3A%2F%2F2m.ma%2Far%2F&sdk=joey&wants_cookie_data=true
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/x/oauth/status?client_id=743692125982251&input_token&origin=1&redirect_uri=https%3A%2F%2F2m.ma%2Far%2F&sdk=joey&wants_cookie_data=true
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /x/oauth/status?client_id=743692125982251&input_token&origin=1&redirect_uri=https%3A%2F%2F2m.ma%2Far%2F&sdk=joey&wants_cookie_data=true HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://2m.ma/
Origin: https://2m.ma
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
access-control-expose-headers: fb-s
access-control-allow-credentials: true
access-control-allow-origin: https://2m.ma
fb-s: unknown
x-fb-rlafr: 0
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
document-policy: force-load-at-top
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
x-fb-debug: kelP8NdWOE3UD5CPKN9j/zXHVii196M0MO6yP3FdQG/r4nix/Q9+lxCdV1ZTLP2mryzFfcRds8f6Pg9kwt9dJw==
content-length: 0
date: Sun, 02 Oct 2022 23:47:13 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1386
Origin: https://2m.ma
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://2m.ma
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Sun, 02 Oct 2022 23:47:13 GMT
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 616441
Origin: https://2m.ma
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://2m.ma
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Sun, 02 Oct 2022 23:47:13 GMT
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=2m.ma
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=2m.ma
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=2m.ma HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 02 Oct 2022 23:47:16 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
b.clarity.ms/collect
20.75.32.255204 No Content 0 B IP 20.75.32.255:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collect HTTP/1.1
Host: b.clarity.ms
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 23896
Origin: https://2m.ma
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
access-control-allow-origin: https://2m.ma
access-control-allow-credentials: true
x-powered-by: ASP.NET
date: Sun, 02 Oct 2022 23:47:15 GMT
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Tajawal:wght@300;400;700&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@400;700&family=Tajawal:wght@300;400;700&display=swap
IP 142.250.74.10:0
GET /css2?family=Roboto:wght@400;700&family=Tajawal:wght@300;400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 23:47:09 GMT
date: Sun, 02 Oct 2022 23:47:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
2msoread-ww.amagi.tv/mediasfiles/images/2022/09/30/carre_1664527163YAZAKI-K%C3%A9nitra.jpg
108.156.46.109200 OK 0 B URL HTTP/2 2msoread-ww.amagi.tv/mediasfiles/images/2022/09/30/carre_1664527163YAZAKI-K%C3%A9nitra.jpg
IP 108.156.46.109:0
GET /mediasfiles/images/2022/09/30/carre_1664527163YAZAKI-K%C3%A9nitra.jpg HTTP/1.1
Host: 2msoread-ww.amagi.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2m.ma/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 1570410
server: nginx/1.19.6
date: Sun, 02 Oct 2022 19:16:18 GMT
last-modified: Fri, 30 Sep 2022 08:39:23 GMT
etag: "6336ab3b-17f66a"
accept-ranges: bytes
x-cache: Hit from cloudfront
via: 1.1 ecb81e1ddb3e9c0e95ccd92ba71aedc4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P2
x-amz-cf-id: hiSa3jx3QzoEMHKBA_fqBCVcgFuGGpOSFh6jxNj0H3i2C3MbP3G1GA==
age: 16253
X-Firefox-Spdy: h2
2m.ma/
104.20.13.136302 Found 0 B IP 104.20.13.136:0
GET / HTTP/1.1
Host: 2m.ma
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Sun, 02 Oct 2022 23:47:09 GMT
location: /ar/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qM1srRc8O9FkkkJx4p%2Byrx1hirYAa9LJXBSSr2AVPQa2lpOSRMZ4IFiKVeKiJOYaAQ5%2B2krd3QLRi1UpNOTyThFrmdTp6sen8oqZnHv3mK3FNfd6JAdpTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7541524fcc9db511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2