frontier9.net Open in urlscan Pro
183.90.240.6 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://t.m1.email.samsung.com/r/?id=hdbbbab32,71b0ad58,6b55baa5&p1=biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa
Effective URL:
https://frontier9.net/login/ws1.php
Submission: On December 29 via manual (December 29th 2021, 11:25:57 am UTC) from IN — Scanned from DE

Summary HTTP 94 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 15 IPs in 7 countries across 13 domains to perform 94 HTTP transactions. The main IP is 183.90.240.6, located in Japan and belongs to XSERVER Xserver Inc., JP. The main domain is frontier9.net.
TLS certificate: Issued by R3 on November 24th 2021. Valid for: 3 months.

This is the only time frontier9.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer) Maaden (Extraction)

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.248.73.173 3.248.73.173	16509 (AMAZON-02) (AMAZON-02)
1	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
16	152.199.23.37 152.199.23.37	15133 (EDGECAST) (EDGECAST)
3	40.126.31.1 40.126.31.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	112.140.180.26 112.140.180.26	45638 (SYNERGYWH...) (SYNERGYWHOLESALE-AP SYNERGY WHOLESALE PTY LTD)
3 6	183.90.240.6 183.90.240.6	131965 (XSERVER X...) (XSERVER Xserver Inc.)
24	95.177.161.119 95.177.161.119	201771 (ITCC-CLOUD) (ITCC-CLOUD)
7	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
9	2001:ad0:1000... 2001:ad0:1000:1004::149	3327 (CITIC CIT...) (CITIC CITIC Telecom CPC Netherlands B.V.)
1 2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
24	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	() ()
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	() ()
1	2606:2800:233... 2606:2800:233:8173:898f:63b3:95c3:79d2	() ()
1	2a00:1450:400... 2a00:1450:4001:810::2003	() ()
94	15

1 3.248.73.173 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-73-173.eu-west-1.compute.amazonaws.com

t.m1.email.samsung.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

biannualreport.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 152.199.23.37 (United States)

ASN15133 (EDGECAST, US)

aadcdn.msftauth.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 40.126.31.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

login.live.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 112.140.180.26 (Sydney, Australia) 1 redirects

ASN45638 (SYNERGYWHOLESALE-AP SYNERGY WHOLESALE PTY LTD, AU)
PTR: c7s4-3m-syd.hosting-services.net.au

themoo.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 183.90.240.6 (Japan) 3 redirects

ASN131965 (XSERVER Xserver Inc., JP)
PTR: sv2205.xserver.jp

frontier9.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 95.177.161.119 (Riyadh, Saudi Arabia)

ASN201771 (ITCC-CLOUD, SA)
PTR: www.maaden.com.sa

www.maaden.com.sa	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2001:ad0:1000:1004::149 (Netherlands)

ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL)

tools.eurolandir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States) 1 redirects

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2606:2800:134:1a0d:1429:742:782:b6 (None, )

ASN- ()

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (None, )

ASN- ()

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:8173:898f:63b3:95c3:79d2 (None, )

ASN- ()

abs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	twimg.com cdn.syndication.twimg.com abs.twimg.com pbs.twimg.com	232 KB
24	maaden.com.sa www.maaden.com.sa	1 MB
16	msftauth.net aadcdn.msftauth.net	290 KB
9	eurolandir.com tools.eurolandir.com	157 KB
9	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	214 KB
6	frontier9.net 3 redirects frontier9.net	44 KB
3	live.com login.live.com	2 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	35 KB
1	gstatic.com fonts.gstatic.com	44 KB
1	themoo.com.au 1 redirects themoo.com.au	327 B
1	web.app biannualreport.web.app	9 KB
1	samsung.com 1 redirects t.m1.email.samsung.com	511 B
94	13

	Domain	Requested by
24	www.maaden.com.sa	frontier9.net www.maaden.com.sa
23	pbs.twimg.com	www.maaden.com.sa
16	aadcdn.msftauth.net	biannualreport.web.app frontier9.net
9	tools.eurolandir.com	www.maaden.com.sa tools.eurolandir.com
7	platform.twitter.com	www.maaden.com.sa platform.twitter.com
6	frontier9.net	3 redirects biannualreport.web.app frontier9.net
3	login.live.com	biannualreport.web.app frontier9.net
2	www.google-analytics.com	tools.eurolandir.com
2	syndication.twitter.com	1 redirects platform.twitter.com
1	fonts.gstatic.com	fonts.googleapis.com
1	abs.twimg.com	www.maaden.com.sa
1	fonts.googleapis.com	tools.eurolandir.com
1	cdn.syndication.twimg.com	platform.twitter.com
1	ajax.googleapis.com	www.maaden.com.sa
1	themoo.com.au	1 redirects
1	biannualreport.web.app
1	t.m1.email.samsung.com	1 redirects
94	17

This site contains links to these domains. Also see Links.

Domain
passwordreset.maaden.com.sa
www.maaden.com.sa
privacy.maaden.com.sa

Subject Issuer	Validity	Valid
web.app GTS CA 1D4	`2021-12-02` - `2022-03-02`	3 months	crt.sh
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA	`2021-05-13` - `2022-05-13`	a year	crt.sh
graph.windows.net DigiCert SHA2 Secure Server CA	`2021-11-25` - `2022-11-25`	a year	crt.sh
www.frontier9.net R3	`2021-11-24` - `2022-02-22`	3 months	crt.sh
*.maaden.com.sa DigiCert TLS RSA SHA256 2020 CA1	`2021-11-12` - `2022-12-13`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.eurolandir.com GlobeSSL DV CA	`2021-12-17` - `2023-01-02`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://frontier9.net/login/ws1.php
Frame ID: 1C781F0AA94904A55F037E6F770206AD
Requests: 22 HTTP requests in this frame

Frame: https://login.live.com/Me.htm?v=3
Frame ID: D2A481D40BE6000FF6F5F8340F9D2973
Requests: 1 HTTP requests in this frame

Frame: https://www.maaden.com.sa/
Frame ID: E1BC8D54DA86FE952FEC5A6C5F72368F
Requests: 32 HTTP requests in this frame

Frame: https://tools.eurolandir.com/tools/ticker/html/?companycode=sa-maaden&v=chart&lang=en-gb
Frame ID: 0F3066705963DFFEEB1789595E146CCF
Requests: 13 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.maaden.com.sa
Frame ID: 3A8749EE3DE7AB7AFE1824C15696EE30
Requests: 2 HTTP requests in this frame

Frame: https://abs.twimg.com/emoji/v2/72x72/1f538.png
Frame ID: C4ACBF5EE9B68D882056561B24F2E522
Requests: 31 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 0C6DB60D05ACEEEEE7CE9D7BD23BF7B6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign in to your account

Page URL History Show full URLs

http://t.m1.email.samsung.com/r/?id=hdbbbab32,71b0ad58,6b55baa5&p1=biannualreport.web.app/sudairikq0Hmaad9... HTTP 302
https://biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa Page URL
https://themoo.com.au/ssl.php?url=https://biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa HTTP 302
https://frontier9.net/login/?client-request-id=c3VkYWlyaWtAbWFhZGVuLmNvbS5zYQ== HTTP 302
https://frontier9.net/login/ws1.php Page URL

Detected technologies

Chart.js (JavaScript Graphics) Expand

Overall confidence: 75%
Detected patterns

/Chart(?:\.bundle)?(?:\.min)?\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

94
Requests

99 %
HTTPS

56 %
IPv6

13
Domains

17
Subdomains

15
IPs

7
Countries

2456 kB
Transfer

3812 kB
Size

5
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://passwordreset.maaden.com.sa/?ru=https%3a%2f%2flogin.maaden.com.saonline.com%2fcommon%2freprocess%3fctx%3drQIIAYWSv4vTcADFL-1dPY8Tzx-DLnKDiChp02_SpDl0yF166a98c23SJulS0uSbNmnSpGnapP0LxMnJwdFFPATBSZycHG5yFMHNSRBEEHTzTmdxebzHe9v7bG3S-SLIF_PEnSzIE3s3KYYuUVRpgJPApHGKHRB4mUQ0XrRY8rQCDG0a0eWtHaq6-fXljU_Ss9eff-y01P1jbHcUx-Fsr1BIkiQf2LZjorwZ-AXPmFjOZLgArzHsPYY9yWygCS7sH2dmNMkwJAAliiwTDEvTpWJeUvRU9ztFyJuxqPQcKBOEqJigqXie6OuxrnZKcNXzoNob6ash1VNrJegOV9BvxaIrUmd76I7Tplr3ocvFPaHuQsUaQ78DdKW1-pi5KHHzeATOJIicFfqeOW8Hkd8Pg1n8JPs4c1iWhRKhd5whstvVpDpezniLIpYTq12PqvWIKkrNJXJSN6yFdaJBBSnPjec1R66wugX1AV_Zb_Gy7A_EZpqQLSJkDQg4wzA4ekmO-1L3QMSbqE-X7Vjcnx6VbXnO6D53gJhZb1Ki8Kk-lQ8r847L0I62MAyxpQk4VMfpKB7hDGshW2XkFLXiMOQVEjCeN1i27cZS6S2a8dwRovaBWhZDrSXhAjPQZCGelvVJJ5hqyXCGmkdkfW6wKy6VTbzBm0lVdVduOGjXu00IEMdVuKQBJAPZ1livVUWUBjVmeJQcZ6__494FeJXNnRo_mJxkmSBEE8faDaPAdjz0LyQWoCD9SdXAR3nO896vY1_WtzdzO9vXsN2121eJjZ_r2NONU84-3H147_6vF9Xnq3eNtzu31k42ClSZZfheJeh2hnItEjSO9WtS1OW7wlyFsSaPZodQG9jaoUHcp_aKj3LYo1zuJHepxvdhRZEVDvJcmwd94lsOe3Bu7c35_5L7cfvK1tbc6XuBaXhodvkvwW8vrP0G0&mkt=en-GB&hosted=0&device_platform=macOS
Title: Forgotten my password

Search URL Search Domain Scan URL

URL: https://www.maaden.com.sa/en-GB/servicesagreement/
Title: Terms of use

Search URL Search Domain Scan URL

URL: https://privacy.maaden.com.sa/en-GB/privacystatement
Title: Privacy & cookies

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://t.m1.email.samsung.com/r/?id=hdbbbab32,71b0ad58,6b55baa5&p1=biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa HTTP 302
https://biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa Page URL
https://themoo.com.au/ssl.php?url=https://biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa HTTP 302
https://frontier9.net/login/?client-request-id=c3VkYWlyaWtAbWFhZGVuLmNvbS5zYQ== HTTP 302
https://frontier9.net/login/ws1.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://t.m1.email.samsung.com/r/?id=hdbbbab32,71b0ad58,6b55baa5&p1=biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa HTTP 302
https://biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa

Request Chain 22

https://frontier9.net/login/); HTTP 301
https://frontier9.net/login/ HTTP 302
https://frontier9.net/login/ws1.php

Request Chain 100

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

94 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa Show response
biannualreport.web.app/
Redirect Chain

http://t.m1.email.samsung.com/r/?id=hdbbbab32,71b0ad58,6b55baa5&p1=biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa
https://biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa

29 KB
9 KB

501ms
161ms

Document
text/html

2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4a4852ed5fd5c51a616f8f3e010b0c0062fed16235d896ada293cb67cb683f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
etag: "d7e908de66975eb55336810f5c932d2a9ae250e86bcd4a0d6fb97aa675701952"
last-modified: Tue, 28 Dec 2021 11:15:51 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Wed, 29 Dec 2021 11:25:51 GMT
x-served-by: cache-del21744-DEL
x-cache: HIT
x-cache-hits: 1
x-timer: S1640777152.604481,VS0,VE0
vary: x-fh-requested-host, accept-encoding
content-length: 9335

Redirect headers

Content-Type: text/plain; charset=utf-8
Date: Wed, 29 Dec 2021 11:25:51 GMT
Location: https://biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa
P3P: CP="CAO DSP COR CURa DEVa TAIa OUR BUS IND UNI COM NAV"
Server: Apache
X-Robots-Tag: noindex
Content-Length: 17
Connection: keep-alive

GET
H2 200 converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 108 KB
20 KB 52ms
25ms Stylesheet
text/css 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
Requested by: Host: biannualreport.web.app
URL: https://biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FCC) /
Resource Hash: 8b6a3b17737161e5fe8c29e401372a94b8e650226cf0cd17b4c3c4de5b380b11

Request headers

Referer: https://biannualreport.web.app/
Origin: https://biannualreport.web.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 29 Dec 2021 11:25:51 GMT
content-encoding: gzip
content-md5: 0O2H9juGYL0zkzcYWr0NIg==
age: 7499325
x-cache: HIT
content-length: 19877
x-ms-lease-status: unlocked
last-modified: Tue, 28 Sep 2021 21:42:58 GMT
server: ECAcc (frc/8FCC)
etag: 0x8D982C8F03AF4D4
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 4cd84846-501e-0061-5f72-b8a27b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/ 459 KB
126 KB 36ms
8ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/ConvergedLogin_PCore_a6PeIgafSneuouox-qU5OA2.js
Requested by: Host: biannualreport.web.app
URL: https://biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FBF) /
Resource Hash: ce768e83be373f5303ce3117cba6e60874a328c5fb740fb4dbc14989105e0a0d

Request headers

Referer: https://biannualreport.web.app/
Origin: https://biannualreport.web.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 29 Dec 2021 11:25:51 GMT
content-encoding: gzip
content-md5: e+GEpArZIh9idGnWSOj0zg==
age: 4474777
x-cache: HIT
content-length: 128665
x-ms-lease-status: unlocked
last-modified: Thu, 04 Nov 2021 21:02:14 GMT
server: ECAcc (frc/8FBF)
etag: 0x8D99FD6608B3F3E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9719d12f-b01e-0053-38f4-d36e6f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js Show response
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 42 KB
12 KB 51ms
24ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
Requested by: Host: biannualreport.web.app
URL: https://biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F6C) /
Resource Hash: a423ac7e2310bc44a1defeb1f6df180cab8a59442e7f41d093f21649fcc86e69

Request headers

Referer: https://biannualreport.web.app/
Origin: https://biannualreport.web.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 29 Dec 2021 11:25:51 GMT
content-encoding: gzip
content-md5: GYbSFdLE8Xb9pCzSg7cJ6A==
age: 5686334
x-cache: HIT
content-length: 12608
x-ms-lease-status: unlocked
last-modified: Tue, 19 Oct 2021 04:06:56 GMT
server: ECAcc (frc/8F6C)
etag: 0x8D992B5E417004E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6044ad75-801e-004b-7fef-c8f668000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 oneDs_472fa3a12b65cf387ccd.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/ 78 KB
26 KB 37ms
10ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/oneDs_472fa3a12b65cf387ccd.js
Requested by: Host: biannualreport.web.app
URL: https://biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F1F) /
Resource Hash: 235b558b77ab36f63c1439a68ac2410aaf8f42f7b9c93c0bfdc9af662abab8b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://biannualreport.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 29 Dec 2021 11:25:51 GMT
content-encoding: gzip
content-md5: xAmVJ4UrtXATagLD0tDXoQ==
age: 5686089
x-cache: HIT
content-length: 26117
x-ms-lease-status: unlocked
last-modified: Thu, 21 Oct 2021 01:02:25 GMT
server: ECAcc (frc/8F1F)
etag: 0x8D9942E72241B02
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5b0f795e-f01e-0076-44ef-c8059f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pfetchsessionsprogress_12dabd9245715d165757.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 15 KB
5 KB 43ms
16ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_12dabd9245715d165757.js
Requested by: Host: biannualreport.web.app
URL: https://biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FDD) /
Resource Hash: 2b3df4d53882fba74216d365e7344c782145f2faf8e08a2d69c548f5fbc7fbf5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://biannualreport.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 29 Dec 2021 11:25:51 GMT
content-encoding: gzip
content-md5: +lZRrDLGp8Gp/hURw2aXyQ==
age: 1775884
x-cache: HIT
content-length: 5386
x-ms-lease-status: unlocked
last-modified: Thu, 04 Nov 2021 21:02:05 GMT
server: ECAcc (frc/8FDD)
etag: 0x8D99FD65BAB30A3
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c9af81e9-f01e-0057-3980-ec85c3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 4 KB
2 KB 8ms
7ms Image
image/svg+xml 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
Requested by: Host: biannualreport.web.app
URL: https://biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E9E) /
Resource Hash: 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://biannualreport.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 29 Dec 2021 11:25:51 GMT
content-encoding: gzip
content-md5: nzaLxFgP7ZB3dfMcaybWzw==
age: 20930602
x-cache: HIT
content-length: 1435
x-ms-lease-status: unlocked
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: ECAcc (frc/8E9E)
etag: 0x8D79A1B9F5E121A
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 0c55977d-f01e-0098-2849-3ebec7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK Me.htm
login.live.com/ 0
0 209ms
102ms Other
text/html 40.126.31.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.live.com/Me.htm?v=3
Requested by: Host: biannualreport.web.app
URL: https://biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.126.31.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://biannualreport.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 0
20 KB 8ms
7ms Other
text/css 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
Requested by: Host: biannualreport.web.app
URL: https://biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FCC) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://biannualreport.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 29 Dec 2021 11:25:51 GMT
content-encoding: gzip
content-md5: 0O2H9juGYL0zkzcYWr0NIg==
age: 7499325
x-cache: HIT
content-length: 19877
x-ms-lease-status: unlocked
last-modified: Tue, 28 Sep 2021 21:42:58 GMT
server: ECAcc (frc/8FCC)
etag: 0x8D982C8F03AF4D4
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 4cd84846-501e-0061-5f72-b8a27b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 0
12 KB 9ms
9ms Other
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
Requested by: Host: biannualreport.web.app
URL: https://biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F6C) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://biannualreport.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 29 Dec 2021 11:25:51 GMT
content-encoding: gzip
content-md5: GYbSFdLE8Xb9pCzSg7cJ6A==
age: 5686334
x-cache: HIT
content-length: 12608
x-ms-lease-status: unlocked
last-modified: Tue, 19 Oct 2021 04:06:56 GMT
server: ECAcc (frc/8F6C)
etag: 0x8D992B5E417004E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6044ad75-801e-004b-7fef-c8f668000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK Me.htm
login.live.com/ Frame D2A4 2 KB
2 KB 185ms
108ms Document
text/html 40.126.31.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://login.live.com/Me.htm?v=3

Requested by

Host: biannualreport.web.app
URL: https://biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.126.31.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://biannualreport.web.app/

Response headers

Cache-Control: max-age=315360000
Content-Type: text/html; charset=utf-8
Content-Encoding: deflate
Expires: Sat, 27 Dec 2031 11:25:51 GMT
Vary: Accept-Encoding
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Referrer-Policy: strict-origin-when-cross-origin
x-ms-route-info: R3_BL2
x-ms-request-id: 834a014e-277a-467c-a695-eb39bf43fb3f
PPServer: PPV: 30 H: BL02PF7C40E6D80 V: 0
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
X-XSS-Protection: 1; mode=block
Date: Wed, 29 Dec 2021 11:25:51 GMT
Content-Length: 1114

GET
H2 200 2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ 2 KB
825 B 7ms
7ms Image
image/svg+xml 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg
Requested by: Host: biannualreport.web.app
URL: https://biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FE5) /
Resource Hash: 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://biannualreport.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 29 Dec 2021 11:25:51 GMT
content-encoding: gzip
content-md5: DhdidjYrlCeaRJJRG/y9mA==
age: 14716788
x-cache: HIT
content-length: 673
x-ms-lease-status: unlocked
last-modified: Wed, 12 Feb 2020 22:01:50 GMT
server: ECAcc (frc/8FE5)
etag: 0x8D7B007297AE131
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 1528e04b-101e-0063-5ccd-76af16000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2

200

Primary Request ws1.php Show response
frontier9.net/login/
Redirect Chain

https://themoo.com.au/ssl.php?url=https://biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa
https://frontier9.net/login/?client-request-id=c3VkYWlyaWtAbWFhZGVuLmNvbS5zYQ==
https://frontier9.net/login/ws1.php

33 KB
9 KB

267ms
267ms

Document
text/html

183.90.240.6
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to

Full URL: https://frontier9.net/login/ws1.php
Requested by: Host: biannualreport.web.app
URL: https://biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.6 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2205.xserver.jp
Software: nginx /
Resource Hash: bc70eba09ffb27e6b7112c7cfd9078beaafdbba1de31459fb8ac3e70dd9bfc64

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa#auth01/m.web.app/user/settings/notification-4e0rr70db9ec/oauth2/_3TUE9aaDfFZ4KFtPT2LS

Response headers

server: nginx
date: Wed, 29 Dec 2021 11:25:53 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: br

Redirect headers

server: nginx
date: Wed, 29 Dec 2021 11:25:53 GMT
content-type: text/html; charset=UTF-8
location: ws1.php
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache

GET
H2 200 converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 108 KB
20 KB 8ms
7ms Stylesheet
text/css 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
Requested by: Host: frontier9.net
URL: https://frontier9.net/login/ws1.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FCC) /
Resource Hash: 8b6a3b17737161e5fe8c29e401372a94b8e650226cf0cd17b4c3c4de5b380b11

Request headers

Referer: https://frontier9.net/
Origin: https://frontier9.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 29 Dec 2021 11:25:53 GMT
content-encoding: gzip
content-md5: 0O2H9juGYL0zkzcYWr0NIg==
age: 7499327
x-cache: HIT
content-length: 19877
x-ms-lease-status: unlocked
last-modified: Tue, 28 Sep 2021 21:42:58 GMT
server: ECAcc (frc/8FCC)
etag: 0x8D982C8F03AF4D4
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 4cd84846-501e-0061-5f72-b8a27b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pfetchsessionsprogress_3cdbaab1cf6d9b038234.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 15 KB
5 KB 11ms
10ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pfetchsessionsprogress_3cdbaab1cf6d9b038234.js
Requested by: Host: frontier9.net
URL: https://frontier9.net/login/ws1.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FC1) /
Resource Hash: 0140da8c4170309baa728814f96185de2c71bb6a9101d51cb040ece949aa3128

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://frontier9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 29 Dec 2021 11:25:53 GMT
content-encoding: gzip
content-md5: iY5CLUIh9JBLJeGkywpVeQ==
age: 5366045
x-cache: HIT
content-length: 5420
x-ms-lease-status: unlocked
last-modified: Mon, 25 Oct 2021 18:32:55 GMT
server: ECAcc (frc/8FC1)
etag: 0x8D997E5DC79B53A
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: fc77aabe-d01e-0043-3cd9-cbd147000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_pidpdisambiguation_76e0875415977704da38.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 7 KB
2 KB 9ms
8ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_pidpdisambiguation_76e0875415977704da38.js
Requested by: Host: frontier9.net
URL: https://frontier9.net/login/ws1.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F96) /
Resource Hash: e9b270d2a6af5d01dd798963a97d66ce020da7501b55c0239c0b5d7c1d5d2375

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://frontier9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 29 Dec 2021 11:25:53 GMT
content-encoding: gzip
content-md5: 1A1WnDfolxSryQ87DZzNXQ==
age: 5367190
x-cache: HIT
content-length: 2359
x-ms-lease-status: unlocked
last-modified: Mon, 25 Oct 2021 18:32:55 GMT
server: ECAcc (frc/8F96)
etag: 0x8D997E5DC900061
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ec7e0d1c-c01e-000a-3fd6-cbf4c7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 convergedlogin_ppassword_6f5648a25cfbe86f348c.js Show response
aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/ 20 KB
6 KB 11ms
11ms Script
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/js/asyncchunk/convergedlogin_ppassword_6f5648a25cfbe86f348c.js
Requested by: Host: frontier9.net
URL: https://frontier9.net/login/ws1.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F8B) /
Resource Hash: 7cb7621f3eb49c78b89d119106cf42981a3075da154dc96af6ca24f8f68c6f53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://frontier9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 29 Dec 2021 11:25:53 GMT
content-encoding: gzip
content-md5: JELxaubb1KDAtUnzSblILg==
age: 5389301
x-cache: HIT
content-length: 5736
x-ms-lease-status: unlocked
last-modified: Mon, 25 Oct 2021 18:32:56 GMT
server: ECAcc (frc/8F8B)
etag: 0x8D997E5DD3425FC
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 82e0f209-401e-006b-7aa2-cb8839000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 logo.svg
frontier9.net/login/ 4 KB
2 KB 261ms
260ms Image
image/svg+xml 183.90.240.6
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://frontier9.net/login/logo.svg
Requested by: Host: frontier9.net
URL: https://frontier9.net/login/ws1.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 183.90.240.6 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2205.xserver.jp
Software: nginx /
Resource Hash: 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://frontier9.net/login/ws1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:53 GMT
content-encoding: br
last-modified: Wed, 29 Dec 2021 10:14:41 GMT
server: nginx
etag: W/"e43-5d44634c5a38c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
expires: Wed, 05 Jan 2022 11:25:53 GMT

GET
H2 200 arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
aadcdn.msftauth.net/shared/1.0/content/images/ 513 B
414 B 9ms
7ms Image
image/svg+xml 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aadcdn.msftauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
Requested by: Host: frontier9.net
URL: https://frontier9.net/login/ws1.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F6C) /
Resource Hash: 34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://frontier9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 29 Dec 2021 11:25:53 GMT
content-encoding: gzip
content-md5: TjUQkZ0p0Y7rbj6LJofS9Q==
age: 18513708
x-cache: HIT
content-length: 276
x-ms-lease-status: unlocked
last-modified: Thu, 16 Jan 2020 00:32:45 GMT
server: ECAcc (frc/8F6C)
etag: 0x8D79A1B9B05915D
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: c711e8bd-e01e-0094-3b45-547244000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK Me.htm
login.live.com/ 0
0 102ms
100ms Other
text/html 40.126.31.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://login.live.com/Me.htm?v=3
Requested by: Host: frontier9.net
URL: https://frontier9.net/login/ws1.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.126.31.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://frontier9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 0
19 KB 8ms
8ms Other
text/css 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_kfhrfyfy-sm2tmkm5ficcw2.css
Requested by: Host: frontier9.net
URL: https://frontier9.net/login/ws1.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FCC) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://frontier9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 29 Dec 2021 11:25:53 GMT
content-encoding: gzip
content-md5: 0O2H9juGYL0zkzcYWr0NIg==
age: 7499327
x-cache: HIT
content-length: 19877
x-ms-lease-status: unlocked
last-modified: Tue, 28 Sep 2021 21:42:58 GMT
server: ECAcc (frc/8FCC)
etag: 0x8D982C8F03AF4D4
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 4cd84846-501e-0061-5f72-b8a27b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 200 ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ 0
12 KB 9ms
9ms Other
application/x-javascript 152.199.23.37
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://aadcdn.msftauth.net/ests/2.1/content/cdnbundles/ux.converged.login.strings-en-gb.min_-hjcgqxfzfu0cwzblacdqq2.js
Requested by: Host: frontier9.net
URL: https://frontier9.net/login/ws1.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.23.37 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F6C) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://frontier9.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 29 Dec 2021 11:25:53 GMT
content-encoding: gzip
content-md5: GYbSFdLE8Xb9pCzSg7cJ6A==
age: 5686336
x-cache: HIT
content-length: 12608
x-ms-lease-status: unlocked
last-modified: Tue, 19 Oct 2021 04:06:56 GMT
server: ECAcc (frc/8F6C)
etag: 0x8D992B5E417004E
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6044ad75-801e-004b-7fef-c8f668000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H/1.1 200
OK / Show response
www.maaden.com.sa/ Frame E1BC 49 KB
50 KB 404ms
123ms Document
text/html 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maaden.com.sa/

Requested by

Host: frontier9.net
URL: https://frontier9.net/login/ws1.php

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

5e765ad0170ac9af1992f3cd307ed594e27bf3c4c9dfcdec3ee55bb553af0607

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://frontier9.net/

Response headers

Date: Wed, 29 Dec 2021 11:25:54 GMT
Server: Apache
x-xss-protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: Content-Security-Policy: default-src https:
Referrer-Policy: strict-origin
X-Frame-Options: allow-from https://onedrive.live.com/
X-Content-Type-Options: nosniff
Cache-Control: no-cache, max-age=604800, public
Pragma: no-cache
Expires: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

200

ws1.php
frontier9.net/login/
Redirect Chain

https://frontier9.net/login/);
https://frontier9.net/login/
https://frontier9.net/login/ws1.php

33 KB
33 KB

262ms
262ms

Image
text/html

183.90.240.6
XSERVER Xserver Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://frontier9.net/login/ws1.php
Requested by: Host: frontier9.net
URL: https://frontier9.net/login/ws1.php
Protocol: H2
Server: 183.90.240.6 , Japan, ASN131965 (XSERVER Xserver Inc., JP),
Reverse DNS: sv2205.xserver.jp
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://frontier9.net/login/ws1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Dec 2021 11:25:54 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

location: ws1.php
pragma: no-cache
date: Wed, 29 Dec 2021 11:25:54 GMT
cache-control: no-store, no-cache, must-revalidate
server: nginx
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK bootstrap.min.css
www.maaden.com.sa/assets/css/ Frame E1BC 141 KB
142 KB 247ms
93ms Stylesheet
text/css 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maaden.com.sa/assets/css/bootstrap.min.css

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

6ff59621dfad4311fec3b0e70bdb2499889d27fae5a10efd724afad31ebed5ef

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 144877
x-xss-protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Sat, 25 May 2019 15:37:34 GMT
Server: Apache
Date: Wed, 29 Dec 2021 11:25:54 GMT
X-Frame-Options: allow-from https://onedrive.live.com/
Content-Type: text/css
Cache-Control: no-cache, max-age=604800, public
Content-Security-Policy: Content-Security-Policy: default-src https:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: 0

GET
H/1.1 200
OK font-awesome.css
www.maaden.com.sa/assets/css/ Frame E1BC 39 KB
39 KB 271ms
94ms Stylesheet
text/css 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maaden.com.sa/assets/css/font-awesome.css

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

6081e5ab192226d10d4ccbb32070bd11f65a079467886afb905ee3b9440952e7

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 39751
x-xss-protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Mon, 20 May 2019 13:10:22 GMT
Server: Apache
Date: Wed, 29 Dec 2021 11:25:54 GMT
X-Frame-Options: allow-from https://onedrive.live.com/
Content-Type: text/css
Cache-Control: no-cache, max-age=604800, public
Content-Security-Policy: Content-Security-Policy: default-src https:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: 0

GET
H/1.1 200
OK bootstrap-dropdownhover.min.css
www.maaden.com.sa/assets/css/ Frame E1BC 1 KB
2 KB 274ms
96ms Stylesheet
text/css 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maaden.com.sa/assets/css/bootstrap-dropdownhover.min.css

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

f74deb516d3aca0aad48b0127ae3d711341d0e16c9ee90ea7b5ef895927f0045

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 1230
x-xss-protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Fri, 24 May 2019 19:24:40 GMT
Server: Apache
Date: Wed, 29 Dec 2021 11:25:54 GMT
X-Frame-Options: allow-from https://onedrive.live.com/
Content-Type: text/css
Cache-Control: no-cache, max-age=604800, public
Content-Security-Policy: Content-Security-Policy: default-src https:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: 0

GET
H/1.1 200
OK fonts.css
www.maaden.com.sa/assets/ Frame E1BC 4 KB
5 KB 275ms
92ms Stylesheet
text/css 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maaden.com.sa/assets/fonts.css

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

f2dda70514ce03ef800977822fd71303afb4c580503a926378d18af396d56f21

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 4330
x-xss-protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Thu, 19 Mar 2020 12:16:42 GMT
Server: Apache
Date: Wed, 29 Dec 2021 11:25:54 GMT
X-Frame-Options: allow-from https://onedrive.live.com/
Content-Type: text/css
Cache-Control: no-cache, max-age=604800, public
Content-Security-Policy: Content-Security-Policy: default-src https:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: 0

GET
H/1.1 200
OK style.css
www.maaden.com.sa/assets/ Frame E1BC 25 KB
26 KB 277ms
91ms Stylesheet
text/css 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maaden.com.sa/assets/style.css

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

e79c6540723d72d53b8588e6f317cf18a81fb7ccd52dea2f6a34385659ab0f08

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 25652
x-xss-protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Tue, 21 Apr 2020 09:18:14 GMT
Server: Apache
Date: Wed, 29 Dec 2021 11:25:54 GMT
X-Frame-Options: allow-from https://onedrive.live.com/
Content-Type: text/css
Cache-Control: no-cache, max-age=604800, public
Content-Security-Policy: Content-Security-Policy: default-src https:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: 0

GET
H/1.1 200
OK media.css
www.maaden.com.sa/assets/ Frame E1BC 14 KB
15 KB 281ms
94ms Stylesheet
text/css 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maaden.com.sa/assets/media.css

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

96edb024e8ef83e0749a33a00dbb548dd544c51035493f02f95d6e8b8fd4ebaf

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 14388
x-xss-protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Thu, 06 Feb 2020 06:50:06 GMT
Server: Apache
Date: Wed, 29 Dec 2021 11:25:54 GMT
X-Frame-Options: allow-from https://onedrive.live.com/
Content-Type: text/css
Cache-Control: no-cache, max-age=604800, public
Content-Security-Policy: Content-Security-Policy: default-src https:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: 0

GET
H/1.1 200
OK Chart.min.js Show response
www.maaden.com.sa/assets/js/ Frame E1BC 153 KB
154 KB 369ms
95ms Script
application/javascript 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maaden.com.sa/assets/js/Chart.min.js

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

52ff41341b9cbc23e2a4a436352f706292668bc0d33847d303f9c7d9aa0900bc

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 156721
x-xss-protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Mon, 27 May 2019 16:31:50 GMT
Server: Apache
Date: Wed, 29 Dec 2021 11:25:54 GMT
X-Frame-Options: allow-from https://onedrive.live.com/
Content-Type: application/javascript
Cache-Control: no-cache, max-age=604800, public
Content-Security-Policy: Content-Security-Policy: default-src https:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: 0

GET
H/1.1 200
OK headerLogo.png
www.maaden.com.sa/assets/images/ Frame E1BC 8 KB
8 KB 94ms
93ms Image
image/png 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maaden.com.sa/assets/images/headerLogo.png

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

185299c7bbad12f5889b5e7f1c094ee48d193ea90c0d76cc1149ac422a641db2

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 7856
x-xss-protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Thu, 05 Aug 2021 12:41:23 GMT
Server: Apache
Date: Wed, 29 Dec 2021 11:25:54 GMT
X-Frame-Options: allow-from https://onedrive.live.com/
Content-Type: image/png
Cache-Control: no-cache, max-age=604800, public
Content-Security-Policy: Content-Security-Policy: default-src https:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: 0

GET
H/1.1 200
OK financialImg.jpg
www.maaden.com.sa/assets/images/ Frame E1BC 21 KB
22 KB 94ms
94ms Image
image/jpeg 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maaden.com.sa/assets/images/financialImg.jpg

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

343f5807a9176425f4352530c658e5f1637a44357cdee98ac2849b8dc3fb27f0

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 21861
x-xss-protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Wed, 19 Jun 2019 07:20:58 GMT
Server: Apache
Date: Wed, 29 Dec 2021 11:25:54 GMT
X-Frame-Options: allow-from https://onedrive.live.com/
Content-Type: image/jpeg
Cache-Control: no-cache, max-age=604800, public
Content-Security-Policy: Content-Security-Policy: default-src https:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: 0

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ Frame E1BC 96 KB
29 KB 31ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: 97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 11:25:54 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 1056
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 29126
x-tw-cdn: VZ
Last-Modified: Thu, 02 Dec 2021 21:35:27 GMT
Server: ECS (frb/6727)
Etag: "50ec7e701ed018305368886c39cac301+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H/1.1 200
OK footerLogo.png
www.maaden.com.sa/assets/images/ Frame E1BC 3 KB
4 KB 94ms
94ms Image
image/png 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maaden.com.sa/assets/images/footerLogo.png

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

44ccd6cc65a97a118c7463379a667cbc7233f06a1b275cbe072a9f93f479d935

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 3277
x-xss-protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Wed, 19 Jun 2019 07:20:56 GMT
Server: Apache
Date: Wed, 29 Dec 2021 11:25:54 GMT
X-Frame-Options: allow-from https://onedrive.live.com/
Content-Type: image/png
Cache-Control: no-cache, max-age=604800, public
Content-Security-Policy: Content-Security-Policy: default-src https:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ Frame E1BC 94 KB
33 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 19:42:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33434
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Dec 2022 19:42:58 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
www.maaden.com.sa/assets/js/ Frame E1BC 48 KB
48 KB 93ms
93ms Script
application/javascript 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maaden.com.sa/assets/js/bootstrap.min.js

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 48944
x-xss-protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Fri, 19 Jan 2018 00:33:36 GMT
Server: Apache
Date: Wed, 29 Dec 2021 11:25:55 GMT
X-Frame-Options: allow-from https://onedrive.live.com/
Content-Type: application/javascript
Cache-Control: no-cache, max-age=604800, public
Content-Security-Policy: Content-Security-Policy: default-src https:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: 0

GET
H/1.1 200
OK bootstrap-dropdownhover.js Show response
www.maaden.com.sa/assets/js/ Frame E1BC 9 KB
10 KB 94ms
94ms Script
application/javascript 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maaden.com.sa/assets/js/bootstrap-dropdownhover.js

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

19b445a350f479e5c8ae8be1db12af936a2371c9e878f3737fd15578d33c2102

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 9353
x-xss-protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Fri, 24 May 2019 19:25:08 GMT
Server: Apache
Date: Wed, 29 Dec 2021 11:25:55 GMT
X-Frame-Options: allow-from https://onedrive.live.com/
Content-Type: application/javascript
Cache-Control: no-cache, max-age=604800, public
Content-Security-Policy: Content-Security-Policy: default-src https:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: 0

GET
H/1.1 200
OK custom-js.js Show response
www.maaden.com.sa/assets/js/ Frame E1BC 438 B
1 KB 92ms
91ms Script
application/javascript 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maaden.com.sa/assets/js/custom-js.js

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

df8cf0922b5beb9f2a2033837a5a0253e9e8a70b629aea2bf843137c49731bda

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 438
x-xss-protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Wed, 17 Jul 2019 11:14:50 GMT
Server: Apache
Date: Wed, 29 Dec 2021 11:25:55 GMT
X-Frame-Options: allow-from https://onedrive.live.com/
Content-Type: application/javascript
Cache-Control: no-cache, max-age=604800, public
Content-Security-Policy: Content-Security-Policy: default-src https:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: 0

GET
H2 200 / Show response
tools.eurolandir.com/tools/ticker/html/ Frame 0F30 9 KB
3 KB 183ms
46ms Document
text/html 2001:ad0:1000:1004::149
CITIC CITIC Telec...

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.eurolandir.com/tools/ticker/html/?companycode=sa-maaden&v=chart&lang=en-gb

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:ad0:1000:1004::149 , Netherlands, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),

Reverse DNS

Software

Resource Hash

3817f984cf770e60c935d0c2ad7d5934684c242f8aa7b2d5907667cf4322bb57

Security Headers

Name	Value
Public-Key-Pins	max-age=30; pin-sha256="/+IEr3O32RTitEm7vaWdIjdE1/ln2DYs4CyT5wBB2qc="; pin-sha256="J44drAHqhdb4p5IHsd1cT/Trk/vZjIy8y6ajSis5Hhc="; pin-sha256="Ok5YY3wU3OgqPbkRzNxbfAzOwI7Tp5Zn8kk8EA31tk0="; report-uri="http://tools.euroland.com/tools/pkp-report/default.aspx"
Strict-Transport-Security	max-age=15552000
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/

Response headers

cache-control: public, max-age=823
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: Wed, 29 Dec 2021 11:39:38 GMT
last-modified: Wed, 29 Dec 2021 10:39:38 GMT
vary: *
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15552000
public-key-pins: max-age=30; pin-sha256="/+IEr3O32RTitEm7vaWdIjdE1/ln2DYs4CyT5wBB2qc="; pin-sha256="J44drAHqhdb4p5IHsd1cT/Trk/vZjIy8y6ajSis5Hhc="; pin-sha256="Ok5YY3wU3OgqPbkRzNxbfAzOwI7Tp5Zn8kk8EA31tk0="; report-uri="http://tools.euroland.com/tools/pkp-report/default.aspx"
date: Wed, 29 Dec 2021 11:25:54 GMT
content-length: 2765

GET
H/1.1 200
OK gold-home-en-03.jpg
www.maaden.com.sa/assets/images/ Frame E1BC 254 KB
255 KB 93ms
93ms Image
image/jpeg 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maaden.com.sa/assets/images/gold-home-en-03.jpg

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

33b5c679b3572f3943c69a4c8cf73ff42be671e080f20c8501c2f67e1d2e95f9

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 260305
x-xss-protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Mon, 25 Nov 2019 09:49:32 GMT
Server: Apache
Date: Wed, 29 Dec 2021 11:25:55 GMT
X-Frame-Options: allow-from https://onedrive.live.com/
Content-Type: image/jpeg
Cache-Control: no-cache, max-age=604800, public
Content-Security-Policy: Content-Security-Policy: default-src https:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: 0

GET
DATA 200
OK truncated
/ Frame E1BC 137 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
DATA 200
OK truncated
/ Frame E1BC 137 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H/1.1 200
OK service1.jpg
www.maaden.com.sa/assets/images/ Frame E1BC 20 KB
21 KB 92ms
92ms Image
image/jpeg 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maaden.com.sa/assets/images/service1.jpg

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/assets/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

8b017eeb763047d888a766f14dcafcb59e1d8f3903ae2272887f6f08c8ee615b

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 20429
x-xss-protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Mon, 01 Jul 2019 10:02:17 GMT
Server: Apache
Date: Wed, 29 Dec 2021 11:25:55 GMT
X-Frame-Options: allow-from https://onedrive.live.com/
Content-Type: image/jpeg
Cache-Control: no-cache, max-age=604800, public
Content-Security-Policy: Content-Security-Policy: default-src https:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: 0

GET
H/1.1 200
OK service2.jpg
www.maaden.com.sa/assets/images/ Frame E1BC 27 KB
28 KB 250ms
93ms Image
image/jpeg 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maaden.com.sa/assets/images/service2.jpg

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/assets/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

88c0e0bb82ed1d7d6480e195bf6c93663d30edbaee3f70a44e7f9910b0c8655e

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 27905
x-xss-protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Mon, 01 Jul 2019 10:02:23 GMT
Server: Apache
Date: Wed, 29 Dec 2021 11:25:55 GMT
X-Frame-Options: allow-from https://onedrive.live.com/
Content-Type: image/jpeg
Cache-Control: no-cache, max-age=604800, public
Content-Security-Policy: Content-Security-Policy: default-src https:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: 0

GET
H/1.1 200
OK service3.jpg
www.maaden.com.sa/assets/images/ Frame E1BC 22 KB
23 KB 250ms
90ms Image
image/jpeg 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maaden.com.sa/assets/images/service3.jpg

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/assets/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

96498dca8406f443190be478eb86c29b3d0bfe9d457f4527381e6d7eca908cc6

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 22587
x-xss-protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Mon, 01 Jul 2019 10:02:27 GMT
Server: Apache
Date: Wed, 29 Dec 2021 11:25:55 GMT
X-Frame-Options: allow-from https://onedrive.live.com/
Content-Type: image/jpeg
Cache-Control: no-cache, max-age=604800, public
Content-Security-Policy: Content-Security-Policy: default-src https:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: 0

GET
H/1.1 200
OK career.jpg
www.maaden.com.sa/assets/images/ Frame E1BC 90 KB
91 KB 94ms
94ms Image
image/jpeg 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.maaden.com.sa/assets/images/career.jpg

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/assets/style.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

5092e13d7c208739967037886286b176bb8b905ad535597c8956a08338f4fc1e

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 92251
x-xss-protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Wed, 19 Jun 2019 07:21:01 GMT
Server: Apache
Date: Wed, 29 Dec 2021 11:25:55 GMT
X-Frame-Options: allow-from https://onedrive.live.com/
Content-Type: image/jpeg
Cache-Control: no-cache, max-age=604800, public
Content-Security-Policy: Content-Security-Policy: default-src https:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Expires: 0

GET
H/1.1 200
OK Gotham-Light.otf
www.maaden.com.sa/assets/fonts/ Frame E1BC 123 KB
123 KB 128ms
94ms Font
font/otf 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maaden.com.sa/assets/fonts/Gotham-Light.otf

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/assets/fonts.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

eb5f2c3557023f9aebd1315f78deceb2f5852d3680124fe1e96effc075df3170

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.maaden.com.sa/
Origin: https://www.maaden.com.sa
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 125704
x-xss-protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Mon, 30 Sep 2019 10:29:02 GMT
Server: Apache
Date: Wed, 29 Dec 2021 11:25:55 GMT
X-Frame-Options: allow-from https://onedrive.live.com/
Content-Type: font/otf
Cache-Control: no-cache, max-age=604800, public
Content-Security-Policy: Content-Security-Policy: default-src https:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: 0

GET
H/1.1 200
OK Gotham-Bold.otf
www.maaden.com.sa/assets/fonts/ Frame E1BC 124 KB
125 KB 169ms
92ms Font
font/otf 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maaden.com.sa/assets/fonts/Gotham-Bold.otf

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/assets/fonts.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

88b3795f97ee469c9e30430b54d35c11cdf28c96e3e71d0122e37e6bf025c0b8

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.maaden.com.sa/
Origin: https://www.maaden.com.sa
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 127472
x-xss-protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Mon, 30 Sep 2019 10:29:00 GMT
Server: Apache
Date: Wed, 29 Dec 2021 11:25:55 GMT
X-Frame-Options: allow-from https://onedrive.live.com/
Content-Type: font/otf
Cache-Control: no-cache, max-age=604800, public
Content-Security-Policy: Content-Security-Policy: default-src https:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: 0

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.maaden.com.sa/assets/fonts/ Frame E1BC 75 KB
76 KB 173ms
94ms Font
font/woff2 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maaden.com.sa/assets/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/assets/css/font-awesome.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.maaden.com.sa/
Origin: https://www.maaden.com.sa
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 77160
x-xss-protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Thu, 22 Dec 2016 15:50:34 GMT
Server: Apache
Date: Wed, 29 Dec 2021 11:25:55 GMT
X-Frame-Options: allow-from https://onedrive.live.com/
Content-Type: font/woff2
Cache-Control: no-cache, max-age=604800, public
Content-Security-Policy: Content-Security-Policy: default-src https:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: 0

GET
H/1.1 200
OK MaadenArabicFontMedium.woff2
www.maaden.com.sa//assets/fonts/ Frame E1BC 17 KB
18 KB 178ms
95ms Font
font/woff2 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maaden.com.sa//assets/fonts/MaadenArabicFontMedium.woff2

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/assets/fonts.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

2be8da887b8864b4c477beaa292da4d74bb2230448b2764837a6c03171a06d57

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.maaden.com.sa/
Origin: https://www.maaden.com.sa
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 17868
x-xss-protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Thu, 19 Mar 2020 10:48:58 GMT
Server: Apache
Date: Wed, 29 Dec 2021 11:25:55 GMT
X-Frame-Options: allow-from https://onedrive.live.com/
Content-Type: font/woff2
Cache-Control: no-cache, max-age=604800, public
Content-Security-Policy: Content-Security-Policy: default-src https:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: 0

GET
H/1.1 200
OK Gotham-Medium.otf
www.maaden.com.sa/assets/fonts/ Frame E1BC 126 KB
126 KB 263ms
91ms Font
font/otf 95.177.161.119
ITCC-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://www.maaden.com.sa/assets/fonts/Gotham-Medium.otf

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/assets/fonts.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

95.177.161.119 Riyadh, Saudi Arabia, ASN201771 (ITCC-CLOUD, SA),

Reverse DNS

www.maaden.com.sa

Software

Apache /

Resource Hash

e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06

Security Headers

Name	Value
Content-Security-Policy	Content-Security-Policy: default-src https:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://onedrive.live.com/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.maaden.com.sa/
Origin: https://www.maaden.com.sa
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Connection: Keep-Alive
Content-Length: 128768
x-xss-protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin
Last-Modified: Mon, 30 Sep 2019 10:29:04 GMT
Server: Apache
Date: Wed, 29 Dec 2021 11:25:55 GMT
X-Frame-Options: allow-from https://onedrive.live.com/
Content-Type: font/otf
Cache-Control: no-cache, max-age=604800, public
Content-Security-Policy: Content-Security-Policy: default-src https:
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: 0

GET
H/1.1 200
OK widget_iframe.21f942bb866c2823339b839747a0c50c.html Show response
platform.twitter.com/widgets/ Frame 3A87 319 KB
103 KB 7ms
7ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.maaden.com.sa
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1695571
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 29 Dec 2021 11:25:55 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 02 Dec 2021 21:34:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6724)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3A87 232 B
448 B 139ms
124ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=662e0f511d8c69fc5bbbb5d8ab6bf1b0213cd30d

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.maaden.com.sa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-response-time: 117
date: Wed, 29 Dec 2021 11:25:54 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 11:25:55 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 6529012a2f403461ea923aec7b4fa496781390d4135d955422318679b65532d4
content-length: 166

GET
H2 200 EurolandToolAutoSizeObject.js Show response
tools.eurolandir.com/tools/common/EurolandIFrameAutoHeight/ Frame 0F30 3 KB
2 KB 41ms
40ms Script
application/javascript 2001:ad0:1000:1004::149
CITIC CITIC Telec...

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.eurolandir.com/tools/common/EurolandIFrameAutoHeight/EurolandToolAutoSizeObject.js

Requested by

Host: tools.eurolandir.com
URL: https://tools.eurolandir.com/tools/ticker/html/?companycode=sa-maaden&v=chart&lang=en-gb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:ad0:1000:1004::149 , Netherlands, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),

Reverse DNS

Software

Resource Hash

313d654df7b404dab5fece0ef3c3b099026154341fb652c2fd10163197d058ca

Security Headers

Name	Value
Public-Key-Pins	max-age=30; pin-sha256="/+IEr3O32RTitEm7vaWdIjdE1/ln2DYs4CyT5wBB2qc="; pin-sha256="J44drAHqhdb4p5IHsd1cT/Trk/vZjIy8y6ajSis5Hhc="; pin-sha256="Ok5YY3wU3OgqPbkRzNxbfAzOwI7Tp5Zn8kk8EA31tk0="; report-uri="http://tools.euroland.com/tools/pkp-report/default.aspx"
Strict-Transport-Security	max-age=15552000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tools.eurolandir.com/tools/ticker/html/?companycode=sa-maaden&v=chart&lang=en-gb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
last-modified: Mon, 04 Mar 2019 18:13:08 GMT
etag: "c3a83ebb5d2d41:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
date: Wed, 29 Dec 2021 11:25:54 GMT
accept-ranges: bytes
content-length: 1479
x-xss-protection: 1; mode=block
public-key-pins: max-age=30; pin-sha256="/+IEr3O32RTitEm7vaWdIjdE1/ln2DYs4CyT5wBB2qc="; pin-sha256="J44drAHqhdb4p5IHsd1cT/Trk/vZjIy8y6ajSis5Hhc="; pin-sha256="Ok5YY3wU3OgqPbkRzNxbfAzOwI7Tp5Zn8kk8EA31tk0="; report-uri="http://tools.euroland.com/tools/pkp-report/default.aspx"

GET
H2 200 static.js Show response
tools.eurolandir.com/tools/ticker/bundles/ Frame 0F30 318 KB
145 KB 49ms
48ms Script
text/javascript 2001:ad0:1000:1004::149
CITIC CITIC Telec...

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.eurolandir.com/tools/ticker/bundles/static.js?v=AohY-4ojSuWtHMp2cKt5bi2dDeg8adi-nhBmITC4brY1

Requested by

Host: tools.eurolandir.com
URL: https://tools.eurolandir.com/tools/ticker/html/?companycode=sa-maaden&v=chart&lang=en-gb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:ad0:1000:1004::149 , Netherlands, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),

Reverse DNS

Software

Resource Hash

59da4e1eaa393ebc3b6c00ca55c9f3ac27cdfdd1232d320be916f3b4371d650c

Security Headers

Name	Value
Public-Key-Pins	max-age=30; pin-sha256="/+IEr3O32RTitEm7vaWdIjdE1/ln2DYs4CyT5wBB2qc="; pin-sha256="J44drAHqhdb4p5IHsd1cT/Trk/vZjIy8y6ajSis5Hhc="; pin-sha256="Ok5YY3wU3OgqPbkRzNxbfAzOwI7Tp5Zn8kk8EA31tk0="; report-uri="http://tools.euroland.com/tools/pkp-report/default.aspx"
Strict-Transport-Security	max-age=15552000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tools.eurolandir.com/tools/ticker/html/?companycode=sa-maaden&v=chart&lang=en-gb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 11:25:55 GMT
date: Wed, 29 Dec 2021 11:25:54 GMT
vary: User-Agent,Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public
content-length: 148226
x-xss-protection: 1; mode=block
public-key-pins: max-age=30; pin-sha256="/+IEr3O32RTitEm7vaWdIjdE1/ln2DYs4CyT5wBB2qc="; pin-sha256="J44drAHqhdb4p5IHsd1cT/Trk/vZjIy8y6ajSis5Hhc="; pin-sha256="Ok5YY3wU3OgqPbkRzNxbfAzOwI7Tp5Zn8kk8EA31tk0="; report-uri="http://tools.euroland.com/tools/pkp-report/default.aspx"
expires: Thu, 29 Dec 2022 11:25:55 GMT

GET
H2 200 google-analytics.js Show response
tools.eurolandir.com/tools/common/ Frame 0F30 909 B
1 KB 36ms
35ms Script
application/javascript 2001:ad0:1000:1004::149
CITIC CITIC Telec...

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.eurolandir.com/tools/common/google-analytics.js

Requested by

Host: tools.eurolandir.com
URL: https://tools.eurolandir.com/tools/ticker/html/?companycode=sa-maaden&v=chart&lang=en-gb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:ad0:1000:1004::149 , Netherlands, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),

Reverse DNS

Software

Resource Hash

2d1da5bd4581daf6f40c60f79be15566ee2ddab9790219fa06b842200cdade3f

Security Headers

Name	Value
Public-Key-Pins	max-age=30; pin-sha256="/+IEr3O32RTitEm7vaWdIjdE1/ln2DYs4CyT5wBB2qc="; pin-sha256="J44drAHqhdb4p5IHsd1cT/Trk/vZjIy8y6ajSis5Hhc="; pin-sha256="Ok5YY3wU3OgqPbkRzNxbfAzOwI7Tp5Zn8kk8EA31tk0="; report-uri="http://tools.euroland.com/tools/pkp-report/default.aspx"
Strict-Transport-Security	max-age=15552000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tools.eurolandir.com/tools/ticker/html/?companycode=sa-maaden&v=chart&lang=en-gb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 07:54:02 GMT
etag: "5584186db0e0d51:0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
date: Wed, 29 Dec 2021 11:25:54 GMT
accept-ranges: bytes
content-length: 631
x-xss-protection: 1; mode=block
public-key-pins: max-age=30; pin-sha256="/+IEr3O32RTitEm7vaWdIjdE1/ln2DYs4CyT5wBB2qc="; pin-sha256="J44drAHqhdb4p5IHsd1cT/Trk/vZjIy8y6ajSis5Hhc="; pin-sha256="Ok5YY3wU3OgqPbkRzNxbfAzOwI7Tp5Zn8kk8EA31tk0="; report-uri="http://tools.euroland.com/tools/pkp-report/default.aspx"

GET
H/1.1 200
OK moment~timeline.c7de492113f2eac2bb49ff9013aa2889.js Show response
platform.twitter.com/js/ Frame E1BC 25 KB
8 KB 8ms
7ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.c7de492113f2eac2bb49ff9013aa2889.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C2) /
Resource Hash: de8383d06a56f08749ed99ad3d43911fe88072a79e9148e2d1dead390f64893f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 11:25:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 21:34:11 GMT
Server: ECS (frb/67C2)
Age: 738114
Etag: "643f975645cfdfec2ae02aad7fbc9eea+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 8013

GET
H/1.1 200
OK timeline.55167c7072ca7f4363bf18820295ba93.js Show response
platform.twitter.com/js/ Frame E1BC 20 KB
7 KB 15ms
6ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.55167c7072ca7f4363bf18820295ba93.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: 888bc5618973079f4a157c8c94b0afe382e7e957306429c5880e032c83fb8e0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 11:25:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 21:34:11 GMT
Server: ECS (frb/6727)
Age: 1695567
Etag: "9539ec9d4bc5c1e5b1953004a6456c51+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 6441

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ Frame E1BC 139 KB
10 KB 268ms
246ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_MaadenKSA_old&dnt=false&domain=www.maaden.com.sa&lang=en&screen_name=MaadenKSA&suppress_response_codes=true&t=1823085&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

tsa_f /

Resource Hash

166ee9aa1b033f622a370b6b3ff26391fe6642c08774149cf4d7cf05712f2003

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
access-control-allow-methods: GET
content-length: 10174
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 224
last-modified: Wed, 29 Dec 2021 11:25:55 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 472f0e21069cbb92f093373d780e68169f70b52c46f96ef59887514bee8431d1
timing-allow-origin: *
x-transaction: 1d2e86abe57f333f
expires: Wed, 29 Dec 2021 11:30:55 GMT

GET
H2 200 style_chart.css
tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/sa-maaden/ Frame 0F30 3 KB
1 KB 38ms
38ms Stylesheet
text/css 2001:ad0:1000:1004::149
CITIC CITIC Telec...

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/sa-maaden/style_chart.css

Requested by

Host: tools.eurolandir.com
URL: https://tools.eurolandir.com/tools/ticker/html/?companycode=sa-maaden&v=chart&lang=en-gb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:ad0:1000:1004::149 , Netherlands, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),

Reverse DNS

Software

Resource Hash

c127cabd70eefc02c097fcaf3f150206021162b8f34ca58f805390e7a38862c9

Security Headers

Name	Value
Public-Key-Pins	max-age=30; pin-sha256="/+IEr3O32RTitEm7vaWdIjdE1/ln2DYs4CyT5wBB2qc="; pin-sha256="J44drAHqhdb4p5IHsd1cT/Trk/vZjIy8y6ajSis5Hhc="; pin-sha256="Ok5YY3wU3OgqPbkRzNxbfAzOwI7Tp5Zn8kk8EA31tk0="; report-uri="http://tools.euroland.com/tools/pkp-report/default.aspx"
Strict-Transport-Security	max-age=15552000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tools.eurolandir.com/tools/ticker/html/?companycode=sa-maaden&v=chart&lang=en-gb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 05:47:03 GMT
etag: "fa8715736918d61:0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
date: Wed, 29 Dec 2021 11:25:54 GMT
accept-ranges: bytes
content-length: 991
x-xss-protection: 1; mode=block
public-key-pins: max-age=30; pin-sha256="/+IEr3O32RTitEm7vaWdIjdE1/ln2DYs4CyT5wBB2qc="; pin-sha256="J44drAHqhdb4p5IHsd1cT/Trk/vZjIy8y6ajSis5Hhc="; pin-sha256="Ok5YY3wU3OgqPbkRzNxbfAzOwI7Tp5Zn8kk8EA31tk0="; report-uri="http://tools.euroland.com/tools/pkp-report/default.aspx"

GET
H2 200 style_chart.css Show response
tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/sa-maaden/ Frame 0F30 3 KB
1 KB 40ms
39ms XHR
text/css 2001:ad0:1000:1004::149
CITIC CITIC Telec...

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/sa-maaden/style_chart.css

Requested by

Host: tools.eurolandir.com
URL: https://tools.eurolandir.com/tools/ticker/bundles/static.js?v=AohY-4ojSuWtHMp2cKt5bi2dDeg8adi-nhBmITC4brY1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:ad0:1000:1004::149 , Netherlands, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),

Reverse DNS

Software

Resource Hash

c127cabd70eefc02c097fcaf3f150206021162b8f34ca58f805390e7a38862c9

Security Headers

Name	Value
Public-Key-Pins	max-age=30; pin-sha256="/+IEr3O32RTitEm7vaWdIjdE1/ln2DYs4CyT5wBB2qc="; pin-sha256="J44drAHqhdb4p5IHsd1cT/Trk/vZjIy8y6ajSis5Hhc="; pin-sha256="Ok5YY3wU3OgqPbkRzNxbfAzOwI7Tp5Zn8kk8EA31tk0="; report-uri="http://tools.euroland.com/tools/pkp-report/default.aspx"
Strict-Transport-Security	max-age=15552000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tools.eurolandir.com/tools/ticker/html/?companycode=sa-maaden&v=chart&lang=en-gb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
last-modified: Wed, 22 Apr 2020 05:47:03 GMT
etag: "fa8715736918d61:0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
date: Wed, 29 Dec 2021 11:25:54 GMT
accept-ranges: bytes
content-length: 991
x-xss-protection: 1; mode=block
public-key-pins: max-age=30; pin-sha256="/+IEr3O32RTitEm7vaWdIjdE1/ln2DYs4CyT5wBB2qc="; pin-sha256="J44drAHqhdb4p5IHsd1cT/Trk/vZjIy8y6ajSis5Hhc="; pin-sha256="Ok5YY3wU3OgqPbkRzNxbfAzOwI7Tp5Zn8kk8EA31tk0="; report-uri="http://tools.euroland.com/tools/pkp-report/default.aspx"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 0F30 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tools.eurolandir.com
URL: https://tools.eurolandir.com/tools/common/google-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tools.eurolandir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1489
date: Wed, 29 Dec 2021 11:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 29 Dec 2021 13:01:06 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 0F30 35 B
194 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1707448695&t=pageview&_s=1&dl=https%3A%2F%2Ftools.eurolandir.com%2Ftools%2Fticker%2Fhtml%2F%3Fcompanycode%3Dsa-maaden%26v%3Dchart%26lang%3Den-gb&dr=https%3A%2F%2Fwww.maaden.com.sa%2F&ul=en-us&de=UTF-8&dt=Scrolling%20Ticker&sd=24-bit&sr=1600x1200&vp=380x560&je=0&_u=YGAAAAAB~&cid=380938725.1640777155&tid=UA-8527078-1&_gid=1217938283.1640777155&z=570298999

Requested by

Host: tools.eurolandir.com
URL: https://tools.eurolandir.com/tools/ticker/html/?companycode=sa-maaden&v=chart&lang=en-gb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tools.eurolandir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 22:17:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47301
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0F30 8 KB
1 KB 338ms
17ms Stylesheet
text/css 2a00:1450:4001:808::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700,800&display=swap

Requested by

Host: tools.eurolandir.com
URL: https://tools.eurolandir.com/tools/ticker/Solutions/ScrollingTicker/sa-maaden/style_chart.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

fd3f93f729909fd4b39390fbd69f6505503d7f9a0fab820907bd88c22f0853ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tools.eurolandir.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 11:01:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 29 Dec 2021 11:25:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Dec 2021 11:25:55 GMT

GET
H2 200 1f538.png
abs.twimg.com/emoji/v2/72x72/ Frame C4AC 268 B
655 B 136ms
10ms Image
image/png 2606:2800:233:8173:898f:63b3:95c3:79d2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://abs.twimg.com/emoji/v2/72x72/1f538.png

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:233:8173:898f:63b3:95c3:79d2 -, , ASN (),

Reverse DNS

Software

ECAcc (frc/8E93) /

Resource Hash

b6efffc79252b9bd83ad74dc95d36e33e8527c291ddd1243f984d2f5a6b3cf4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 11984432
x-ton-expected-size: 268
x-cache: HIT
content-length: 268
x-response-time: 15
surrogate-key: twitter-assets
last-modified: Mon, 13 Jul 2020 16:49:21 GMT
server: ECAcc (frc/8E93)
etag: "fXmtbZ4k1XlYLa/AS+ozdg=="
strict-transport-security: max-age=631138519
content-type: image/png
access-control-allow-origin: *
x-connection-hash: bd8a7973a2a6d0a317cbc16888638a22c89446feb2663e2ba4d633ec85e411e2
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
expires: Thu, 29 Dec 2022 11:25:55 GMT

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame C4AC 53 KB
12 KB 7ms
7ms Stylesheet
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 11:25:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 21:34:09 GMT
Server: ECS (frb/6796)
Age: 1695570
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame E1BC 53 KB
53 KB 8ms
7ms Image
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.maaden.com.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 29 Dec 2021 11:25:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 21:34:09 GMT
Server: ECS (frb/6796)
Age: 1695570
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Content-Length: 12144

GET
H2 200 Qk8DKYZq_normal.jpg
pbs.twimg.com/profile_images/1442795640879202305/ Frame C4AC 2 KB
2 KB 8ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1442795640879202305/Qk8DKYZq_normal.jpg

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/6712) /

Resource Hash

cee11c2444346fa1e964a55dee470661f331d5016442101ed8c260d1d962f960

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 90056
x-cache: HIT
content-length: 1883
x-response-time: 109
surrogate-key: profile_images profile_images/bucket/4 profile_images/1442795640879202305
last-modified: Tue, 28 Sep 2021 10:15:41 GMT
server: ECS (frb/6712)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 3e8124fc05bc6052e0b315e8219afdfe6b365fd097d7331203c961f2412a3906
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 o8_8lzdd_normal.jpg
pbs.twimg.com/profile_images/1230587285076398080/ Frame C4AC 2 KB
2 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1230587285076398080/o8_8lzdd_normal.jpg

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/6723) /

Resource Hash

6b28292ef3186abdc619b15424c2e657b83e0887f2fb8194930ab71adaf1e47a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 507803
x-cache: HIT
content-length: 2263
x-response-time: 121
surrogate-key: profile_images profile_images/bucket/6 profile_images/1230587285076398080
last-modified: Thu, 20 Feb 2020 20:15:26 GMT
server: ECS (frb/6723)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: a9a10c90b7fb96777735b4bd9930bf551943c668705a3713e59ed48c26a3301a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FHmAVPKWUAAwsn-
pbs.twimg.com/media/ Frame C4AC 10 KB
10 KB 8ms
7ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FHmAVPKWUAAwsn-?format=png&name=360x360

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/6776) /

Resource Hash

2b6c6cf25770f0eac4e2e79d825df120c0b1a1454591375b7be6ed4a6d1861af

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 188783
x-cache: HIT
content-length: 9838
x-response-time: 150
surrogate-key: media media/bucket/1 media/1475351455276093440
last-modified: Mon, 27 Dec 2021 06:20:52 GMT
server: ECS (frb/6776)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: bb5bc998c42b1dd3b1c86d381336cc7d679cd3a5738ff08079ae174b7d813683
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FGo1znqXIAM6nMS
pbs.twimg.com/media/ Frame C4AC 11 KB
11 KB 9ms
8ms Image
image/png 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FGo1znqXIAM6nMS?format=png&name=360x360

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/67A7) /

Resource Hash

a92afd0e0f4cbc31419048c68703864c887e15a4d6492e32825d40ff81efa7dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 7162
x-cache: HIT
content-length: 10926
x-response-time: 108
surrogate-key: media media/bucket/5 media/1471047389226147843
last-modified: Wed, 15 Dec 2021 09:18:02 GMT
server: ECS (frb/67A7)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: e504d029a5f2134be842e8853936df55a972a1cefdd6a3cf74d3db038c0e0918
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FGLBTaNWYAE6I1y
pbs.twimg.com/media/ Frame C4AC 13 KB
13 KB 10ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FGLBTaNWYAE6I1y?format=jpg&name=360x360

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/67BD) /

Resource Hash

4575ca7bde6308538b125b3a77db47cc535e02c05ea8461fa24cd3849e84d007

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 507414
x-cache: HIT
content-length: 13642
x-response-time: 113
surrogate-key: media media/bucket/1 media/1468948967673192449
last-modified: Thu, 09 Dec 2021 14:19:40 GMT
server: ECS (frb/67BD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b4e3428a9d12da9e0044584434f5582cf1e12d555bf0f8bc59f5a1912321c6ac
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FF8I7FyXEAoMnrB
pbs.twimg.com/media/ Frame C4AC 18 KB
18 KB 13ms
12ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FF8I7FyXEAoMnrB?format=jpg&name=360x360

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/675D) /

Resource Hash

d991c9ab56cd04ca8ff194b887b8c9253f07c09ee418814406ef18bd372adf1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 151839
x-cache: HIT
content-length: 18386
x-response-time: 119
surrogate-key: media media/bucket/1 media/1467901814804779018
last-modified: Mon, 06 Dec 2021 16:58:39 GMT
server: ECS (frb/675D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: d5a39494c427fde2ad3c629cfbd79e41011bec21f8687a446d4086b5faf112b2
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FHw63rMWYAQEeFv
pbs.twimg.com/media/ Frame C4AC 5 KB
6 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FHw63rMWYAQEeFv?format=jpg&name=240x240

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/668A) /

Resource Hash

951375666a98390acc9e5e7c9d95f85a6b357cf1a6e4f699595e603aabc90f47

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 7731
x-cache: HIT
content-length: 5526
x-response-time: 145
surrogate-key: media media/bucket/6 media/1476119506032418820
last-modified: Wed, 29 Dec 2021 09:12:49 GMT
server: ECS (frb/668A)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: fee939690a52d974165a9935088d6802c8ac16a454f3b142107434d9aa56025a
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FHw63rOXoAI25z1
pbs.twimg.com/media/ Frame C4AC 7 KB
7 KB 9ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FHw63rOXoAI25z1?format=jpg&name=240x240

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/675D) /

Resource Hash

7efca6079ba6bc4e6870ff976170fb2e53b79470eb9267d7abd15d45e7cc04ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 7730
x-cache: HIT
content-length: 6865
x-response-time: 131
surrogate-key: media media/bucket/8 media/1476119506040889346
last-modified: Wed, 29 Dec 2021 09:12:49 GMT
server: ECS (frb/675D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 1e484e56c006b3c1e5df42ce81f11cd5b147ad20c122cb647d254cad95506f4b
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FHw63rNWQAY_bZw
pbs.twimg.com/media/ Frame C4AC 8 KB
8 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FHw63rNWQAY_bZw?format=jpg&name=240x240

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/67F3) /

Resource Hash

f03597dc464d604cdd8a88ca0e5b27854ef12d635e1b12c8c85d5f6a7717b86a

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 7730
x-cache: HIT
content-length: 8446
x-response-time: 145
surrogate-key: media media/bucket/5 media/1476119506036604934
last-modified: Wed, 29 Dec 2021 09:12:49 GMT
server: ECS (frb/67F3)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: b9e5e316100294e6f22f93b21ee19ae433f9bec17e22e305bb201ce40c1c3771
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FHhC96CXsAILDzA
pbs.twimg.com/media/ Frame C4AC 17 KB
17 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FHhC96CXsAILDzA?format=jpg&name=240x240

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/674D) /

Resource Hash

514752f460d615ce989d517b58d1b763f8473b4271b713bf4cc07db181a35014

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 273694
x-cache: HIT
content-length: 17596
x-response-time: 292
surrogate-key: media media/bucket/8 media/1475002509282488322
last-modified: Sun, 26 Dec 2021 07:14:17 GMT
server: ECS (frb/674D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5a13b2a6687d20f56260e7f267e6942e52291f2dc5cf7a1dbaad2dc3d120bf67
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FHhDDY-WYAYBuyQ
pbs.twimg.com/media/ Frame C4AC 10 KB
10 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FHhDDY-WYAYBuyQ?format=jpg&name=240x240

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/67D3) /

Resource Hash

d1388360528955d23fabcd20af589e16f549184e38a491503b1cf7681d20b91f

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 273694
x-cache: HIT
content-length: 9741
x-response-time: 172
surrogate-key: media media/bucket/1 media/1475002603486470150
last-modified: Sun, 26 Dec 2021 07:14:39 GMT
server: ECS (frb/67D3)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 719783cf73200d6254931e9cc34f19430d7141b4851918086e9cff85d33f2797
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FHhlSofXsAEX4NT
pbs.twimg.com/media/ Frame C4AC 11 KB
11 KB 8ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FHhlSofXsAEX4NT?format=jpg&name=240x240

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/668D) /

Resource Hash

e41b6e6a5ad9d796ba41ddb086cc39aa48b55f0a448672a05cac8d143ac5853e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 264321
x-cache: HIT
content-length: 11083
x-response-time: 154
surrogate-key: media media/bucket/7 media/1475040248744882177
last-modified: Sun, 26 Dec 2021 09:44:14 GMT
server: ECS (frb/668D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 4f782f45fbaf319054b26d34f275338b8737cb61495501002bce97be3bf63c00
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FHhlSoeXIAUHICH
pbs.twimg.com/media/ Frame C4AC 8 KB
8 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FHhlSoeXIAUHICH?format=jpg&name=240x240

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/67DF) /

Resource Hash

22638b16e91b6e94efc88192e7b55ad6342157bc121004cfab2848f28632f8e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 264321
x-cache: HIT
content-length: 7750
x-response-time: 146
surrogate-key: media media/bucket/2 media/1475040248740651013
last-modified: Sun, 26 Dec 2021 09:44:14 GMT
server: ECS (frb/67DF)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: f76b2f90083820b37763f9eedd2a7c62641b1e7e34c89b5954aa4820cc70d377
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FHN69JzXoAASD5F
pbs.twimg.com/media/ Frame C4AC 9 KB
9 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FHN69JzXoAASD5F?format=jpg&name=240x240

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/674D) /

Resource Hash

97b64b53dc09778c150f50a4ccebf9854727c77aabab37cb4ef7cd48cd49fef1

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 594218
x-cache: HIT
content-length: 9412
x-response-time: 156
surrogate-key: media media/bucket/1 media/1473656694102269952
last-modified: Wed, 22 Dec 2021 14:06:29 GMT
server: ECS (frb/674D)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 39a77403ab32e898e5466396479f337ec838bf8ed6feebf9895c727367174209
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FHN69KcXwAAG6eE
pbs.twimg.com/media/ Frame C4AC 10 KB
10 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FHN69KcXwAAG6eE?format=jpg&name=240x240

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/6796) /

Resource Hash

2791a8bbe49e079324e802aa1ce0ae564be460e8a802f1a4d8b2d4c0e6b080b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 594905
x-cache: HIT
content-length: 10012
x-response-time: 156
surrogate-key: media media/bucket/2 media/1473656694274244608
last-modified: Wed, 22 Dec 2021 14:06:29 GMT
server: ECS (frb/6796)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 93e7c111455f3dd44aff4ddf0b3fc64f4baa23bd6e9cdcf39041ef12c6e78293
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FHN5aK7XIAI2Kzo
pbs.twimg.com/media/ Frame C4AC 9 KB
9 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FHN5aK7XIAI2Kzo?format=jpg&name=240x240

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/67BD) /

Resource Hash

ad8376b18f699cbfe2f2bee6df3eff7c042c96e7b554678aaee34d3c6598dda5

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 595106
x-cache: HIT
content-length: 9550
x-response-time: 151
surrogate-key: media media/bucket/2 media/1473654993597177858
last-modified: Wed, 22 Dec 2021 13:59:44 GMT
server: ECS (frb/67BD)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 93d1607e960efab090ee633f8cfc340da42d70aa29768891ce0f2bbcd67e1fdd
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FHN5aLBXsAIilHR
pbs.twimg.com/media/ Frame C4AC 9 KB
9 KB 7ms
6ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FHN5aLBXsAIilHR?format=jpg&name=240x240

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/67C1) /

Resource Hash

2b37fc5e32fe8bbb4592215f156852b3753d602ed6106a525d97adf734573eee

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 595106
x-cache: HIT
content-length: 8729
x-response-time: 165
surrogate-key: media media/bucket/1 media/1473654993622380546
last-modified: Wed, 22 Dec 2021 13:59:44 GMT
server: ECS (frb/67C1)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: ba14451fe75031551fafad3e9fcf420e8e99e14dc67df98288410b9ef650d860
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FGLA_tNUYAcXEQE
pbs.twimg.com/media/ Frame C4AC 9 KB
9 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FGLA_tNUYAcXEQE?format=jpg&name=240x240

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/67D5) /

Resource Hash

d11b84cf997735ecfbce428eca1365174daaaa9936e493c1589a5baadf2e11e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 507414
x-cache: HIT
content-length: 9245
x-response-time: 109
surrogate-key: media media/bucket/7 media/1468948629175951367
last-modified: Thu, 09 Dec 2021 14:18:19 GMT
server: ECS (frb/67D5)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 94d1d0bc6ea94bec54935fbad484c58318194ddf98390120b07a2392a6509077
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FGLA_srXMAMzIgl
pbs.twimg.com/media/ Frame C4AC 10 KB
10 KB 9ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FGLA_srXMAMzIgl?format=jpg&name=240x240

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/6731) /

Resource Hash

f8b006d9e9797ce6b5a7a9cee3d72b6b28251315463f0c438291d407f2d51dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 507414
x-cache: HIT
content-length: 10539
x-response-time: 108
surrogate-key: media media/bucket/5 media/1468948629033529347
last-modified: Thu, 09 Dec 2021 14:18:19 GMT
server: ECS (frb/6731)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: c76cded8473dc12a4986c205bb6822500b7dc5b780c66b698c72e09f21a1345c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FF_RoKlWUAQh9JT
pbs.twimg.com/media/ Frame C4AC 10 KB
10 KB 8ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FF_RoKlWUAQh9JT?format=jpg&name=240x240

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/67A7) /

Resource Hash

155fc80933f48e5c996b2a24d3a56c8223333ba91982a0ae18c1827188fba8dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 99839
x-cache: HIT
content-length: 10368
x-response-time: 112
surrogate-key: media media/bucket/9 media/1468122491512049668
last-modified: Tue, 07 Dec 2021 07:35:33 GMT
server: ECS (frb/67A7)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 88048f5779a395d303f3add52984647c16645ba546042f43e062db396ecb649c
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FF_RoKyWUAECmJe
pbs.twimg.com/media/ Frame C4AC 9 KB
10 KB 9ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FF_RoKyWUAECmJe?format=jpg&name=240x240

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/67E2) /

Resource Hash

ed3c14939dc95dab473ea8bbc68affe0b6409f57f4d8697ec7003358c1ce9c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 99839
x-cache: HIT
content-length: 9525
x-response-time: 118
surrogate-key: media media/bucket/8 media/1468122491566575617
last-modified: Tue, 07 Dec 2021 07:35:33 GMT
server: ECS (frb/67E2)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 89b7cc083eb25ebee09b14bf4ac4dcbcbaa14f515aaa9fbc3efd2a58723c5f9d
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FF_RoK3WQAM5gYL
pbs.twimg.com/media/ Frame C4AC 11 KB
12 KB 8ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FF_RoK3WQAM5gYL?format=jpg&name=240x240

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/6794) /

Resource Hash

cdc0eec2778afaae916be95ec20ec82eba9797cc197d253131a964d3de5ea3db

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 99839
x-cache: HIT
content-length: 11726
x-response-time: 115
surrogate-key: media media/bucket/1 media/1468122491587543043
last-modified: Tue, 07 Dec 2021 07:35:33 GMT
server: ECS (frb/6794)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 863504775cc07b2369dce30d843da593e610e9fdc95060e52fdfa5c97bbbf8f4
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 FF_RoKwWUAcX04M
pbs.twimg.com/media/ Frame C4AC 9 KB
9 KB 7ms
7ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/media/FF_RoKwWUAcX04M?format=jpg&name=240x240

Requested by

Host: www.maaden.com.sa
URL: https://www.maaden.com.sa/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 -, , ASN (),

Reverse DNS

Software

ECS (frb/6752) /

Resource Hash

9523de080ff6a521cd429c90c7a9dcb4e0e67eb94b306d5948de8f764856d2d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 11:25:55 GMT
x-content-type-options: nosniff
age: 99839
x-cache: HIT
content-length: 9407
x-response-time: 114
surrogate-key: media media/bucket/6 media/1468122491558187015
last-modified: Tue, 07 Dec 2021 07:35:33 GMT
server: ECS (frb/6752)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 05349611081686100bda6ece1d4e8c21d7dccda881ce363ce1ec6e3bf5563f00
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
DATA 200
OK truncated
/ Frame C4AC 512 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame C4AC 825 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame C4AC 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame C4AC 572 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame C4AC 644 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ Frame C4AC 739 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 / Show response
tools.eurolandir.com/tools/ticker/Scrolling/GetInstrumentData/ Frame 0F30 424 B
842 B 42ms
42ms XHR
text/html 2001:ad0:1000:1004::149
CITIC CITIC Telec...

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.eurolandir.com/tools/ticker/Scrolling/GetInstrumentData/?sid=0.42832042421525185&instrumentID=89132&lang=en-GB&decimalMarket=.&thousandGroupMarker=%2C&timeZone=Arab%20Standard%20Time&defaultNumberFormat=%23%2C%23%230.00&companycode=sa-maaden&getCleanData=false&v=chart

Requested by

Host: tools.eurolandir.com
URL: https://tools.eurolandir.com/tools/ticker/bundles/static.js?v=AohY-4ojSuWtHMp2cKt5bi2dDeg8adi-nhBmITC4brY1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:ad0:1000:1004::149 , Netherlands, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),

Reverse DNS

Software

Resource Hash

6fd17637a182ebf720cca52870b6c2803bd6b5d34cd00c2457d1ef40eda77e5a

Security Headers

Name	Value
Public-Key-Pins	max-age=30; pin-sha256="/+IEr3O32RTitEm7vaWdIjdE1/ln2DYs4CyT5wBB2qc="; pin-sha256="J44drAHqhdb4p5IHsd1cT/Trk/vZjIy8y6ajSis5Hhc="; pin-sha256="Ok5YY3wU3OgqPbkRzNxbfAzOwI7Tp5Zn8kk8EA31tk0="; report-uri="http://tools.euroland.com/tools/pkp-report/default.aspx"
Strict-Transport-Security	max-age=15552000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tools.eurolandir.com/tools/ticker/html/?companycode=sa-maaden&v=chart&lang=en-gb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 11:25:36 GMT
date: Wed, 29 Dec 2021 11:25:54 GMT
vary: *
content-type: text/html; charset=utf-8
cache-control: public, max-age=10
content-length: 334
x-xss-protection: 1; mode=block
public-key-pins: max-age=30; pin-sha256="/+IEr3O32RTitEm7vaWdIjdE1/ln2DYs4CyT5wBB2qc="; pin-sha256="J44drAHqhdb4p5IHsd1cT/Trk/vZjIy8y6ajSis5Hhc="; pin-sha256="Ok5YY3wU3OgqPbkRzNxbfAzOwI7Tp5Zn8kk8EA31tk0="; report-uri="http://tools.euroland.com/tools/pkp-report/default.aspx"
expires: Wed, 29 Dec 2021 11:26:06 GMT

GET
H2 200 / Show response
tools.eurolandir.com/tools/ticker/Scrolling/GetInstrumentData/ Frame 0F30 310 B
772 B 41ms
41ms XHR
text/html 2001:ad0:1000:1004::149
CITIC CITIC Telec...

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.eurolandir.com/tools/ticker/Scrolling/GetInstrumentData/?sid=0.07894679256573589&instrumentID=990203&lang=en-GB&decimalMarket=.&thousandGroupMarker=%2C&timeZone=Arab%20Standard%20Time&defaultNumberFormat=%23%2C%23%230.00&companycode=sa-maaden&getCleanData=false&v=chart

Requested by

Host: tools.eurolandir.com
URL: https://tools.eurolandir.com/tools/ticker/bundles/static.js?v=AohY-4ojSuWtHMp2cKt5bi2dDeg8adi-nhBmITC4brY1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:ad0:1000:1004::149 , Netherlands, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),

Reverse DNS

Software

Resource Hash

8407a01ce391d3706f10296b7153377d27aaa12afe7d4baed935d191ac02b806

Security Headers

Name	Value
Public-Key-Pins	max-age=30; pin-sha256="/+IEr3O32RTitEm7vaWdIjdE1/ln2DYs4CyT5wBB2qc="; pin-sha256="J44drAHqhdb4p5IHsd1cT/Trk/vZjIy8y6ajSis5Hhc="; pin-sha256="Ok5YY3wU3OgqPbkRzNxbfAzOwI7Tp5Zn8kk8EA31tk0="; report-uri="http://tools.euroland.com/tools/pkp-report/default.aspx"
Strict-Transport-Security	max-age=15552000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tools.eurolandir.com/tools/ticker/html/?companycode=sa-maaden&v=chart&lang=en-gb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 11:25:55 GMT
date: Wed, 29 Dec 2021 11:25:55 GMT
vary: *
content-type: text/html; charset=utf-8
cache-control: public, max-age=30
content-length: 264
x-xss-protection: 1; mode=block
public-key-pins: max-age=30; pin-sha256="/+IEr3O32RTitEm7vaWdIjdE1/ln2DYs4CyT5wBB2qc="; pin-sha256="J44drAHqhdb4p5IHsd1cT/Trk/vZjIy8y6ajSis5Hhc="; pin-sha256="Ok5YY3wU3OgqPbkRzNxbfAzOwI7Tp5Zn8kk8EA31tk0="; report-uri="http://tools.euroland.com/tools/pkp-report/default.aspx"
expires: Wed, 29 Dec 2021 11:26:25 GMT

GET
H2 200 / Show response
tools.eurolandir.com/tools/ticker/Scrolling/GetInstrumentData/ Frame 0F30 313 B
785 B 40ms
40ms XHR
text/html 2001:ad0:1000:1004::149
CITIC CITIC Telec...

General

Check archive.org

Show headers Download Go to

Full URL

https://tools.eurolandir.com/tools/ticker/Scrolling/GetInstrumentData/?sid=0.08411901262909671&instrumentID=990008&lang=en-GB&decimalMarket=.&thousandGroupMarker=%2C&timeZone=Arab%20Standard%20Time&defaultNumberFormat=%23%2C%23%230.00&companycode=sa-maaden&getCleanData=false&v=chart

Requested by

Host: tools.eurolandir.com
URL: https://tools.eurolandir.com/tools/ticker/bundles/static.js?v=AohY-4ojSuWtHMp2cKt5bi2dDeg8adi-nhBmITC4brY1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:ad0:1000:1004::149 , Netherlands, ASN3327 (CITIC CITIC Telecom CPC Netherlands B.V., NL),

Reverse DNS

Software

Resource Hash

47f1a25aad7646e608c06d89d7423f7021b878deeaa25102d72fffc50313b2b2

Security Headers

Name	Value
Public-Key-Pins	max-age=30; pin-sha256="/+IEr3O32RTitEm7vaWdIjdE1/ln2DYs4CyT5wBB2qc="; pin-sha256="J44drAHqhdb4p5IHsd1cT/Trk/vZjIy8y6ajSis5Hhc="; pin-sha256="Ok5YY3wU3OgqPbkRzNxbfAzOwI7Tp5Zn8kk8EA31tk0="; report-uri="http://tools.euroland.com/tools/pkp-report/default.aspx"
Strict-Transport-Security	max-age=15552000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tools.eurolandir.com/tools/ticker/html/?companycode=sa-maaden&v=chart&lang=en-gb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 11:25:45 GMT
date: Wed, 29 Dec 2021 11:25:54 GMT
vary: *
content-type: text/html; charset=utf-8
cache-control: public, max-age=19
content-length: 277
x-xss-protection: 1; mode=block
public-key-pins: max-age=30; pin-sha256="/+IEr3O32RTitEm7vaWdIjdE1/ln2DYs4CyT5wBB2qc="; pin-sha256="J44drAHqhdb4p5IHsd1cT/Trk/vZjIy8y6ajSis5Hhc="; pin-sha256="Ok5YY3wU3OgqPbkRzNxbfAzOwI7Tp5Zn8kk8EA31tk0="; report-uri="http://tools.euroland.com/tools/pkp-report/default.aspx"
expires: Wed, 29 Dec 2021 11:26:15 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 0F30 44 KB
44 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:810::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://tools.eurolandir.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 00:14:34 GMT
x-content-type-options: nosniff
age: 40281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Dec 2022 00:14:34 GMT

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame 0C6D
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
572 B

7ms
7ms

Document
text/html

2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6752) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.maaden.com.sa
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1695570
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 29 Dec 2021 11:25:56 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Thu, 02 Dec 2021 21:35:27 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6752)
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Wed, 29 Dec 2021 11:25:56 GMT
pragma: no-cache
server: tsa_o
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Wed, 29 Dec 2021 11:25:56 GMT
x-transaction: f5136f3370081ec1
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-response-time: 117
x-connection-hash: 6529012a2f403461ea923aec7b4fa496781390d4135d955422318679b65532d4

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer) Maaden (Extraction)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.samsung.com/	1970-02-13 20:17:40	Name: uuid230 Value: 97a78f19-62dd-4403-a98e-fc0be55fbd21
.samsung.com/	1969-12-31 23:59:59	Name: nlid Value: dbbbab32\|71b0ad58
frontier9.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: fd5779b14c97ab81988f7e584c818d8a
.login.live.com/	1969-12-31 23:59:59	Name: uaid Value: a53949cc7ff84ab29df90a4d29ee6fc6
.login.live.com/	1969-12-31 23:59:59	Name: MSPRequ Value: id=N&lt=1640777153&co=2

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://biannualreport.web.app/sudairikq0Hmaad9yWna7XB8xr7Pma7Xsa Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.maaden.com.sa/ Message: The Content-Security-Policy directive name 'Content-Security-Policy:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
other	error	URL: https://www.maaden.com.sa/ Message: Invalid 'X-Frame-Options' header encountered when loading 'https://www.maaden.com.sa/': 'allow-from https://onedrive.live.com/' is not a recognized directive. The header will be ignored.
security	error	URL: about:blank Message: The Content-Security-Policy directive name 'Content-Security-Policy:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://platform.twitter.com/widgets.js(Line 7) Message: The Content-Security-Policy directive name 'Content-Security-Policy:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://platform.twitter.com/widgets.js(Line 7) Message: The Content-Security-Policy directive name 'Content-Security-Policy:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://platform.twitter.com/widgets.js(Line 7) Message: The Content-Security-Policy directive name 'Content-Security-Policy:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://platform.twitter.com/widgets.js(Line 7) Message: The Content-Security-Policy directive name 'Content-Security-Policy:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://platform.twitter.com/widgets.js(Line 7) Message: The Content-Security-Policy directive name 'Content-Security-Policy:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://platform.twitter.com/widgets.js(Line 7) Message: The Content-Security-Policy directive name 'Content-Security-Policy:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://platform.twitter.com/widgets.js(Line 7) Message: The Content-Security-Policy directive name 'Content-Security-Policy:' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msftauth.net
abs.twimg.com
ajax.googleapis.com
biannualreport.web.app
cdn.syndication.twimg.com
fonts.googleapis.com
fonts.gstatic.com
frontier9.net
login.live.com
pbs.twimg.com
platform.twitter.com
syndication.twitter.com
t.m1.email.samsung.com
themoo.com.au
tools.eurolandir.com
www.google-analytics.com
www.maaden.com.sa
104.244.42.8
112.140.180.26
152.199.23.37
183.90.240.6
2001:ad0:1000:1004::149
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:233:8173:898f:63b3:95c3:79d2
2606:2800:234:46c:e8b:1e2f:2bd:694
2620:0:890::100
2a00:1450:4001:808::200a
2a00:1450:4001:810::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200a
3.248.73.173
40.126.31.1
95.177.161.119
0140da8c4170309baa728814f96185de2c71bb6a9101d51cb040ece949aa3128
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
155fc80933f48e5c996b2a24d3a56c8223333ba91982a0ae18c1827188fba8dc
166ee9aa1b033f622a370b6b3ff26391fe6642c08774149cf4d7cf05712f2003
185299c7bbad12f5889b5e7f1c094ee48d193ea90c0d76cc1149ac422a641db2
195e8e91bc727766f427243d4cfb79cdc873639991600bf99e9d2cab5cad77c8
19b445a350f479e5c8ae8be1db12af936a2371c9e878f3737fd15578d33c2102
22638b16e91b6e94efc88192e7b55ad6342157bc121004cfab2848f28632f8e0
235b558b77ab36f63c1439a68ac2410aaf8f42f7b9c93c0bfdc9af662abab8b6
2791a8bbe49e079324e802aa1ce0ae564be460e8a802f1a4d8b2d4c0e6b080b4
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b37fc5e32fe8bbb4592215f156852b3753d602ed6106a525d97adf734573eee
2b3df4d53882fba74216d365e7344c782145f2faf8e08a2d69c548f5fbc7fbf5
2b6c6cf25770f0eac4e2e79d825df120c0b1a1454591375b7be6ed4a6d1861af
2be8da887b8864b4c477beaa292da4d74bb2230448b2764837a6c03171a06d57
2d1da5bd4581daf6f40c60f79be15566ee2ddab9790219fa06b842200cdade3f
313d654df7b404dab5fece0ef3c3b099026154341fb652c2fd10163197d058ca
33b5c679b3572f3943c69a4c8cf73ff42be671e080f20c8501c2f67e1d2e95f9
343f5807a9176425f4352530c658e5f1637a44357cdee98ac2849b8dc3fb27f0
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
3817f984cf770e60c935d0c2ad7d5934684c242f8aa7b2d5907667cf4322bb57
42ecd6904f43af4e6cef62ddbeffa7b2b0b6c8ec5080a3e1deec4576f4294859
44ccd6cc65a97a118c7463379a667cbc7233f06a1b275cbe072a9f93f479d935
45055babdbc02ea34c7baa53f33fc68389c4c5f73afe0bfafd6c9bc5733399bc
4575ca7bde6308538b125b3a77db47cc535e02c05ea8461fa24cd3849e84d007
47f1a25aad7646e608c06d89d7423f7021b878deeaa25102d72fffc50313b2b2
4a4852ed5fd5c51a616f8f3e010b0c0062fed16235d896ada293cb67cb683f81
4ed07f590bdfa9aa775dbfdef617d98e1e972d102d4289c7a68d3bd9118c280b
5092e13d7c208739967037886286b176bb8b905ad535597c8956a08338f4fc1e
514752f460d615ce989d517b58d1b763f8473b4271b713bf4cc07db181a35014
52ff41341b9cbc23e2a4a436352f706292668bc0d33847d303f9c7d9aa0900bc
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
59da4e1eaa393ebc3b6c00ca55c9f3ac27cdfdd1232d320be916f3b4371d650c
5e765ad0170ac9af1992f3cd307ed594e27bf3c4c9dfcdec3ee55bb553af0607
6081e5ab192226d10d4ccbb32070bd11f65a079467886afb905ee3b9440952e7
6b28292ef3186abdc619b15424c2e657b83e0887f2fb8194930ab71adaf1e47a
6fd17637a182ebf720cca52870b6c2803bd6b5d34cd00c2457d1ef40eda77e5a
6ff59621dfad4311fec3b0e70bdb2499889d27fae5a10efd724afad31ebed5ef
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
7cb7621f3eb49c78b89d119106cf42981a3075da154dc96af6ca24f8f68c6f53
7efca6079ba6bc4e6870ff976170fb2e53b79470eb9267d7abd15d45e7cc04ef
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8407a01ce391d3706f10296b7153377d27aaa12afe7d4baed935d191ac02b806
888bc5618973079f4a157c8c94b0afe382e7e957306429c5880e032c83fb8e0c
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88b3795f97ee469c9e30430b54d35c11cdf28c96e3e71d0122e37e6bf025c0b8
88c0e0bb82ed1d7d6480e195bf6c93663d30edbaee3f70a44e7f9910b0c8655e
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8b017eeb763047d888a766f14dcafcb59e1d8f3903ae2272887f6f08c8ee615b
8b6a3b17737161e5fe8c29e401372a94b8e650226cf0cd17b4c3c4de5b380b11
90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88
951375666a98390acc9e5e7c9d95f85a6b357cf1a6e4f699595e603aabc90f47
9523de080ff6a521cd429c90c7a9dcb4e0e67eb94b306d5948de8f764856d2d3
96498dca8406f443190be478eb86c29b3d0bfe9d457f4527381e6d7eca908cc6
96edb024e8ef83e0749a33a00dbb548dd544c51035493f02f95d6e8b8fd4ebaf
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46
97b64b53dc09778c150f50a4ccebf9854727c77aabab37cb4ef7cd48cd49fef1
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a423ac7e2310bc44a1defeb1f6df180cab8a59442e7f41d093f21649fcc86e69
a92afd0e0f4cbc31419048c68703864c887e15a4d6492e32825d40ff81efa7dc
ad8376b18f699cbfe2f2bee6df3eff7c042c96e7b554678aaee34d3c6598dda5
b307c4ae27381c0bc19983833f7bc324bb100468b4f22bdd7594b179c836aa4a
b3bc188ffa450c649d95d661372fddb6bbdf17e7d63578d499ab98b984da8381
b6efffc79252b9bd83ad74dc95d36e33e8527c291ddd1243f984d2f5a6b3cf4e
bc70eba09ffb27e6b7112c7cfd9078beaafdbba1de31459fb8ac3e70dd9bfc64
c127cabd70eefc02c097fcaf3f150206021162b8f34ca58f805390e7a38862c9
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
cdc0eec2778afaae916be95ec20ec82eba9797cc197d253131a964d3de5ea3db
ce768e83be373f5303ce3117cba6e60874a328c5fb740fb4dbc14989105e0a0d
cee11c2444346fa1e964a55dee470661f331d5016442101ed8c260d1d962f960
d11b84cf997735ecfbce428eca1365174daaaa9936e493c1589a5baadf2e11e4
d1388360528955d23fabcd20af589e16f549184e38a491503b1cf7681d20b91f
d991c9ab56cd04ca8ff194b887b8c9253f07c09ee418814406ef18bd372adf1d
de8383d06a56f08749ed99ad3d43911fe88072a79e9148e2d1dead390f64893f
ded16b9cb72df85ea242aaef8878c716abb57c746f0bfda6eabd2b9ddb2a23b5
df8cf0922b5beb9f2a2033837a5a0253e9e8a70b629aea2bf843137c49731bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41b6e6a5ad9d796ba41ddb086cc39aa48b55f0a448672a05cac8d143ac5853e
e79c6540723d72d53b8588e6f317cf18a81fb7ccd52dea2f6a34385659ab0f08
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06
e9b270d2a6af5d01dd798963a97d66ce020da7501b55c0239c0b5d7c1d5d2375
eb5f2c3557023f9aebd1315f78deceb2f5852d3680124fe1e96effc075df3170
ed3c14939dc95dab473ea8bbc68affe0b6409f57f4d8697ec7003358c1ce9c56
eddfb285df91d818926b2f8ec64c71be82e0ea4f21ca9f63f5b0bc5dbcd75b0b
f03597dc464d604cdd8a88ca0e5b27854ef12d635e1b12c8c85d5f6a7717b86a
f2dda70514ce03ef800977822fd71303afb4c580503a926378d18af396d56f21
f74deb516d3aca0aad48b0127ae3d711341d0e16c9ee90ea7b5ef895927f0045
f8b006d9e9797ce6b5a7a9cee3d72b6b28251315463f0c438291d407f2d51dad
fd3f93f729909fd4b39390fbd69f6505503d7f9a0fab820907bd88c22f0853ca

frontier9.net Open in urlscan Pro 183.90.240.6 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

94 Requests

99 %HTTPS

56 %IPv6

13 Domains

17 Subdomains

15 IPs

7 Countries

2456 kBTransfer

3812 kBSize

5 Cookies

3 Outgoing links

Page URL History

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

frontier9.net Open in urlscan Pro
183.90.240.6 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

99 %
HTTPS

56 %
IPv6

13
Domains

17
Subdomains

15
IPs

7
Countries

2456 kB
Transfer

3812 kB
Size

5
Cookies

94 HTTP transactions
8 data transactions