donations.sa Open in urlscan Pro
207.127.96.77 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://donations.sa/project/877
Effective URL:
https://donations.sa/project/877
Submission: On September 20 via api (September 20th 2023, 10:39:23 pm UTC) from SA — Scanned from DE

Summary HTTP 124 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 20 domains to perform 124 HTTP transactions. The main IP is 207.127.96.77, located in Eastern Province, Saudi Arabia and belongs to ORACLE-BMC-31898, US. The main domain is donations.sa.
TLS certificate: Issued by R3 on August 20th 2023. Valid for: 3 months.

This is the only time donations.sa was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 59	207.127.96.77 207.127.96.77	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	108.156.60.58 108.156.60.58	16509 (AMAZON-02) (AMAZON-02)
8	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	13.227.219.3 13.227.219.3	16509 (AMAZON-02) (AMAZON-02)
1	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
2	54.192.87.248 54.192.87.248	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	18.66.112.79 18.66.112.79	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
6	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1 3	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	134.70.100.3 134.70.100.3	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
124	24

59 207.127.96.77 (Eastern Province, Saudi Arabia) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

donations.sa	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.donations.sa	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.60.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-58.ams1.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-3.ams54.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.192.87.248 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-87-248.ams50.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-79.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

donation-support.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 134.70.100.3 (Eastern Province, Saudi Arabia)

ASN31898 (ORACLE-BMC-31898, US)

axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	donations.sa 1 redirects donations.sa api.donations.sa	1 MB
10	oraclecloud.com axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com	1 MB
9	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 3606 ekr.zdassets.com — Cisco Umbrella Rank: 4366	225 KB
6	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 955	1 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 96 region1.google-analytics.com — Cisco Umbrella Rank: 1878	42 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 111	401 KB
4	zendesk.com donation-support.zendesk.com	2 KB
4	google.de www.google.de — Cisco Umbrella Rank: 3974	686 B
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads.g.doubleclick.net — Cisco Umbrella Rank: 66	2 KB
4	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2225 www.google.com — Cisco Umbrella Rank: 11	2 KB
3	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 109	722 B
2	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1078	30 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 229	168 KB
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 1100	33 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1261 script.hotjar.com — Cisco Umbrella Rank: 1629	60 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 1065	726 B
1	t.co t.co — Cisco Umbrella Rank: 707	378 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 178	2 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 3977	258 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 113	1021 B
124	20

	Domain	Requested by
46	donations.sa	1 redirects donations.sa
13	api.donations.sa	donations.sa
10	axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com
8	static.zdassets.com	donations.sa static.zdassets.com
6	tr.snapchat.com	sc-static.net
5	www.googletagmanager.com	donations.sa www.googletagmanager.com www.google-analytics.com
4	donation-support.zendesk.com	static.zdassets.com
4	www.google.de
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.facebook.com	1 redirects
3	www.google.com	1 redirects
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	static.ads-twitter.com	donations.sa www.googletagmanager.com
2	connect.facebook.net	donations.sa connect.facebook.net
2	sc-static.net	donations.sa www.googletagmanager.com
1	googleads.g.doubleclick.net	1 redirects
1	analytics.twitter.com
1	t.co
1	www.googleadservices.com	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	vc.hotjar.io	script.hotjar.com
1	ekr.zdassets.com	static.zdassets.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	donations.sa
1	fonts.googleapis.com	donations.sa
124	26

This site contains links to these domains. Also see Links.

Domain
wa.link
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
donations.sa R3	`2023-08-20` - `2023-11-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
zdassets.com Cloudflare Inc ECC CA-3	`2022-11-10` - `2023-11-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-07` - `2023-09-28`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-04` - `2023-11-27`	3 months	crt.sh
donation-support.zendesk.com Cloudflare Inc ECC CA-3	`2022-10-21` - `2023-10-21`	a year	crt.sh
*.compat.objectstorage.me-jeddah-1.oraclecloud.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-31` - `2024-08-31`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://donations.sa/project/877
Frame ID: 9791EC1EEA97048C1AE5187B96A76869
Requests: 105 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js
Frame ID: C004AA605A22B687718FB061127AC8BE
Requests: 10 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=26ea1b98-9a08-47c1-a040-a7156b886142&u_scsid=877e3b58-625a-4bda-91c7-1e8298a1f68c&u_sclid=cad8a12b-0979-4d78-871b-eead961d1bfe
Frame ID: 94E394E6430B0DCF5B9362C661A1FC69
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

المنصة الوطنية للتبرعات | تبرع

Page URL History Show full URLs

http://donations.sa/project/877 HTTP 301
https://donations.sa/project/877 Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

124
Requests

98 %
HTTPS

42 %
IPv6

20
Domains

26
Subdomains

24
IPs

5
Countries

3406 kB
Transfer

6374 kB
Size

23
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://wa.link/7syi15

Search URL Search Domain Scan URL

URL: https://twitter.com/DonationsSA

Search URL Search Domain Scan URL

URL: https://www.instagram.com/DonationsSA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://donations.sa/project/877 HTTP 301
https://donations.sa/project/877 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/340932350/?random=672382582&cv=11&fst=1695249556710&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonations.sa%2Fproject%2F877&label=70SVCOzusaYYEP7tyKIB&hn=www.googleadservices.com&frm=0&tiba=%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9&value=0&auid=975538381.1695249557&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=lHQLZfeSMqWYlQfJ87SADA&sscte=1&crd=&eitems=ChAI8LCqqAYQtI6Fo7_Yl9Q1Eh0Aj_HEt3F3AsADUE0xyBbcOJatLoaqihBGfz8LRQ&pscrd=EkxDaEFJOExDcXFBWVFtX25kaW9UWjlib2VFaVVBQ3VPbWtjM2JnQ0loRm54eGxwUzczVDg3anVlSFRVdFk5NXBXLVlTYkVNRG5jQWxuGldDaEFJOExDcXFBWVF4S0xpNlB5dzFZa2hFaTBBNFVGZEE1ZDhMNUluR3RXLWZJeXd6YkRyN3lFdC1NanlKN21mSnZlYVBMM2llNTkyNjdRMW5SZzRYQk0iEwj3rI_doLqBAxUlTOUKHck5DcA HTTP 302
https://www.google.com/pagead/1p-conversion/340932350/?random=672382582&cv=11&fst=1695249556710&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonations.sa%2Fproject%2F877&label=70SVCOzusaYYEP7tyKIB&hn=www.googleadservices.com&frm=0&tiba=%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9&value=0&auid=975538381.1695249557&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOExDcXFBWVFtX25kaW9UWjlib2VFaVVBQ3VPbWtjM2JnQ0loRm54eGxwUzczVDg3anVlSFRVdFk5NXBXLVlTYkVNRG5jQWxuGldDaEFJOExDcXFBWVF4S0xpNlB5dzFZa2hFaTBBNFVGZEE1ZDhMNUluR3RXLWZJeXd6YkRyN3lFdC1NanlKN21mSnZlYVBMM2llNTkyNjdRMW5SZzRYQk0iEwj3rI_doLqBAxUlTOUKHck5DcA&is_vtc=1&ocp_id=lHQLZfeSMqWYlQfJ87SADA&eitems=ChAI8LCqqAYQtI6Fo7_Yl9Q1Eh0Aj_HEtyM07ngs7Kd3UiDnEWsQIQ-IS0V4aA5TRQ&random=161104440 HTTP 302
https://www.google.de/pagead/1p-conversion/340932350/?random=672382582&cv=11&fst=1695249556710&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonations.sa%2Fproject%2F877&label=70SVCOzusaYYEP7tyKIB&hn=www.googleadservices.com&frm=0&tiba=%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9&value=0&auid=975538381.1695249557&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOExDcXFBWVFtX25kaW9UWjlib2VFaVVBQ3VPbWtjM2JnQ0loRm54eGxwUzczVDg3anVlSFRVdFk5NXBXLVlTYkVNRG5jQWxuGldDaEFJOExDcXFBWVF4S0xpNlB5dzFZa2hFaTBBNFVGZEE1ZDhMNUluR3RXLWZJeXd6YkRyN3lFdC1NanlKN21mSnZlYVBMM2llNTkyNjdRMW5SZzRYQk0iEwj3rI_doLqBAxUlTOUKHck5DcA&is_vtc=1&ocp_id=lHQLZfeSMqWYlQfJ87SADA&eitems=ChAI8LCqqAYQtI6Fo7_Yl9Q1Eh0Aj_HEtyM07ngs7Kd3UiDnEWsQIQ-IS0V4aA5TRQ&random=161104440&ipr=y

Request Chain 121

https://www.facebook.com/tr/?id=984362182168626&ev=Microdata&dl=https%3A%2F%2Fdonations.sa%2Fproject%2F877&rl=&if=false&ts=1695249558302&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.127&r=stable&ec=1&o=30&fbp=fb.1.1695249556796.1527424496&it=1695249556639&coo=false&es=automatic&tm=3&rqm=GET HTTP 302
https://www.facebook.com/tr/?cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&coo=false&dl=https%3A%2F%2Fdonations.sa%2Fproject%2F877&ec=1&es=automatic&ev=Microdata&fbp=fb.1.1695249556796.1527424496&id=984362182168626&if=false&it=1695249556639&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&tm=3&ts=1695249558302&v=2.9.127

124 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 877 Show response
donations.sa/project/
Redirect Chain

http://donations.sa/project/877
https://donations.sa/project/877

1 KB
934 B

332ms
106ms

Document
text/html

207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/project/877
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 045e45e82a5c14f5a72cba62a7f11e0a82ca77d438367a3bc98a698ca0b05759

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
etag: W/"64c391af-5ee"
last-modified: Fri, 28 Jul 2023 10:00:15 GMT

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Wed, 20 Sep 2023 22:39:14 GMT
Location: https://donations.sa/project/877
Server: nginx

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1021 B 90ms
33ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Manrope:wght@400;600&display=swap

Requested by

Host: donations.sa
URL: https://donations.sa/project/877

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d916586dfc524ef2bd907065a2f066dbe4994b52d2bff4533878f0095a2c593

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 20 Sep 2023 22:39:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 21:34:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 20 Sep 2023 22:39:15 GMT

GET
H2 200 chunk-vendors.e40f9d3a.js Show response
donations.sa/js/ 73 KB
30 KB 209ms
208ms Script
application/javascript 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/js/chunk-vendors.e40f9d3a.js
Requested by: Host: donations.sa
URL: https://donations.sa/project/877
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 506bf502727bf7f6d04e2d89644915ca02e9be653639c9a8a99f650484e7c816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

cache-control: no-store, no-cache
content-encoding: gzip
last-modified: Wednesday, 20-Sep-2023 22:39:15 GMT
content-type: application/javascript

GET
H2 200 app.9b7437fb.js Show response
donations.sa/js/ 17 KB
7 KB 102ms
101ms Script
application/javascript 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/js/app.9b7437fb.js
Requested by: Host: donations.sa
URL: https://donations.sa/project/877
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 061d8e496ea41b0008863b88049740079dbdad9bf3c31781f7a5fc624323007a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

cache-control: no-store, no-cache
content-encoding: gzip
last-modified: Wednesday, 20-Sep-2023 22:39:15 GMT
content-type: application/javascript

GET
H2 200 config.json Show response
donations.sa/ 698 B
847 B 99ms
99ms Fetch
application/json 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/config.json?timestamp=1695249555492
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.9b7437fb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: fddb46ba7713e65fe80b841abc388d34ebcca8aa9de29659dd120ce70da32c50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified: Wednesday, 20-Sep-2023 22:39:15 GMT
accept-ranges: bytes
content-length: 698
content-type: application/json

GET
H2 200 chunk-09f2e8c4.73241717.css
donations.sa/css/ 201 KB
40 KB 100ms
100ms Stylesheet
text/css 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/css/chunk-09f2e8c4.73241717.css
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.9b7437fb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: c2c943793cbe241f60b49f7d29d002b6ed3cfe438a2a1a6d367cf5243526bb91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-encoding: gzip
last-modified: Fri, 28 Jul 2023 10:00:15 GMT
etag: W/"64c391af-3228f"
content-type: text/css

GET
H2 200 chunk-09f2e8c4.3f6b636e.js Show response
donations.sa/js/ 824 KB
281 KB 99ms
99ms Script
application/javascript 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/js/chunk-09f2e8c4.3f6b636e.js
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.9b7437fb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 8fe9228e8ed4c718c9c88bf5c7b035d0043f3ac9667962d90c1352eecaf145e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

cache-control: no-store, no-cache
content-encoding: gzip
last-modified: Wednesday, 20-Sep-2023 22:39:15 GMT
content-type: application/javascript

GET
H2 200 hotjar-3277062.js Show response
static.hotjar.com/c/ 12 KB
5 KB 105ms
33ms Script
application/javascript 108.156.60.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3277062.js?sv=6

Requested by

Host: donations.sa
URL: https://donations.sa/js/chunk-09f2e8c4.3f6b636e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.60.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-60-58.ams1.r.cloudfront.net

Software

Resource Hash

08b076171b517189af1f22c052d9314faf8d5992adac2f6e2112703672e29549

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 20 Sep 2023 22:38:54 GMT
via: 1.1 fbbc548a3de404eb87126afd4e3999ba.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
age: 39
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/65080793dda7affad35afebc16fb3867
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: Xh1FOQdZRJxjw17XjWx6_pVM-28KclD3ah6ZbDphe7_oR_TeqXLpRQ==

GET
H2 200 chunk-2d0aa5b8.0cf832ef.js Show response
donations.sa/js/ 87 KB
36 KB 143ms
142ms Script
application/javascript 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/js/chunk-2d0aa5b8.0cf832ef.js
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.9b7437fb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: a272e8baf743246bfecfccf0e186b404a765cda6121df9113c5be651ffb628b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

cache-control: no-store, no-cache
content-encoding: gzip
last-modified: Wednesday, 20-Sep-2023 22:39:16 GMT
content-type: application/javascript

GET
H2 200 chunk-5244cee4.6d0fac2c.css
donations.sa/css/ 952 B
519 B 141ms
139ms Stylesheet
text/css 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/css/chunk-5244cee4.6d0fac2c.css
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.9b7437fb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: f0dbab6a7c19e880e91990af9be1cb8eee4bb8ce97bd98a1237aeff3a5ee3be7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-encoding: gzip
last-modified: Fri, 28 Jul 2023 10:00:15 GMT
etag: W/"64c391af-3b8"
content-type: text/css

GET
H2 200 chunk-5244cee4.0ee37486.js Show response
donations.sa/js/ 64 KB
24 KB 143ms
142ms Script
application/javascript 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/js/chunk-5244cee4.0ee37486.js
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.9b7437fb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: dd6fcbce64c5f9ff581c3add894dcac7bde7f5605ea48cf152a98a4c232e388e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

cache-control: no-store, no-cache
content-encoding: gzip
last-modified: Wednesday, 20-Sep-2023 22:39:16 GMT
content-type: application/javascript

GET
H2 200 chunk-8a26c580.9cdd75be.css
donations.sa/css/ 2 KB
752 B 141ms
140ms Stylesheet
text/css 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/css/chunk-8a26c580.9cdd75be.css
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.9b7437fb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 5973e900044b7ba7f027b9ff2d3657e3a36ffe467ca3b93a94a8dfffd9712de8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-encoding: gzip
last-modified: Fri, 28 Jul 2023 10:00:15 GMT
etag: W/"64c391af-6e1"
content-type: text/css

GET
H2 200 chunk-8a26c580.77fcea6c.js Show response
donations.sa/js/ 14 KB
5 KB 145ms
144ms Script
application/javascript 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/js/chunk-8a26c580.77fcea6c.js
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.9b7437fb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 72c4f6732695498372e04875b8b916ea64ce6478cfe8e47649ddecf78761dbc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

cache-control: no-store, no-cache
content-encoding: gzip
last-modified: Wednesday, 20-Sep-2023 22:39:16 GMT
content-type: application/javascript

GET
H2 200 chunk-2d0e28e5.8453fa31.js Show response
donations.sa/js/ 45 KB
14 KB 146ms
145ms Script
application/javascript 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/js/chunk-2d0e28e5.8453fa31.js
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.9b7437fb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 15ad2d6413f612c23c6b87f93b92ed9124986e950b809b8bd54f7a345e3c84bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

cache-control: no-store, no-cache
content-encoding: gzip
last-modified: Wednesday, 20-Sep-2023 22:39:16 GMT
content-type: application/javascript

GET
H2 200 chunk-0734fc97.1dea28f2.css
donations.sa/css/ 42 KB
9 KB 145ms
144ms Stylesheet
text/css 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/css/chunk-0734fc97.1dea28f2.css
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.9b7437fb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 2e0ad82330f539d6a7b21f48bad9d70af5ee1cdcf2abbabc3dc2ed9c2b9e7442

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-encoding: gzip
last-modified: Fri, 28 Jul 2023 10:00:15 GMT
etag: W/"64c391af-a7a3"
content-type: text/css

GET
H2 200 chunk-0734fc97.58b37a40.js Show response
donations.sa/js/ 59 KB
18 KB 148ms
147ms Script
application/javascript 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/js/chunk-0734fc97.58b37a40.js
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.9b7437fb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: eeaa0b020ab959147cf2be3829f127b354c30c4fc02e4c055443660e202089fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

cache-control: no-store, no-cache
content-encoding: gzip
last-modified: Wednesday, 20-Sep-2023 22:39:16 GMT
content-type: application/javascript

GET
H2 200 chunk-bca1e516.bf899ed9.css
donations.sa/css/ 3 KB
870 B 145ms
144ms Stylesheet
text/css 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/css/chunk-bca1e516.bf899ed9.css
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.9b7437fb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 8c9aa9a6f60be7eb2abf8bf2bdbf9f991709ef5b41a2a1ddc9c2a0e7c1e015b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-encoding: gzip
last-modified: Fri, 28 Jul 2023 10:00:15 GMT
etag: W/"64c391af-bbf"
content-type: text/css

GET
H2 200 chunk-bca1e516.1e8bf53f.js Show response
donations.sa/js/ 3 KB
2 KB 145ms
145ms Script
application/javascript 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/js/chunk-bca1e516.1e8bf53f.js
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.9b7437fb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 74081f7f1484afd31b61d46b9d8b1539f2213cd695aa1788a0770925f0422dd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

cache-control: no-store, no-cache
content-encoding: gzip
last-modified: Wednesday, 20-Sep-2023 22:39:16 GMT
content-type: application/javascript

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 131ms
72ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=faada610-2fed-4982-8e67-c819e3268784

Requested by

Host: donations.sa
URL: https://donations.sa/js/app.9b7437fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 22:39:16 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: TDMQPT020DRW1117
age: 51
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-amz-id-2: zMRnAvKOAJXxRvPq8+B1zeL5aayaTgRJkXk1UzH1Ado5lR6+z1lafaTP6MEs86XDeFT1Mq3O6PuGW79rziCiBA==
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRrq3a98UpkIyr52t9T8IJmB2ZC6cDB%2BCcUg5C9932a2aYpOjZyy51%2FS2b2kSXvBLSqjvzjVA%2B5EUvCVOhgjsZxRUkWWRQ%2FMmg%2BOHkdwRxhw17wQmlo0U7A%2F9JUO28DqZFl3wtg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 809d903e097f44f2-TXL

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 184 KB
68 KB 130ms
67ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-166822255-1

Requested by

Host: donations.sa
URL: https://donations.sa/js/app.9b7437fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27f25e25548db93895cb1297ce29e3eda3c9dd19b9cb489531c3c6e72c25c124

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 22:39:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68866
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 21:13:40 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Sep 2023 22:39:16 GMT

GET
H2 200 gtag.js Show response
donations.sa/ 547 B
510 B 223ms
222ms Script
application/javascript 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/gtag.js
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.9b7437fb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 7741efc17a8c3ca83bc702a8c2b351238cb2222fa29562ea501838410910df02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

cache-control: no-store, no-cache
content-encoding: gzip
last-modified: Wednesday, 20-Sep-2023 22:39:16 GMT
content-type: application/javascript

GET
H2 200 pixel.js Show response
donations.sa/ 899 B
643 B 223ms
222ms Script
application/javascript 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/pixel.js
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.9b7437fb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 97d6fadc215c74f7c0742b9653d5c7743c09a71278f9614dc0d774a3b72f7bef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

cache-control: no-store, no-cache
content-encoding: gzip
last-modified: Wednesday, 20-Sep-2023 22:39:16 GMT
content-type: application/javascript

GET
H2 200 twitter.js Show response
donations.sa/ 297 B
354 B 224ms
223ms Script
application/javascript 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/twitter.js
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.9b7437fb.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 5f88e83abd49a4b489750efbdf94cdac5a4d5f10eacd1142c755393eae43e3bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

cache-control: no-store, no-cache
content-encoding: gzip
last-modified: Wednesday, 20-Sep-2023 22:39:16 GMT
content-type: application/javascript

GET
H2 200 cities Show response
api.donations.sa/ 384 KB
385 KB 448ms
202ms XHR
application/json 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donations.sa/cities

Requested by

Host: donations.sa
URL: https://donations.sa/js/chunk-09f2e8c4.3f6b636e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

50bfee41764a3c7187c7270fbe10d3a63dda404b7fa65aaeeb79adb6f90af078

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Language: ar

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 3dc49870-23ea-423e-ba9b-d8e65e1a07c4
x-runtime: 0.187425
referrer-policy: strict-origin-when-cross-origin
etag: W/"50bfee41764a3c7187c7270fbe10d3a6"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
vary: Origin
content-type: application/json; charset=utf-8
x-proxy-cache: STALE

GET
H2 200 FrutigerLTArabic45Light.4da336bf.woff2
donations.sa/fonts/ 48 KB
48 KB 221ms
220ms Font
font/woff2 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/fonts/FrutigerLTArabic45Light.4da336bf.woff2
Requested by: Host: donations.sa
URL: https://donations.sa/css/chunk-09f2e8c4.73241717.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 1dc0b98a2d9f8873cd8bba1376b763a6f15b0f90993e0b7e00d35eba9b08e5e1

Request headers

Referer: https://donations.sa/css/chunk-09f2e8c4.73241717.css
Origin: https://donations.sa
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-encoding: gzip
last-modified: Fri, 28 Jul 2023 10:00:15 GMT
etag: W/"64c391af-c030"
content-type: font/woff2

GET
H2 200 modules.4ed09ad592101c54e9e4.js Show response
script.hotjar.com/ 225 KB
55 KB 146ms
33ms Script
application/javascript 13.227.219.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.4ed09ad592101c54e9e4.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3277062.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-3.ams54.r.cloudfront.net

Software

Resource Hash

3f1debe1ac6066919736837125f1f35a225efcd0f56c5cf0a9a9b86b537d656a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 17:13:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 2b11d6e7cfac22d5fd2bf9a0df8c4d2a.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 19570
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56073
last-modified: Wed, 20 Sep 2023 17:12:39 GMT
etag: "6db2a0c2bdd2e53c733e03ac81d84bb1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 59Msp7HcV3hU5edCJf33UPOLKsqq6x5Vqa95LaWa4VM9M_nU1rV7tg==

GET
H2 200 faada610-2fed-4982-8e67-c819e3268784 Show response
ekr.zdassets.com/compose/ 1 KB
2 KB 328ms
231ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/faada610-2fed-4982-8e67-c819e3268784

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=faada610-2fed-4982-8e67-c819e3268784

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3afba0278000027442ccc792f53e973de2e0c1bbfdeef3999e52bc9a6b261f03

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 22:39:16 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 8066a8d1cd935a0d-SEA, 8066a8d1cd935a0d-SEA
x-runtime: 0.009554
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"3afba0278000027442ccc792f53e973d"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDYae0NQytSa%2FNqihUTQDvhHGEBsezY1Jow2ApykJcJWOUSpmRlzJrJg3JUk7FCFnK6QkClkZpEhmGIWocszkdh6VfUtqwDXwUi5KfBHQdIpESxw4LUAjrD%2Fc6hLWNIsEjo%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 809d903f1dae453a-TXL

GET
H2 200 logo-default-mobile.82d45164.svg
donations.sa/img/ 4 KB
5 KB 99ms
97ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/logo-default-mobile.82d45164.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 27628ae091cf34bb40b82a3061c7c112add19712286286846333e46713dea6e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

last-modified: Fri, 28 Jul 2023 10:00:15 GMT
accept-ranges: bytes
etag: "64c391af-11bb"
content-length: 4539
content-type: image/svg+xml

GET
H2 200 icon-whatsApp-green.f34ba70c.svg
donations.sa/img/ 1 KB
1 KB 100ms
97ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-whatsApp-green.f34ba70c.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 8838edf59d534383bbed1cbfe3b65e01300ffa70171a5219094724d8963409ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

last-modified: Fri, 28 Jul 2023 10:00:15 GMT
accept-ranges: bytes
etag: "64c391af-577"
content-length: 1399
content-type: image/svg+xml

GET
H2 200 icon-email-green.5b569f75.svg
donations.sa/img/ 778 B
882 B 100ms
98ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-email-green.5b569f75.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 02a747960fe7c155e79dbfcc060e2f854c55cb44215e271aa420a226d7f7dad1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

last-modified: Fri, 28 Jul 2023 10:00:15 GMT
accept-ranges: bytes
etag: "64c391af-30a"
content-length: 778
content-type: image/svg+xml

GET
H2 200 icon-twitter-green.656371e1.svg
donations.sa/img/ 858 B
962 B 100ms
98ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-twitter-green.656371e1.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 26130d7c7b1b95a71729073b8afc240c3dec31aaa67ff2d4e7eb065bfb9db3a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

last-modified: Fri, 28 Jul 2023 10:00:15 GMT
accept-ranges: bytes
etag: "64c391af-35a"
content-length: 858
content-type: image/svg+xml

GET
H2 200 icon-instagram-green.535e4b69.svg
donations.sa/img/ 2 KB
2 KB 101ms
99ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-instagram-green.535e4b69.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 900280cf188bec620bda3b04a4c276e5a2ee8cefd50291bf94ccdf9ef5e8b14f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

last-modified: Fri, 28 Jul 2023 10:00:15 GMT
accept-ranges: bytes
etag: "64c391af-7ac"
content-length: 1964
content-type: image/svg+xml

GET
H2 200 footer-logo.1d512a9f.svg
donations.sa/img/ 5 KB
5 KB 100ms
98ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/footer-logo.1d512a9f.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 043e371d4a512c450a215b9668a8b652e8149ff23eec2195decffb1ee134742e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

last-modified: Fri, 28 Jul 2023 10:00:15 GMT
accept-ranges: bytes
etag: "64c391af-1461"
content-length: 5217
content-type: image/svg+xml

GET
H2 200 icon-whatsapp.6231a7b9.svg
donations.sa/img/ 2 KB
2 KB 101ms
99ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-whatsapp.6231a7b9.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 9311074c8ac69efb461ef9c3f6fadc79e9bba0695eb1b302831ec3f6c3f3693b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

last-modified: Fri, 28 Jul 2023 10:00:15 GMT
accept-ranges: bytes
etag: "64c391af-95a"
content-length: 2394
content-type: image/svg+xml

GET
H2 200 icon-email.f89d90c5.svg
donations.sa/img/ 778 B
882 B 100ms
99ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-email.f89d90c5.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 30fa8a0749dc0bb92c4288b4943ef149f7d78cd2bf12e2f8d85dd8b8e9a9934a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

last-modified: Fri, 28 Jul 2023 10:00:15 GMT
accept-ranges: bytes
etag: "64c391af-30a"
content-length: 778
content-type: image/svg+xml

GET
H2 200 icon-twitter.a1cc8de6.svg
donations.sa/img/ 880 B
984 B 101ms
100ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-twitter.a1cc8de6.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: e20b4113f490c79fe88206fd2556c651f8c5529bef438d566d3319c53a88eab8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

last-modified: Fri, 28 Jul 2023 10:00:15 GMT
accept-ranges: bytes
etag: "64c391af-370"
content-length: 880
content-type: image/svg+xml

GET
H2 200 icon-instagram.059bc311.svg
donations.sa/img/ 2 KB
2 KB 101ms
100ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-instagram.059bc311.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 6a58e48f4d19343df1d2a23fd1cac27a4b8b8c151b2f6919d00fdd90b4e411de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

last-modified: Fri, 28 Jul 2023 10:00:15 GMT
accept-ranges: bytes
etag: "64c391af-75e"
content-length: 1886
content-type: image/svg+xml

GET
H2 200 icon-down.94278d0c.svg
donations.sa/img/ 467 B
571 B 97ms
96ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-down.94278d0c.svg
Requested by: Host: donations.sa
URL: https://donations.sa/css/chunk-09f2e8c4.73241717.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 47f2a76ad3b65df0396aeda0f0598804e347e4d82fb686f840c0a7fa96d62d50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/css/chunk-09f2e8c4.73241717.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

last-modified: Fri, 28 Jul 2023 10:00:15 GMT
accept-ranges: bytes
etag: "64c391af-1d3"
content-length: 467
content-type: image/svg+xml

GET
H2 200 icon-language.2c28581d.svg
donations.sa/img/ 2 KB
2 KB 98ms
97ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-language.2c28581d.svg
Requested by: Host: donations.sa
URL: https://donations.sa/css/chunk-09f2e8c4.73241717.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 099aecc6e6609eb595e1d4649edd152e2fd58109afda4a612ecd9eba978d4a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/css/chunk-09f2e8c4.73241717.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

last-modified: Fri, 28 Jul 2023 10:00:15 GMT
accept-ranges: bytes
etag: "64c391af-735"
content-length: 1845
content-type: image/svg+xml

GET
H2 200 top-bg-all-pages.6852b951.svg
donations.sa/img/ 167 KB
168 KB 98ms
97ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/top-bg-all-pages.6852b951.svg
Requested by: Host: donations.sa
URL: https://donations.sa/css/chunk-09f2e8c4.73241717.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 3ec0b8df59897ac5ea6a49beb181980c55eca17e05fac676ccec4877706ab36a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/css/chunk-09f2e8c4.73241717.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

last-modified: Fri, 28 Jul 2023 10:00:15 GMT
accept-ranges: bytes
etag: "64c391af-29ddd"
content-length: 171485
content-type: image/svg+xml

GET
H2 200 icon-back-white.a353eb40.svg
donations.sa/img/ 313 B
417 B 98ms
98ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-back-white.a353eb40.svg
Requested by: Host: donations.sa
URL: https://donations.sa/css/chunk-0734fc97.1dea28f2.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 3f3074ee77def4f5989b7916a4e069766c64b354aa48c622fdb08ab3a69b9a84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/css/chunk-0734fc97.1dea28f2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

last-modified: Fri, 28 Jul 2023 10:00:15 GMT
accept-ranges: bytes
etag: "64c391af-139"
content-length: 313
content-type: image/svg+xml

GET
H2 200 FrutigerLTArabic55Roman.d083de2a.woff2
donations.sa/fonts/ 47 KB
47 KB 200ms
199ms Font
font/woff2 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/fonts/FrutigerLTArabic55Roman.d083de2a.woff2
Requested by: Host: donations.sa
URL: https://donations.sa/css/chunk-09f2e8c4.73241717.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: f5cd7b64a89f67a152eb71279dbc465aa5c0204e67ff65d9cfa86c0f4ccac850

Request headers

Referer: https://donations.sa/css/chunk-09f2e8c4.73241717.css
Origin: https://donations.sa
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-encoding: gzip
last-modified: Fri, 28 Jul 2023 10:00:15 GMT
etag: W/"64c391af-ba48"
content-type: font/woff2

GET
H2 200 FrutigerLTArabic65Bold.ca4f07b5.woff2
donations.sa/fonts/ 45 KB
45 KB 98ms
98ms Font
font/woff2 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/fonts/FrutigerLTArabic65Bold.ca4f07b5.woff2
Requested by: Host: donations.sa
URL: https://donations.sa/css/chunk-09f2e8c4.73241717.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: e8c80820aa6a0a3bffab4bd83ca5c883d7bdfde75e99bc715ff5fa2aed648377

Request headers

Referer: https://donations.sa/css/chunk-09f2e8c4.73241717.css
Origin: https://donations.sa
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-encoding: gzip
last-modified: Fri, 28 Jul 2023 10:00:15 GMT
etag: W/"64c391af-b47c"
content-type: font/woff2

GET
H2 200 frutigerltarabic75black.0e9973ce.woff2
donations.sa/fonts/ 44 KB
45 KB 184ms
184ms Font
font/woff2 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/fonts/frutigerltarabic75black.0e9973ce.woff2
Requested by: Host: donations.sa
URL: https://donations.sa/css/chunk-09f2e8c4.73241717.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 0d90069b88706826498a27b1ca465f4079e6a7e686ced494c82b8999010a5e2e

Request headers

Referer: https://donations.sa/css/chunk-09f2e8c4.73241717.css
Origin: https://donations.sa
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-encoding: gzip
last-modified: Fri, 28 Jul 2023 10:00:15 GMT
etag: W/"64c391af-b18c"
content-type: font/woff2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
82 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZDFST2V94E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-166822255-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

968c6fcac3e0e3e68dc963603ab6c958bdd38f0de1dbb1d9b4aa5cd5a16a2762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 22:39:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83603
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Sep 2023 22:39:16 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 248 KB
85 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PPBTDHC

Requested by

Host: donations.sa
URL: https://donations.sa/gtag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1885d31c4c4782e8356d4d8df25ed069bab1e520377498d26c91e1296ddb39d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 22:39:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87415
x-xss-protection: 0
last-modified: Wed, 20 Sep 2023 21:13:40 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 20 Sep 2023 22:39:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 79ms
25ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-166822255-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 20 Sep 2023 21:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3295
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 20 Sep 2023 23:44:21 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 38 KB
17 KB 171ms
70ms Script
application/javascript 54.192.87.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: donations.sa
URL: https://donations.sa/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.87.248 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-87-248.ams50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 28be27d04ce0ebac3fcd2862aa85bd45139b448cfa41647480b6a9f0180289e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 22:39:16 GMT
content-encoding: gzip
via: 1.1 40299f499171d28c4f5fd30234a9d098.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS50-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 16452
x-amz-cf-id: IIxXGc6l5LEOzpB4_f1dSGHo-0fAJZuQT05riD6CGeVBflk5PsD8tg==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 197 KB
53 KB 87ms
26ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: donations.sa
URL: https://donations.sa/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 20 Sep 2023 22:39:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53155
x-xss-protection: 0
pragma: public
x-fb-debug: ZYNRjz4ecqxjzwLLheeOFnR+SFwNrJPMfeQfF16vm3WZdFRRWHQnsPXXz0pZEUa89hNJNX63hX5CTglyHxhnJw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 92ms
29ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: donations.sa
URL: https://donations.sa/twitter.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 22:39:16 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230072-FRA

GET
H2 204 3277062 Show response
vc.hotjar.io/sessions/ 0
258 B 155ms
48ms XHR
text/plain 18.66.112.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/3277062?s=0.25&r=0.1184021832426374
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.4ed09ad592101c54e9e4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-79.fra56.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 22:39:16 GMT
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: 0rbRt7HN2CdHhvaaKub7SIY5IGfTOi5DNBOLVGqYpLjUhv6Cp8Yzhg==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 81ms
31ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZDFST2V94E&gtm=45je39i0&_p=525570306&_gaz=1&cid=1485268901.1695249557&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1695249556&sct=1&seg=0&dl=https%3A%2F%2Fdonations.sa%2Fproject%2F877&dt=%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZDFST2V94E&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 22:39:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donations.sa
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 92ms
27ms Ping
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZDFST2V94E&cid=1485268901.1695249557&gtm=45je39i0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZDFST2V94E&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 22:39:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donations.sa
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 83ms
32ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZDFST2V94E&cid=1485268901.1695249557&gtm=45je39i0&aip=1&z=106129027

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 22:39:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 984362182168626 Show response
connect.facebook.net/signals/config/ 420 KB
115 KB 23ms
23ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/984362182168626?v=2.9.127&r=stable&domain=donations.sa

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

03fecb606afa1785bbe52915817fe764db0b4f3007644cdd8cd55f134c363c32

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 20 Sep 2023 22:39:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 117358
x-xss-protection: 0
pragma: public
x-fb-debug: dEryG2FjDKCjdgyoWVsolpCr7ODcreSvKkmuCUrLnavJpMaYEfJ6eTZhbJLhCvLPTFEa/QsXu6Sp9Limy0Zqag==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
204 B 28ms
27ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=525570306&t=pageview&_s=1&dl=https%3A%2F%2Fdonations.sa%2Fproject%2F877&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=601994668&gjid=1574514340&cid=1485268901.1695249557&tid=UA-166822255-1&_gid=573286715.1695249557&_r=1&gtm=457e39i0&jsscut=1&z=237372897

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 22:39:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donations.sa
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 237 KB
83 KB 34ms
34ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MVKZZ4JFZZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPBTDHC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b91492d44a545978056524ce910f5ecfc36001978a6cdf29ef2d837beee5b511

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 22:39:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84870
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Sep 2023 22:39:16 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
83 B 31ms
29ms XHR
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=525570306&t=pageview&_s=1&dl=https%3A%2F%2Fdonations.sa%2Fproject%2F877&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgUABAAAAACAAI~&jid=1994828328&gjid=84745401&cid=1485268901.1695249557&tid=UA-166822255-1&_gid=573286715.1695249557&_slc=1&gtm=45He39i0n81PPBTDHC&cd1=1&z=1997033928

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

ebba02658e65406a3e2c22578966a4db79f3cdf269c34a47998b588b0540026d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 22:39:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donations.sa
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 28ms
27ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-166822255-1&cid=1485268901.1695249557&jid=1994828328&gjid=84745401&_gid=573286715.1695249557&_u=aCDAgUABAAAAAGAAI~&z=346991054

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 20 Sep 2023 22:39:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donations.sa
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 22ms
21ms Script
text/javascript 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPBTDHC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 20 Sep 2023 21:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 3295
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 20 Sep 2023 23:44:21 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 19ms
19ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPBTDHC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 22:39:16 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230072-FRA

GET
H2 200 scevent.min.js Show response
sc-static.net/ 38 KB
16 KB 38ms
37ms Script
application/javascript 54.192.87.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPBTDHC
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.87.248 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-87-248.ams50.r.cloudfront.net
Software: CloudFront /
Resource Hash: 28be27d04ce0ebac3fcd2862aa85bd45139b448cfa41647480b6a9f0180289e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 00:00:06 GMT
content-encoding: gzip
via: 1.1 40299f499171d28c4f5fd30234a9d098.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS50-C1
age: 81550
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
access-control-allow-headers: Content-Type
content-length: 16452
x-amz-cf-id: dZwSjMWGNQUxWyaSlG5UUWFLQIy0IOgNMDa1uf6YPK1fk1Nvlr2yZQ==

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/340932350/ 3 KB
2 KB 118ms
36ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/340932350/?random=1695249556710&cv=11&fst=1695249556710&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonations.sa%2Fproject%2F877&label=70SVCOzusaYYEP7tyKIB&hn=www.googleadservices.com&frm=0&tiba=%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9&value=0&bttype=purchase&auid=975538381.1695249557&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPBTDHC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

92a63f3e20b95ce42b018ef035944109d7f6c877b6190d57bcf0d1a21c384a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 22:39:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1653
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
378 B 278ms
206ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=a37e2b76-4f8b-4933-9817-4ae48a66c7fe&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7d648527-ceb0-458e-893e-cb9147a1c7e7&tw_document_href=https%3A%2F%2Fdonations.sa%2Fproject%2F877&tw_iframe_status=0&txn_id=o73ko&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-response-time: 188
date: Wed, 20 Sep 2023 22:39:16 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: e1215a6a000bd0f7
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: dc76654ce29c9bad436bc5ec9198b1676f5ff65dea5f62a8c37d2f1fa6028051
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
726 B 216ms
126ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=a37e2b76-4f8b-4933-9817-4ae48a66c7fe&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=7d648527-ceb0-458e-893e-cb9147a1c7e7&tw_document_href=https%3A%2F%2Fdonations.sa%2Fproject%2F877&tw_iframe_status=0&txn_id=o73ko&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-response-time: 105
date: Wed, 20 Sep 2023 22:39:16 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 11498f0c0f8daab9
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 442887ff1a57f64a59d4e122b1ef78a5245ed52a06b0df9fd644dcf4f479995a
content-length: 43

GET
H2 200 web-widget-main-4b22769.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame C004 453 KB
143 KB 47ms
47ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=faada610-2fed-4982-8e67-c819e3268784

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87d29c78cbd6e6774671b07b512ffb14dfc2dc4fe512a5e1c4909df54fbaa2bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 22:39:16 GMT
x-amz-version-id: buuqfOo_4CCc42mcfHh3348fXV_AyXJg
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMGDV2VD9YV4XJC1
age: 60598
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Nu1LAdxEDzZlmjI3Dm3s9elURU1dJyVeJt0sLRl5J7lKw8OZCoq+TAvcfQ2eqvTqdybj4c924oA=
last-modified: Thu, 24 Aug 2023 03:43:42 GMT
server: cloudflare
etag: W/"39c5d5a29a88c9c1a9f281848ad16b16"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IcGxLr%2FM3NKG2h2iofQWPkwtZb%2FV11v%2BysvIp5fGDNvNJ9Q58qzZcHoWERcH7ur87WajUAawRAKlopMugw9a2698cIH9U8m2Fq8mYSBdeax6JE6D5wMDgoLH%2BnWnykg9%2FKKhigU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 809d9041ae4544f2-TXL
expires: Fri, 23 Aug 2024 03:43:40 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 33ms
32ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-166822255-1&cid=1485268901.1695249557&jid=601994668&gjid=1574514340&_gid=573286715.1695249557&_u=YADAAUAAAAAAACAAI~&z=807301788

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 20 Sep 2023 22:39:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donations.sa
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 26ea1b98-9a08-47c1-a040-a7156b886142.js Show response
tr.snapchat.com/config/sa/ 170 B
443 B 149ms
29ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/sa/26ea1b98-9a08-47c1-a040-a7156b886142.js

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

46b2fbd331a8a92a4591f8f3d708008d616b4015bdb08a9bb7287a993edbb7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://donations.sa/
Origin: https://donations.sa
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 22:39:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://donations.sa
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 94E3 0
201 B 141ms
30ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=26ea1b98-9a08-47c1-a040-a7156b886142&u_scsid=877e3b58-625a-4bda-91c7-1e8298a1f68c&u_sclid=cad8a12b-0979-4d78-871b-eead961d1bfe

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://donations.sa/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 20 Sep 2023 22:39:16 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
83 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZDFST2V94E&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

59878950d91ec1bfaf89e816b8e34520e3ce477f06ebac44dd6be668f370f2bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 22:39:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85339
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 20 Sep 2023 22:39:16 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 90ms
36ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-166822255-1&cid=1485268901.1695249557&jid=1994828328&_u=aCDAgUABAAAAAGAAI~&z=466782485

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 22:39:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-166822255-1&cid=1485268901.1695249557&jid=1994828328&_u=aCDAgUABAAAAAGAAI~&z=466782485

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 22:39:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 99ms
20ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=984362182168626&ev=PageView&dl=https%3A%2F%2Fdonations.sa%2Fproject%2F877&rl=&if=false&ts=1695249556798&sw=1600&sh=1200&v=2.9.127&r=stable&ec=0&o=30&fbp=fb.1.1695249556796.1527424496&it=1695249556639&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 20 Sep 2023 22:39:16 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 70ms
31ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-166822255-1&cid=1485268901.1695249557&jid=601994668&_u=YADAAUAAAAAAACAAI~&z=731672460

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 22:39:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 36ms
35ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-166822255-1&cid=1485268901.1695249557&jid=601994668&_u=YADAAUAAAAAAACAAI~&z=731672460

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 22:39:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 30ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MVKZZ4JFZZ&gtm=45je39i0&_p=525570306&cid=1485268901.1695249557&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1695249556&sct=1&seg=0&dl=https%3A%2F%2Fdonations.sa%2Fproject%2F877&dt=%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MVKZZ4JFZZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 22:39:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donations.sa
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
45 B 28ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MVKZZ4JFZZ&gtm=45je39i0&_p=525570306&cid=1485268901.1695249557&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&sid=1695249556&sct=1&seg=1&dl=https%3A%2F%2Fdonations.sa%2Fproject%2F877&dt=%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MVKZZ4JFZZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 22:39:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donations.sa
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en-us-json-4b22769.js Show response
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame C004 16 KB
3 KB 36ms
36ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d450631b020073cc1285c8b7dfa34593ba8b5eb2e9482a7e9e3891e06148346

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 22:39:16 GMT
x-amz-version-id: Gb950S5306bStT2XGhy0_xYQToJJizIu
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMG5JY3ZKNAS3HE4
age: 60582
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: oNG5Ntj5cIQX9pB+KpoQsWttJQwfnlmqXVnKqc4qOFacRRgtvMtYAbbyB0VHIxcp6lc+OesNPZ4=
last-modified: Thu, 24 Aug 2023 03:43:43 GMT
server: cloudflare
etag: W/"8f649b5684cbdc6de706c3ee378b158a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIurnFkk7miKN60zaCwM301N%2FT%2Fr8on34gvkC1v2sofGwvTpbGLoRYRwatW29KfGrf8q6f4szMiqMHs%2FIvIEuciNBrpv9cXy8HMgtT5HJWwOuH8bOWuh5xQtitC6svv30W256p8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 809d9042dffc44f2-TXL
expires: Fri, 23 Aug 2024 03:43:42 GMT

GET
H2 200 web-widget-4852-4b22769.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame C004 139 KB
47 KB 33ms
33ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21244bacf0cd406e0c2b7742eb67f2c9ab4bb91e7ed5f9eb524308520f3a7694

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 22:39:16 GMT
x-amz-version-id: nYMPFR.iqtfU72nwkjhPOt8gBbfBzGZl
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMGCP8S6B2XHPP58
age: 60597
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: AuT+oKybN4nB5Mvkx1hJIyPo2uNmw4h+GFcZ09JrDffOSm6DbgfQvsDA+ZajPKAAAef06dsu/WA=
last-modified: Thu, 24 Aug 2023 03:43:42 GMT
server: cloudflare
etag: W/"537006977bee3c56b5a5b9900b593d0d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLiiEdzgz920nzMFWG41kXsIQu%2BvF44UEv2XtZYhLhvSG%2BPCNuWOaG7thPQIltpSQcOjDxQwECOMcEgZ7DpLP24LOYvnkgOci76FMqTh5Qav9r%2B8gJILeZljSAbvGansk3VztoQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 809d9042dffd44f2-TXL
expires: Fri, 23 Aug 2024 03:43:41 GMT

GET
H2 200 web-widget-519-4b22769.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame C004 24 KB
8 KB 31ms
31ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-519-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 22:39:16 GMT
x-amz-version-id: lxotykkgECMc9LkwVmT9pOhbgN52rwSH
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMG8J2NZWKC5THX8
age: 60597
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: R7DnfRkHNkNeVzf133PKau52x0bbYErXE9ARK3reS7ZhFughyXOdFEnoYN+aeR8JiM228VrwMk8=
last-modified: Thu, 24 Aug 2023 03:43:42 GMT
server: cloudflare
etag: W/"1c9884a2069c7bec6b20dac62004eb1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xuDvhflhoHu8pFxFwi6Rw4HN7Y5HEsbhTxKAFMd2R3qd7T9DLU7N7vMANCLbPVdoHXMOXL0Ejoz9WVJPM34DGMyQO1z8vNi0D141TW8GQx1781QhhnO%2FGjRgAba7ZP8yawd26oI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 809d9042dfff44f2-TXL
expires: Fri, 23 Aug 2024 03:43:41 GMT

GET
H2 200 web-widget-5178-4b22769.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame C004 24 KB
7 KB 29ms
28ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 22:39:16 GMT
x-amz-version-id: sSav_AkeQS.PdbhOQG5COPnxKLj812h0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMG3251STKFQ9FKM
age: 60597
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: h7XGjSKoVV1NTu0NySH/96sHkYopZS8N0VkC4t8Z+gHYYPwTQw8ywrZSrKAYnqVLFFQD4+G2uW0=
last-modified: Thu, 24 Aug 2023 03:43:42 GMT
server: cloudflare
etag: W/"11034f049f5eef05b26ed292ac59e1fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OTTiNL6ypV1UqJJuBYe1ILI6NTYZdYLbcccgFiArXpqCPJjckUA3nehUQsxuMeROPREdPsoPCrG0A00PKf7XcaJ5VsPF9rDoap%2FRf9KuuiXC%2BAJd803oN7xIvxlgevFRWga1BK0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 809d9042d80344f2-TXL
expires: Fri, 23 Aug 2024 03:43:41 GMT

GET
H2 200 web-widget-9535-4b22769.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame C004 15 KB
6 KB 31ms
31ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b649bd0733d0e2823f6895ab6d9443a7cb8d290f291a4f1e5d130a5f7232a6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 22:39:16 GMT
x-amz-version-id: TQwoJrATHBNX6IVnB55aFvI.RS16xjhS
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMGAMQ4077S2XA66
age: 60597
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: uViUx8KmoHCTjqqY2bcVTYL28P1ozHM2jacPeOgTeFTjovWO5ldg/Z/3mt5UGZdrnKSMg+plaf9VHSj1hAlQKA==
last-modified: Thu, 24 Aug 2023 03:43:42 GMT
server: cloudflare
etag: W/"e3df43ad3700a0c6a03da6179cd57460"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTNE0k85DfXxpaIqGW2SCP4aLW2ePJ9YJTN8vvqosf47A8zwykvu7rV5%2Fuq%2FrBxxc9Dxefw9u2%2FlEPCE%2F3sia1oWb853nzWd2TwcANUWVuBaDAuwGA%2FFAC9SFJzfGSvXhLzpXBk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 809d9042d80544f2-TXL
expires: Fri, 23 Aug 2024 03:43:40 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/340932350/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/340932350/?random=672382582&cv=11&fst=1695249556710&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonat...
https://www.google.com/pagead/1p-conversion/340932350/?random=672382582&cv=11&fst=1695249556710&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonations.sa%2Fproject%2F8...
https://www.google.de/pagead/1p-conversion/340932350/?random=672382582&cv=11&fst=1695249556710&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonations.sa%2Fproject%2F87...

42 B
64 B

34ms
34ms

Image
image/gif

2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/340932350/?random=672382582&cv=11&fst=1695249556710&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonations.sa%2Fproject%2F877&label=70SVCOzusaYYEP7tyKIB&hn=www.googleadservices.com&frm=0&tiba=%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9&value=0&auid=975538381.1695249557&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOExDcXFBWVFtX25kaW9UWjlib2VFaVVBQ3VPbWtjM2JnQ0loRm54eGxwUzczVDg3anVlSFRVdFk5NXBXLVlTYkVNRG5jQWxuGldDaEFJOExDcXFBWVF4S0xpNlB5dzFZa2hFaTBBNFVGZEE1ZDhMNUluR3RXLWZJeXd6YkRyN3lFdC1NanlKN21mSnZlYVBMM2llNTkyNjdRMW5SZzRYQk0iEwj3rI_doLqBAxUlTOUKHck5DcA&is_vtc=1&ocp_id=lHQLZfeSMqWYlQfJ87SADA&eitems=ChAI8LCqqAYQtI6Fo7_Yl9Q1Eh0Aj_HEtyM07ngs7Kd3UiDnEWsQIQ-IS0V4aA5TRQ&random=161104440&ipr=y

Protocol

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 20 Sep 2023 22:39:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 20 Sep 2023 22:39:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/340932350/?random=672382582&cv=11&fst=1695249556710&bg=ffffff&guid=ON&async=1&gtm=45He39i0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonations.sa%2Fproject%2F877&label=70SVCOzusaYYEP7tyKIB&hn=www.googleadservices.com&frm=0&tiba=%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9&value=0&auid=975538381.1695249557&uamb=0&uaw=0&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOExDcXFBWVFtX25kaW9UWjlib2VFaVVBQ3VPbWtjM2JnQ0loRm54eGxwUzczVDg3anVlSFRVdFk5NXBXLVlTYkVNRG5jQWxuGldDaEFJOExDcXFBWVF4S0xpNlB5dzFZa2hFaTBBNFVGZEE1ZDhMNUluR3RXLWZJeXd6YkRyN3lFdC1NanlKN21mSnZlYVBMM2llNTkyNjdRMW5SZzRYQk0iEwj3rI_doLqBAxUlTOUKHck5DcA&is_vtc=1&ocp_id=lHQLZfeSMqWYlQfJ87SADA&eitems=ChAI8LCqqAYQtI6Fo7_Yl9Q1Eh0Aj_HEtyM07ngs7Kd3UiDnEWsQIQ-IS0V4aA5TRQ&random=161104440&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p
tr.snapchat.com/ 68 B
299 B 33ms
32ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=26ea1b98-9a08-47c1-a040-a7156b886142&ev=PAGE_VIEW&intg=gtm&u_hem=FFF7b7416ec1f35b8a794c92887c2c62529b2179b6fa911173803c59c0c463ba572&pl=https%3A%2F%2Fdonations.sa%2Fproject%2F877&bt=1d53c387&if=false&d_bvs=%5B%5D&huah=true&m_dcl=847&m_df=true&m_dv=true&m_fcps=1722&m_pi=847&m_pl=847&m_pv=2&m_rd=2324&m_sl=0&m_sh=1200&m_sw=1600&rf=&trackId=8bb6b810-31e6-4966-a431-8f087fa8e8b3&ts=1695249556972&u_c1=e627305c-f72f-4db6-87e5-4a0cd7c58654&u_sclid=cad8a12b-0979-4d78-871b-eead961d1bfe&u_scsid=877e3b58-625a-4bda-91c7-1e8298a1f68c&v=3.2.0-2309151847

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 22:39:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

OPTIONS
H2 204 pv
donation-support.zendesk.com/frontendevents/ Frame 0
0 155ms
70ms Preflight 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donation-support.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://donations.sa
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 809d9043ddf3aca3-TXL
date: Wed, 20 Sep 2023 22:39:17 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLKrANUTZXYR%2FVXw3onZGutNXf2AubcKOvTucLi3KDxB%2B%2BXXrHy2zUb0i5ff8B8EqqWCY5XffVIJ%2F39KwofHJkimQwmyw7l1NuJx%2BfnhT6fflSSlQJwuczzkW7t%2BPr%2FkyWEaOkqcnQYU525Ic08%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 809d9043ddf3aca3-TXL
x-zendesk-zorg: yes

GET
H2 200 web-widget-1042-4b22769.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame C004 9 KB
4 KB 39ms
38ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-1042-4b22769.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63c6af93792a61982b7d9c578adbc9253db6ba03cb0363b48673e5a091ca1d81

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 22:39:17 GMT
x-amz-version-id: L5NRPnsEDhQnfqpFygg3o.2hcVaO_odI
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: DMGC4SPC4MJH6E45
age: 60597
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 5zqnWFRO0Cx/20hujbAcSzp5bNVXeZ981ydjJn25A0VPfYohYDlkTNLYRr4XO5xJLjsiEPADAk0=
last-modified: Thu, 24 Aug 2023 03:43:42 GMT
server: cloudflare
etag: W/"1023abe67070c50aec7a33d6068cc72e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aC4pjIaA9jWGqbRIM9tUe1pBwlWIZg0s87YEU6JlqqAYLVIn63Dvj5H2HYO7C2Io%2F5tUl%2Bpaa4XMZ2b1JcAJ7yqFq95f1QONrcLY3mwbhbWiE6lymURPlyN6XjrVVLWdF%2BEGITI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 809d9043489244f2-TXL
expires: Fri, 23 Aug 2024 03:43:40 GMT

POST
H2 200 pv
donation-support.zendesk.com/frontendevents/ Frame C004 0
0 59ms
59ms Fetch 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donation-support.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 20 Sep 2023 22:39:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kv%2BFs28xfqzWRxw5bZ9l0RyPUtROA28fHibM7nQJwEicSUyz5VNfkv2MkkVUNGTkkeAbIhDUGFvCted7UfqUP1bYgG8oVshWO8XtqDgenKzEB74skbnC%2B2kuhAyUoUZPEGNFEFfVnZYgldcRlLQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 809d90443e78aca3-TXL
content-length: 0
x-request-id: 809d90443e78aca3-TXL

GET
H2 200 config Show response
donation-support.zendesk.com/embeddable/ Frame C004 1009 B
1 KB 184ms
99ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donation-support.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abe035119b659da2bc121046eba03d3d8bd2f212449adb2adb64102b4997cce0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 22:39:17 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-789b4c785-jk7cq
x-cached: MISS
x-request-id: 809d9043ddf4aca3-WAW
x-runtime: 0.001614
last-modified: Wed, 20 Sep 2023 22:39:17 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kHbpJkMDoWlsXtd118YGsQkZ9ZIn3N%2BMplp2rfnN1lqhSJV9l9ECUJYM2bNriT7aYXgYyHkWVYZmgGHXaaz393QWRWrvpE5zP%2B440cYdvKz0OfSxDBHjpgbOQadTrh1WExqxoNy38mxIYoW%2FQ8%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 809d9043ddf4aca3-TXL

GET
H3 200 p
tr.snapchat.com/ 68 B
87 B 34ms
34ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=26ea1b98-9a08-47c1-a040-a7156b886142&ev=PAGE_VIEW&intg=gtm&u_hem=FFF7b7416ec1f35b8a794c92887c2c62529b2179b6fa911173803c59c0c463ba572&pl=https%3A%2F%2Fdonations.sa%2Fproject%2F877&bt=1d53c387&if=false&d_bvs=%5B%5D&huah=true&m_dcl=847&m_df=true&m_dv=true&m_fcps=1722&m_pi=847&m_pl=847&m_pv=2&m_rd=2423&m_sl=0&m_sh=1200&m_sw=1600&rf=&trackId=0a39d700-9d2b-484c-91ec-338ab18a9837&ts=1695249557070&u_c1=e627305c-f72f-4db6-87e5-4a0cd7c58654&u_sclid=cad8a12b-0979-4d78-871b-eead961d1bfe&u_scsid=877e3b58-625a-4bda-91c7-1e8298a1f68c&v=3.2.0-2309151847

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 22:39:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

POST
H3 200 hm
tr.snapchat.com/ 68 B
88 B 41ms
33ms Ping
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/hm

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 20 Sep 2023 22:39:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/json
access-control-allow-origin: https://donations.sa
cache-control: no-cache, no-transform
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 200 877 Show response
api.donations.sa/projects/ 3 KB
3 KB 124ms
122ms XHR
application/json 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donations.sa/projects/877

Requested by

Host: donations.sa
URL: https://donations.sa/js/chunk-09f2e8c4.3f6b636e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

9889e03333527c0312e1de90af0f3b38a0dfa3709543ef7b3606d1a5f184e2d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
x-request-id: 3dc49870-23ea-423e-ba9b-d8e65e1a07c4
Content-Language: ar

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 3dc49870-23ea-423e-ba9b-d8e65e1a07c4
x-runtime: 0.023663
referrer-policy: strict-origin-when-cross-origin
etag: W/"9889e03333527c0312e1de90af0f3b38"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
vary: Origin
content-type: application/json; charset=utf-8
x-proxy-cache: MISS

GET
H2 200 regions Show response
api.donations.sa/ 2 KB
2 KB 99ms
98ms XHR
application/json 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donations.sa/regions?per_page=25

Requested by

Host: donations.sa
URL: https://donations.sa/js/chunk-09f2e8c4.3f6b636e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

204e6440b76ac2a16900802185ad4c0b8b9c87b7e69ede0ad90c65e1828ccdb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
x-request-id: 3dc49870-23ea-423e-ba9b-d8e65e1a07c4
Content-Language: ar

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 4f5f037e-0706-4bbd-926f-1de4819a30e2
x-runtime: 0.005520
referrer-policy: strict-origin-when-cross-origin
etag: W/"204e6440b76ac2a16900802185ad4c0b"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
vary: Origin
content-type: application/json; charset=utf-8
x-proxy-cache: HIT

GET
H2 200 sf_animal_types Show response
api.donations.sa/ 111 B
637 B 99ms
98ms XHR
application/json 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donations.sa/sf_animal_types?page=0&per_page=10000

Requested by

Host: donations.sa
URL: https://donations.sa/js/chunk-09f2e8c4.3f6b636e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

fc848a30ac377327155f0e44e88cb199e180032b1ddbe1482505596b7d225b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
x-request-id: 3dc49870-23ea-423e-ba9b-d8e65e1a07c4
Content-Language: ar

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: c7a4d03a-8286-4924-b328-8cfe66e1a840
x-runtime: 0.006425
referrer-policy: strict-origin-when-cross-origin
etag: W/"fc848a30ac377327155f0e44e88cb199"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
vary: Origin
content-type: application/json; charset=utf-8
x-proxy-cache: STALE

OPTIONS
H2 200 hm
tr.snapchat.com/ Frame 0
0 32ms
30ms Preflight 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.snapchat.com/hm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 134.43.190.35.bc.googleusercontent.com
Software: API Gateway /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://donations.sa
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent,bitmoji-token,X-Snap-Access-Token
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: https://donations.sa
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 20 Sep 2023 22:39:16 GMT
server: API Gateway
via: 1.1 google

OPTIONS
H2 200 877
api.donations.sa/projects/ Frame 0
0 99ms
97ms Preflight 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://api.donations.sa/projects/877
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-request-id
Access-Control-Request-Method: GET
Origin: https://donations.sa
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-headers: x-request-id
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
access-control-max-age: 7200

OPTIONS
H2 200 regions
api.donations.sa/ Frame 0
0 99ms
98ms Preflight 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://api.donations.sa/regions?per_page=25
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-request-id
Access-Control-Request-Method: GET
Origin: https://donations.sa
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-headers: x-request-id
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
access-control-max-age: 7200

OPTIONS
H2 200 sf_animal_types
api.donations.sa/ Frame 0
0 100ms
98ms Preflight 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://api.donations.sa/sf_animal_types?page=0&per_page=10000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-request-id
Access-Control-Request-Method: GET
Origin: https://donations.sa
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-headers: x-request-id
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
access-control-max-age: 7200

OPTIONS
H2 200 global_settings
api.donations.sa/ Frame 0
0 99ms
98ms Preflight 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://api.donations.sa/global_settings
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-request-id
Access-Control-Request-Method: GET
Origin: https://donations.sa
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-headers: x-request-id
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
access-control-max-age: 7200

OPTIONS
H2 200 available_proposes
api.donations.sa/projects/ Frame 0
0 98ms
97ms Preflight 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://api.donations.sa/projects/available_proposes
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-request-id
Access-Control-Request-Method: GET
Origin: https://donations.sa
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-headers: x-request-id
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
access-control-max-age: 7200

GET
H2 200 global_settings Show response
api.donations.sa/ 108 B
632 B 100ms
99ms XHR
application/json 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donations.sa/global_settings

Requested by

Host: donations.sa
URL: https://donations.sa/js/chunk-09f2e8c4.3f6b636e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

2f0c55d18635ef599631e6051edbc7b2205dcfd41dfe2f57f30a8ad35dd23df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
x-request-id: 3dc49870-23ea-423e-ba9b-d8e65e1a07c4
Content-Language: ar

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 4f5f037e-0706-4bbd-926f-1de4819a30e2
x-runtime: 0.003934
referrer-policy: strict-origin-when-cross-origin
etag: W/"2f0c55d18635ef599631e6051edbc7b2"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
vary: Origin
content-type: application/json; charset=utf-8
x-proxy-cache: HIT

GET
H2 200 available_proposes Show response
api.donations.sa/projects/ 97 B
624 B 98ms
97ms XHR
application/json 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donations.sa/projects/available_proposes

Requested by

Host: donations.sa
URL: https://donations.sa/js/chunk-09f2e8c4.3f6b636e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

d8e3f695777148a697d183754990ce9ac6fb387d3ce57062fca438728582b0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
x-request-id: 3dc49870-23ea-423e-ba9b-d8e65e1a07c4
Content-Language: ar

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 4f5f037e-0706-4bbd-926f-1de4819a30e2
x-runtime: 0.037247
referrer-policy: strict-origin-when-cross-origin
etag: W/"d8e3f695777148a697d183754990ce9a"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
vary: Origin
content-type: application/json; charset=utf-8
x-proxy-cache: STALE

GET
H2 200 63957888c5a8c40105218fef Show response
donation-support.zendesk.com/embeddable/campaigns/ Frame C004 904 B
730 B 120ms
119ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donation-support.zendesk.com/embeddable/campaigns/63957888c5a8c40105218fef
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-4b22769.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbb3928757a16d75ffbe0335371c415d745b3003326b5d92526067ae5e5dde49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 22:39:17 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-789b4c785-jk7cq
x-cached: MISS
x-request-id: 809d90440e3daca3-WAW
x-runtime: 0.001412
last-modified: Wed, 20 Sep 2023 22:39:17 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypql0x44wAYmZYuhK5v8qvXNrLED2M4nmmzOyNEqZ7yqMiYQUNpNKK9WCOHt3I4b8CnL7i4N9%2FpQQrcHsEqyL%2FhLYIlRxjYG45tG97B352%2FyEUMG%2Bs1%2FYyw%2FMzQaPRQIohmtmSDbXayxojulVws%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: max-age=15, public, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 809d90440e3daca3-TXL

OPTIONS
H2 200 recommended_projects
api.donations.sa/projects/877/ Frame 0
0 99ms
99ms Preflight 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://api.donations.sa/projects/877/recommended_projects
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-request-id
Access-Control-Request-Method: GET
Origin: https://donations.sa
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

access-control-allow-headers: x-request-id
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
access-control-max-age: 7200

GET
H2 200 icon-share.eca8b3df.svg
donations.sa/img/ 1 KB
1 KB 97ms
96ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-share.eca8b3df.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 88e6a43bcf4e5dbcbea1ef43c8170d6b9f34fb7221ba2386cc65a7b7aa85bac3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

last-modified: Fri, 28 Jul 2023 10:00:15 GMT
accept-ranges: bytes
etag: "64c391af-49d"
content-length: 1181
content-type: image/svg+xml

GET
H2 200 icon-telegram.f989bb6d.svg
donations.sa/img/ 418 B
522 B 99ms
98ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-telegram.f989bb6d.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: ee1b48f80768c90788f2d5ad18b08ecf03018b34801e92a199084fd4c13519b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

last-modified: Fri, 28 Jul 2023 10:00:15 GMT
accept-ranges: bytes
etag: "64c391af-1a2"
content-length: 418
content-type: image/svg+xml

GET
H2 200 icon-twitter.546d203f.svg
donations.sa/img/ 848 B
952 B 97ms
96ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-twitter.546d203f.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 8bf9912b50f4833163aaa120988899b07a0969c12e9bf00121dbc9f626005485

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

last-modified: Fri, 28 Jul 2023 10:00:15 GMT
accept-ranges: bytes
etag: "64c391af-350"
content-length: 848
content-type: image/svg+xml

GET
H2 200 icon-whatsapp.6cbe6dce.svg
donations.sa/img/ 974 B
1 KB 98ms
97ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-whatsapp.6cbe6dce.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: c1e0f3de0d74b71afc1c829b5fe13794dab875596d3dfe6ff4b49796e65cf275

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

last-modified: Fri, 28 Jul 2023 10:00:15 GMT
accept-ranges: bytes
etag: "64c391af-3ce"
content-length: 974
content-type: image/svg+xml

GET
H2 200 general-community.13657556.svg
donations.sa/img/ 2 KB
2 KB 98ms
97ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/general-community.13657556.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: b78be4c3aad16be931566668275f952ac4ef33a638c71b2fe1d6420b5259b71a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

last-modified: Fri, 28 Jul 2023 10:00:15 GMT
accept-ranges: bytes
etag: "64c391af-70a"
content-length: 1802
content-type: image/svg+xml

GET
H2 200 icon-location.3d010472.svg
donations.sa/img/ 845 B
950 B 98ms
98ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-location.3d010472.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 9920d0676fce2d3a4f80dee5fb41b92ab8bf5c07cd00e56ecd5fd06da27c133f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

last-modified: Fri, 28 Jul 2023 10:00:15 GMT
accept-ranges: bytes
etag: "64c391af-34d"
content-length: 845
content-type: image/svg+xml

GET
H2 200 recommended_projects Show response
api.donations.sa/projects/877/ 19 KB
20 KB 230ms
230ms XHR
application/json 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donations.sa/projects/877/recommended_projects

Requested by

Host: donations.sa
URL: https://donations.sa/js/chunk-09f2e8c4.3f6b636e.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

4ad570868b8f1c173122fc83a75ff6ba5ff0b493cc1efd04d5c954c5555c87b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
x-request-id: 3dc49870-23ea-423e-ba9b-d8e65e1a07c4
Content-Language: ar

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 3dc49870-23ea-423e-ba9b-d8e65e1a07c4
x-runtime: 0.130469
referrer-policy: strict-origin-when-cross-origin
etag: W/"4ad570868b8f1c173122fc83a75ff6ba"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
vary: Origin
content-type: application/json; charset=utf-8
x-proxy-cache: MISS

GET
H/1.1 200
OK 4qv5olhby4zpgcizeihul2us6agk
axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com/prod-donations-public-bucket/blobs/ 102 KB
103 KB 803ms
119ms Image
image/jpeg 134.70.100.3
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com/prod-donations-public-bucket/blobs/4qv5olhby4zpgcizeihul2us6agk?response-content-disposition=inline%3B%20filename%3D%22MicrosoftTeams-image%20%25282%2529.png%22%3B%20filename%2A%3DUTF-8%27%27MicrosoftTeams-image%2520%25282%2529.png&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=02d942b82132fed15df7a47ae9f090bf19fb0642%2F20230920%2Fme-jeddah-1%2Fs3%2Faws4_request&X-Amz-Date=20230920T223917Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=cf6ba6fef64d1f9a90f5f7f1293d398daceff512aa3847b271759fab93cdef06
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.70.100.3 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 235c916ed83ef708062ac22befe07f264fa426a08d7deb2d06e5ea4fc8d24697

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: 00eed8ca-aaa3-402f-bfde-7f096a712581
date: Wed, 20 Sep 2023 22:39:18 GMT
content-md5: V4eQP8thC5fZ01jheT10UQ==
x-amz-request-id: jed-1:5OGZqqJNm99HWtMH23cSEk6imPyDRgoixxdUe1V9u-I2LmGKc1zuznr3sE0J3dzj
content-disposition: inline; filename="MicrosoftTeams-image %282%29.png"; filename*=UTF-8''MicrosoftTeams-image%20%282%29.png
Content-Length: 104622
last-modified: Tue, 28 Feb 2023 11:13:19 GMT
opc-request-id: jed-1:5OGZqqJNm99HWtMH23cSEk6imPyDRgoixxdUe1V9u-I2LmGKc1zuznr3sE0J3dzj
x-api-id: s3-compatible
etag: "5787903fcb610b97d9d358e1793d7451"
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-disposition,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-meta-mtime: 1632302624

GET
H2 200 fa-regular-400.1d17afb0.woff2
donations.sa/fonts/ 142 KB
142 KB 98ms
98ms Font
font/woff2 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/fonts/fa-regular-400.1d17afb0.woff2
Requested by: Host: donations.sa
URL: https://donations.sa/css/chunk-09f2e8c4.73241717.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 4c26780c3c620681ada032bd94f4f9b2a861fe5a9e9236b56ea7b8743e775c07

Request headers

Referer: https://donations.sa/css/chunk-09f2e8c4.73241717.css
Origin: https://donations.sa
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

content-encoding: gzip
last-modified: Fri, 28 Jul 2023 10:00:15 GMT
etag: W/"64c391af-236b0"
content-type: font/woff2

GET
H/1.1 200
OK ai1r43trlhqa9da1mdj8qr0bjz6i
axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com/prod-donations-public-bucket/blobs/ 40 KB
41 KB 507ms
169ms Image
image/jpeg 134.70.100.3
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com/prod-donations-public-bucket/blobs/ai1r43trlhqa9da1mdj8qr0bjz6i?response-content-disposition=inline%3B%20filename%3D%221594077%253F%253F8730ktmp.jpg%22%3B%20filename%2A%3DUTF-8%27%271594077%25D8%25A8%25D8%25A88730ktmp.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=02d942b82132fed15df7a47ae9f090bf19fb0642%2F20230920%2Fme-jeddah-1%2Fs3%2Faws4_request&X-Amz-Date=20230920T223917Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=7f41f6fd9c40e9e4ca6a37bb96049457608214b4afd57ba3297d79bcf991a1f3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.70.100.3 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 773afca3f4a74ebf98d36934fe196ba6d2bfbf8f1f16f6e5950dc1d10bf6bade

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: 6229a505-dd4a-4286-a567-af997572aa33
date: Wed, 20 Sep 2023 22:39:18 GMT
content-md5: weJ+gwKbr84MAmW6Ra6lWw==
x-amz-request-id: jed-1:cI98XAl5RQiNAMADFRMUVY_XCNOjb6Hj_iMBi55J1cqkL3vEVAfERpJfSYx6ku13
content-disposition: inline; filename="1594077%3F%3F8730ktmp.jpg"; filename*=UTF-8''1594077%D8%A8%D8%A88730ktmp.jpg
Content-Length: 40525
last-modified: Tue, 28 Feb 2023 11:24:07 GMT
opc-request-id: jed-1:cI98XAl5RQiNAMADFRMUVY_XCNOjb6Hj_iMBi55J1cqkL3vEVAfERpJfSYx6ku13
x-api-id: s3-compatible
etag: "c1e27e83029bafce0c0265ba45aea55b"
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-disposition,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-meta-mtime: 1630349877

GET
H/1.1 200
OK o9mkinbx0lpmda1pa5341awa3oj3
axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com/prod-donations-public-bucket/blobs/ 45 KB
46 KB 465ms
122ms Image
image/jpeg 134.70.100.3
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com/prod-donations-public-bucket/blobs/o9mkinbx0lpmda1pa5341awa3oj3?response-content-disposition=inline%3B%20filename%3D%221594078%253F%253F%253F7372gqvl.jpg%22%3B%20filename%2A%3DUTF-8%27%271594078%25D9%258A%25D9%258A%25D9%258A7372gqvl.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=02d942b82132fed15df7a47ae9f090bf19fb0642%2F20230920%2Fme-jeddah-1%2Fs3%2Faws4_request&X-Amz-Date=20230920T223917Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=00787cbf3ed8f17b1cd13f99b62dd2196c2eb539abab942d9b5b79347752d154
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.70.100.3 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 9af4dc042719cb34971bf7f7b3bd919e44bf622f6b14c4de5bf1b0de234c02d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: 64cacd8f-1292-4228-a1bb-370c373c91e3
date: Wed, 20 Sep 2023 22:39:18 GMT
content-md5: 3DcZe0Kj5WvLR6yRAk6d6A==
x-amz-request-id: jed-1:G-YtREwZDgSeKOHEkxqHJLGYhmDqt4HEg9gE9WvZrNqotpxjXgtBmL-wQmRm2b3Y
content-disposition: inline; filename="1594078%3F%3F%3F7372gqvl.jpg"; filename*=UTF-8''1594078%D9%8A%D9%8A%D9%8A7372gqvl.jpg
Content-Length: 45961
last-modified: Tue, 28 Feb 2023 11:50:04 GMT
opc-request-id: jed-1:G-YtREwZDgSeKOHEkxqHJLGYhmDqt4HEg9gE9WvZrNqotpxjXgtBmL-wQmRm2b3Y
x-api-id: s3-compatible
etag: "dc37197b42a3e56bcb47ac91024e9de8"
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-disposition,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-meta-mtime: 1630350051

GET
H/1.1 200
OK vu6jchxoya4e95dset50l5ae1m46
axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com/prod-donations-public-bucket/blobs/ 40 KB
41 KB 502ms
144ms Image
image/jpeg 134.70.100.3
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com/prod-donations-public-bucket/blobs/vu6jchxoya4e95dset50l5ae1m46?response-content-disposition=inline%3B%20filename%3D%221594077%253F%253F8730ktmp.jpg%22%3B%20filename%2A%3DUTF-8%27%271594077%25D8%25A8%25D8%25A88730ktmp.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=02d942b82132fed15df7a47ae9f090bf19fb0642%2F20230920%2Fme-jeddah-1%2Fs3%2Faws4_request&X-Amz-Date=20230920T223917Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=f19ec3c9da4bc49ac35b2c2e8d6e612defd702baa899b247a81776753ce0a111
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.70.100.3 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 773afca3f4a74ebf98d36934fe196ba6d2bfbf8f1f16f6e5950dc1d10bf6bade

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: da1384f9-6a0d-4ed4-b2c1-a3e5e8bfe03e
date: Wed, 20 Sep 2023 22:39:18 GMT
content-md5: weJ+gwKbr84MAmW6Ra6lWw==
x-amz-request-id: jed-1:U0Uiura1kFmolBweswkAIDSHyKVelclzCy8ReSrjeim8l6vuAS_7oczcXIKHwmQJ
content-disposition: inline; filename="1594077%3F%3F8730ktmp.jpg"; filename*=UTF-8''1594077%D8%A8%D8%A88730ktmp.jpg
Content-Length: 40525
last-modified: Tue, 28 Feb 2023 12:04:11 GMT
opc-request-id: jed-1:U0Uiura1kFmolBweswkAIDSHyKVelclzCy8ReSrjeim8l6vuAS_7oczcXIKHwmQJ
x-api-id: s3-compatible
etag: "c1e27e83029bafce0c0265ba45aea55b"
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-disposition,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-meta-mtime: 1630350200

GET
H/1.1 200
OK oeno7quemx77zwdqsyi6eruja6sq
axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com/prod-donations-public-bucket/blobs/ 116 KB
117 KB 506ms
140ms Image
image/jpeg 134.70.100.3
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com/prod-donations-public-bucket/blobs/oeno7quemx77zwdqsyi6eruja6sq?response-content-disposition=inline%3B%20filename%3D%22MicrosoftTeams-image%20%25285%2529jhjhjhj.jpg%22%3B%20filename%2A%3DUTF-8%27%27MicrosoftTeams-image%2520%25285%2529jhjhjhj.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=02d942b82132fed15df7a47ae9f090bf19fb0642%2F20230920%2Fme-jeddah-1%2Fs3%2Faws4_request&X-Amz-Date=20230920T223917Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=d3de65c37d97fd2e604ade9b83a5bb9fc52984e8a962a7276dc4830b4b410353
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.70.100.3 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 88c86cad531af25ec4d245348e0d09c5bc72ddbeded898d23a878bf06eca1851

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: a98f538c-39f2-402c-bceb-7f92be2c6e1a
date: Wed, 20 Sep 2023 22:39:18 GMT
content-md5: DSZLssbpTxLSJQn26WiGgg==
x-amz-request-id: jed-1:25vWFnCFYpPzfVxZOFNecmAXSfc57Xk3Qph9hDr5dl42vzo0wnKedz8iL7tQnXDt
content-disposition: inline; filename="MicrosoftTeams-image %285%29jhjhjhj.jpg"; filename*=UTF-8''MicrosoftTeams-image%20%285%29jhjhjhj.jpg
Content-Length: 118365
last-modified: Tue, 28 Feb 2023 11:50:20 GMT
opc-request-id: jed-1:25vWFnCFYpPzfVxZOFNecmAXSfc57Xk3Qph9hDr5dl42vzo0wnKedz8iL7tQnXDt
x-api-id: s3-compatible
etag: "0d264bb2c6e94f12d22509f6e9688682"
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-disposition,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-meta-mtime: 1632320666

GET
H/1.1 200
OK m3ej205j5xgtpx61pv4pfhpl09ha
axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com/prod-donations-public-bucket/blobs/ 152 KB
153 KB 816ms
127ms Image
image/jpeg 134.70.100.3
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com/prod-donations-public-bucket/blobs/m3ej205j5xgtpx61pv4pfhpl09ha?response-content-disposition=inline%3B%20filename%3D%22%253F%253F%253F%253F%253F%20%253F%253F%253F%253F.jpg%22%3B%20filename%2A%3DUTF-8%27%27%25D9%2583%25D9%2581%25D8%25A7%25D9%2584%25D8%25A9%2520%25D9%2585%25D8%25B9%25D9%2584%25D9%2585.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=02d942b82132fed15df7a47ae9f090bf19fb0642%2F20230920%2Fme-jeddah-1%2Fs3%2Faws4_request&X-Amz-Date=20230920T223917Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=bfd6c03fbb86852aca4ba3ef3a6ea3b7f651c516bedca71a1cc4d926bc32ccd6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.70.100.3 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: d74e4e013110890db5f47dda2599ff4ca433d7705aa73915710efa7fedf2ffc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: 33bab699-e4db-4586-b5dd-fda21d6eedac
date: Wed, 20 Sep 2023 22:39:18 GMT
content-md5: 33zaNbE01t7I0DMYuEjYFA==
x-amz-request-id: jed-1:MgIKccvfQwAoK9bxr3KKR_Br0-Q71swy7zlP5jsrryQfm7p4W7INPndBgAr9R5Xn
content-disposition: inline; filename="%3F%3F%3F%3F%3F %3F%3F%3F%3F.jpg"; filename*=UTF-8''%D9%83%D9%81%D8%A7%D9%84%D8%A9%20%D9%85%D8%B9%D9%84%D9%85.jpg
Content-Length: 155549
last-modified: Sun, 02 Jul 2023 07:01:19 GMT
opc-request-id: jed-1:MgIKccvfQwAoK9bxr3KKR_Br0-Q71swy7zlP5jsrryQfm7p4W7INPndBgAr9R5Xn
x-api-id: s3-compatible
etag: "df7cda35b134d6dec8d03318b848d814"
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-disposition,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-request-id,x-amz-version-id,x-api-id
access-control-allow-credentials: true
accept-ranges: bytes

GET
H/1.1 200
OK 5bgjy6ooxslnpxkcrmz7uhvqu4qc
axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com/prod-donations-public-bucket/blobs/ 243 KB
244 KB 485ms
234ms Image
image/jpeg 134.70.100.3
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com/prod-donations-public-bucket/blobs/5bgjy6ooxslnpxkcrmz7uhvqu4qc?response-content-disposition=inline%3B%20filename%3D%22%253F%253F%253F%20%253F%253F%253F%253F%20.jpg%22%3B%20filename%2A%3DUTF-8%27%27%25D9%2581%25D8%25B1%25D8%25B4%2520%25D8%25AC%25D8%25A7%25D9%2585%25D8%25B9%2520.jpg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=02d942b82132fed15df7a47ae9f090bf19fb0642%2F20230920%2Fme-jeddah-1%2Fs3%2Faws4_request&X-Amz-Date=20230920T223917Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=1814d99fbdb25740c6714c8f823e16d8da08531b1ba9bb363d64651470866a0c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.70.100.3 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: fb5a11b52ce1bce54d8fb83ab17294f18bd1caae07f5d6a6a6f5c77b7f9f5a89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: 572679a5-278b-42dd-abff-1b77ac14c191
date: Wed, 20 Sep 2023 22:39:18 GMT
content-md5: 5G9KEYC2UySEMiZC8OY3QA==
x-amz-request-id: jed-1:xd00_0Zp98wFvJcoJ998ugekRxYJsR52rZjHo16r8VZGDmkXa9OT9C30c5DMdKmH
content-disposition: inline; filename="%3F%3F%3F %3F%3F%3F%3F .jpg"; filename*=UTF-8''%D9%81%D8%B1%D8%B4%20%D8%AC%D8%A7%D9%85%D8%B9%20.jpg
Content-Length: 248629
last-modified: Mon, 14 Aug 2023 08:29:04 GMT
opc-request-id: jed-1:xd00_0Zp98wFvJcoJ998ugekRxYJsR52rZjHo16r8VZGDmkXa9OT9C30c5DMdKmH
x-api-id: s3-compatible
etag: "e46f4a1180b6532484322642f0e63740"
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-disposition,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-request-id,x-amz-version-id,x-api-id
access-control-allow-credentials: true
accept-ranges: bytes

GET
H/1.1 200
OK nf3au2xvu0q3jha19hh9lfyypro9
axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com/prod-donations-public-bucket/blobs/ 77 KB
78 KB 118ms
117ms Image
image/jpeg 134.70.100.3
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com/prod-donations-public-bucket/blobs/nf3au2xvu0q3jha19hh9lfyypro9?response-content-disposition=inline%3B%20filename%3D%220FBCDAC2-09D6-4F35-9874-D60AB39B8E2C.jpeg%22%3B%20filename%2A%3DUTF-8%27%270FBCDAC2-09D6-4F35-9874-D60AB39B8E2C.jpeg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=02d942b82132fed15df7a47ae9f090bf19fb0642%2F20230920%2Fme-jeddah-1%2Fs3%2Faws4_request&X-Amz-Date=20230920T223917Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=9dcf4c140175ebcfba6c91b85cbb81a26535e4e46b801b929de803f39fa04e37
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.70.100.3 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: b7afb41c08a5f2e79cf1ef98d99863156c4887bf57f44250058c66462bf52084

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: 12e5ebfc-d460-4690-9f6b-b4ce9a9dc78e
date: Wed, 20 Sep 2023 22:39:18 GMT
content-md5: tebmUfnlYqhHIfLp3spRNA==
x-amz-request-id: jed-1:lZTg0xULJUnqEjl3tLmaATak9W8wY0SG5bI_KhVuhwkkyoV0Z8fAl7eOmPa4KeMr
content-disposition: inline; filename="0FBCDAC2-09D6-4F35-9874-D60AB39B8E2C.jpeg"; filename*=UTF-8''0FBCDAC2-09D6-4F35-9874-D60AB39B8E2C.jpeg
Content-Length: 79028
last-modified: Tue, 28 Feb 2023 11:48:29 GMT
opc-request-id: jed-1:lZTg0xULJUnqEjl3tLmaATak9W8wY0SG5bI_KhVuhwkkyoV0Z8fAl7eOmPa4KeMr
x-api-id: s3-compatible
etag: "b5e6e651f9e562a84721f2e9deca5134"
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-disposition,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-meta-mtime: 1646022505

GET
H2 200 pin.54fdc3a7.svg
donations.sa/img/ 857 B
962 B 96ms
96ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/pin.54fdc3a7.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 294fee2592fcd17a99abb7a2d42206ba16d53f5e723a399b48da5d968a646006

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/project/877
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

last-modified: Fri, 28 Jul 2023 10:00:15 GMT
accept-ranges: bytes
etag: "64c391af-359"
content-length: 857
content-type: image/svg+xml

GET
H/1.1 200
OK tawympb3jncahiscboxuzhtjsr2u
axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com/prod-donations-public-bucket/blobs/ 142 KB
143 KB 124ms
123ms Image
image/png 134.70.100.3
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com/prod-donations-public-bucket/blobs/tawympb3jncahiscboxuzhtjsr2u?response-content-disposition=inline%3B%20filename%3D%22%253F%253F%253F%253F%253F%253F%253F%20%253F%253F%253F%253F%253F%253F%253F%20%253F%253F%253F%253F%253F%253F%20%253F%253F%253F%253F%253F%253F%20%253F%253F%253F%253F%253F%253F%20%253F%253F%253F%253F.png%22%3B%20filename%2A%3DUTF-8%27%27%25D8%25A7%25D9%2584%25D8%25AC%25D9%2585%25D8%25B9%25D9%258A%25D8%25A9%2520%25D8%25A7%25D9%2584%25D8%25AE%25D9%258A%25D8%25B1%25D9%258A%25D8%25A9%2520%25D9%2584%25D8%25AA%25D8%25AD%25D9%2581%25D9%258A%25D8%25B8%2520%25D8%25A7%25D9%2584%25D9%2582%25D8%25B1%25D8%25A2%25D9%2586%2520%25D8%25A7%25D9%2584%25D9%2583%25D8%25B1%25D9%258A%25D9%2585%2520%25D8%25A8%25D8%25AC%25D8%25AF%25D8%25A9.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=02d942b82132fed15df7a47ae9f090bf19fb0642%2F20230920%2Fme-jeddah-1%2Fs3%2Faws4_request&X-Amz-Date=20230920T223917Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=b95a0b9b375ccae7dbf3db4a0a44780f39064678128b45515adff18c7d0475b0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.70.100.3 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: c5b55e1dbbff7d32090541404ffc611d3615f638cf591f53c4ff8c46fbc6eda0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: 0080246e-3c76-44df-a1dd-5ca222e43261
date: Wed, 20 Sep 2023 22:39:18 GMT
content-md5: pHXmDpeDle+9iTOq1HeCgQ==
x-amz-request-id: jed-1:x6y54B6kVa_p3mbCwlDs9xhV28nsp3EEEDt-kQP-oJyBJEpI0-FI0Ro9b92auomX
content-disposition: inline; filename="%3F%3F%3F%3F%3F%3F%3F %3F%3F%3F%3F%3F%3F%3F %3F%3F%3F%3F%3F%3F %3F%3F%3F%3F%3F%3F %3F%3F%3F%3F%3F%3F %3F%3F%3F%3F.png"; filename*=UTF-8''%D8%A7%D9%84%D8%AC%D9%85%D8%B9%D9%8A%D8%A9%20%D8%A7%D9%84%D8%AE%D9%8A%D8%B1%D9%8A%D8%A9%20%D9%84%D8%AA%D8%AD%D9%81%D9%8A%D8%B8%20%D8%A7%D9%84%D9%82%D8%B1%D8%A2%D9%86%20%D8%A7%D9%84%D9%83%D8%B1%D9%8A%D9%85%20%D8%A8%D8%AC%D8%AF%D8%A9.png
Content-Length: 145464
last-modified: Tue, 28 Feb 2023 11:59:29 GMT
opc-request-id: jed-1:x6y54B6kVa_p3mbCwlDs9xhV28nsp3EEEDt-kQP-oJyBJEpI0-FI0Ro9b92auomX
x-api-id: s3-compatible
etag: "a475e60e978395efbd8933aad4778281"
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type: image/png
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-disposition,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-meta-mtime,x-amz-request-id,x-amz-version-id,x-api-id
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-meta-mtime: 1637667419

GET
H/1.1 200
OK v0tjqgimnvofu6ojhjoaj7gk2ye8
axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com/prod-donations-public-bucket/blobs/ 62 KB
63 KB 115ms
115ms Image
image/jpeg 134.70.100.3
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com/prod-donations-public-bucket/blobs/v0tjqgimnvofu6ojhjoaj7gk2ye8?response-content-disposition=inline%3B%20filename%3D%22%253F%253F%253F%253F%20%253F%253F%253F%253F%253F%20%253F%253F%253F%253F%253F%253F%253F.jpeg%22%3B%20filename%2A%3DUTF-8%27%27%25D8%25B4%25D8%25B9%25D8%25A7%25D8%25B1%2520%25D8%25AC%25D9%2585%25D8%25B9%25D9%258A%25D8%25A9%2520%25D8%25A7%25D9%2584%25D9%2585%25D8%25B3%25D8%25A7%25D8%25AC%25D8%25AF.jpeg&response-content-type=image%2Fjpeg&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=02d942b82132fed15df7a47ae9f090bf19fb0642%2F20230920%2Fme-jeddah-1%2Fs3%2Faws4_request&X-Amz-Date=20230920T223917Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=5a1a71fa53a96f558ce147f8159193dc60896b456c1a0ce8f9cfbe042c4e12da
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.70.100.3 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: e2770269b649c6185f24dc3952e46f090bf8e1b622abcfa747a8452d0bc665fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

x-amz-version-id: 366529e4-8313-472c-ac71-1d8326ced9d3
date: Wed, 20 Sep 2023 22:39:18 GMT
content-md5: qpNMBAVS3CdsztuWgJrj9g==
x-amz-request-id: jed-1:WnHCDcCx_YXzZ0qAwxpyTFZ-tMGviyqyL_NR5FP7dMCZlskq4r8LHqEUp1p9b2jt
content-disposition: inline; filename="%3F%3F%3F%3F %3F%3F%3F%3F%3F %3F%3F%3F%3F%3F%3F%3F.jpeg"; filename*=UTF-8''%D8%B4%D8%B9%D8%A7%D8%B1%20%D8%AC%D9%85%D8%B9%D9%8A%D8%A9%20%D8%A7%D9%84%D9%85%D8%B3%D8%A7%D8%AC%D8%AF.jpeg
Content-Length: 63449
last-modified: Fri, 05 May 2023 21:01:44 GMT
opc-request-id: jed-1:WnHCDcCx_YXzZ0qAwxpyTFZ-tMGviyqyL_NR5FP7dMCZlskq4r8LHqEUp1p9b2jt
x-api-id: s3-compatible
etag: "aa934c040552dc276ccedb96809ae3f6"
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-disposition,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-request-id,x-amz-version-id,x-api-id
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/?id=984362182168626&ev=Microdata&dl=https%3A%2F%2Fdonations.sa%2Fproject%2F877&rl=&if=false&ts=1695249558302&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D8%A7%D9%...
https://www.facebook.com/tr/?cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8...

0
31 B

19ms
19ms

Image
text/plain

2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&coo=false&dl=https%3A%2F%2Fdonations.sa%2Fproject%2F877&ec=1&es=automatic&ev=Microdata&fbp=fb.1.1695249556796.1527424496&id=984362182168626&if=false&it=1695249556639&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&tm=3&ts=1695249558302&v=2.9.127

Protocol

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 20 Sep 2023 22:39:18 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Redirect headers

pragma: no-cache
date: Wed, 20 Sep 2023 22:39:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
content-type: text/plain
location: /tr/?cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&coo=false&dl=https%3A%2F%2Fdonations.sa%2Fproject%2F877&ec=1&es=automatic&ev=Microdata&fbp=fb.1.1695249556796.1527424496&id=984362182168626&if=false&it=1695249556639&o=30&r=stable&redirect=0&rl=&rqm=GET&sh=1200&sw=1600&tm=3&ts=1695249558302&v=2.9.127
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

POST collect
region1.google-analytics.com/g/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MVKZZ4JFZZ&gtm=45je39i0&_p=525570306&cid=1485268901.1695249557&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=3&sid=1695249556&sct=1&seg=1&dl=https%3A%2F%2Fdonations.sa%2Fproject%2F877&dt=%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9&en=scroll&epn.percent_scrolled=90&_et=16

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 14:55:35	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.donations.sa/	1970-01-20 23:39:45	Name: _hjSessionUser_3277062 Value: eyJpZCI6ImQwODEyZDE5LWQyZWUtNTk1Yy05NmRlLWEwZTBmNTA5NzAzOSIsImNyZWF0ZWQiOjE2OTUyNDk1NTY0MzgsImV4aXN0aW5nIjpmYWxzZX0=
.donations.sa/	1970-01-20 14:54:11	Name: _hjFirstSeen Value: 1
.donations.sa/	1970-01-20 14:54:09	Name: _hjIncludedInSessionSample_3277062 Value: 0
.donations.sa/	1970-01-20 14:54:11	Name: _hjSession_3277062 Value: eyJpZCI6ImY4Zjc1ZTg3LWNjZTMtNDgyZi1hYTRkLTAyZjBlNmYyNDk2YiIsImNyZWF0ZWQiOjE2OTUyNDk1NTY0NzgsImluU2FtcGxlIjpmYWxzZX0=
.donations.sa/	1970-01-20 14:54:11	Name: _hjAbsoluteSessionInProgress Value: 1
.donations.sa/	1970-01-21 00:30:09	Name: _ga_ZDFST2V94E Value: GS1.1.1695249556.1.0.1695249556.60.0.0
.donations.sa/	1970-01-20 14:55:35	Name: _gid Value: GA1.2.573286715.1695249557
.donations.sa/	1970-01-20 14:54:09	Name: _gat_gtag_UA_166822255_1 Value: 1
.donations.sa/	1970-01-20 17:03:45	Name: _gcl_au Value: 1.1.975538381.1695249557
.donations.sa/	1970-01-20 14:54:09	Name: _dc_gtm_UA-166822255-1 Value: 1
.donations.sa/	1970-01-21 00:23:56	Name: _scid Value: e627305c-f72f-4db6-87e5-4a0cd7c58654
.donations.sa/	1970-01-20 17:03:45	Name: _fbp Value: fb.1.1695249556796.1527424496
.donations.sa/	1970-01-21 00:23:56	Name: _scid_r Value: e627305c-f72f-4db6-87e5-4a0cd7c58654
.donations.sa/	1970-01-21 00:30:09	Name: _ga Value: GA1.1.1485268901.1695249557
.donations.sa/	1970-01-21 00:30:09	Name: _ga_MVKZZ4JFZZ Value: GS1.1.1695249556.1.1.1695249556.0.0.0
.twitter.com/	1970-01-21 00:30:09	Name: guest_id_marketing Value: v1%3A169524955687111255
.twitter.com/	1970-01-21 00:30:09	Name: guest_id_ads Value: v1%3A169524955687111255
.twitter.com/	1970-01-21 00:30:09	Name: personalization_id Value: "v1_TCr0ejkBHpvDovRrf5o/DA=="
.twitter.com/	1970-01-21 00:30:09	Name: guest_id Value: v1%3A169524955687111255
.t.co/	1970-01-21 00:30:09	Name: muc_ads Value: a4fd05df-1a79-47b6-917b-5656cf7b8444
.snapchat.com/	1970-01-21 00:15:45	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIAgDsItIGHEazkGnV3C87YIXcWHIoI3csoojA/aTdLxwuzGTMZKc7R+RZ8VyMgAAAA==
.doubleclick.net/	1970-01-20 14:54:10	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.donations.sa
axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com
connect.facebook.net
donation-support.zendesk.com
donations.sa
ekr.zdassets.com
fonts.googleapis.com
googleads.g.doubleclick.net
region1.analytics.google.com
region1.google-analytics.com
sc-static.net
script.hotjar.com
static.ads-twitter.com
static.hotjar.com
static.zdassets.com
stats.g.doubleclick.net
t.co
tr.snapchat.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
region1.google-analytics.com
104.16.51.111
104.18.70.113
104.18.72.113
104.244.42.195
104.244.42.5
108.156.60.58
13.227.219.3
134.70.100.3
146.75.116.157
172.217.18.2
18.66.112.79
2001:4860:4802:34::36
2001:4860:4802:38::178
207.127.96.77
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2008
2a00:1450:4001:812::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:400c:c0c::9a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
35.190.43.134
54.192.87.248
02a747960fe7c155e79dbfcc060e2f854c55cb44215e271aa420a226d7f7dad1
03fecb606afa1785bbe52915817fe764db0b4f3007644cdd8cd55f134c363c32
043e371d4a512c450a215b9668a8b652e8149ff23eec2195decffb1ee134742e
045e45e82a5c14f5a72cba62a7f11e0a82ca77d438367a3bc98a698ca0b05759
061d8e496ea41b0008863b88049740079dbdad9bf3c31781f7a5fc624323007a
08b076171b517189af1f22c052d9314faf8d5992adac2f6e2112703672e29549
099aecc6e6609eb595e1d4649edd152e2fd58109afda4a612ecd9eba978d4a83
0d90069b88706826498a27b1ca465f4079e6a7e686ced494c82b8999010a5e2e
15ad2d6413f612c23c6b87f93b92ed9124986e950b809b8bd54f7a345e3c84bd
1885d31c4c4782e8356d4d8df25ed069bab1e520377498d26c91e1296ddb39d0
1d450631b020073cc1285c8b7dfa34593ba8b5eb2e9482a7e9e3891e06148346
1dc0b98a2d9f8873cd8bba1376b763a6f15b0f90993e0b7e00d35eba9b08e5e1
204e6440b76ac2a16900802185ad4c0b8b9c87b7e69ede0ad90c65e1828ccdb4
21244bacf0cd406e0c2b7742eb67f2c9ab4bb91e7ed5f9eb524308520f3a7694
235c916ed83ef708062ac22befe07f264fa426a08d7deb2d06e5ea4fc8d24697
26130d7c7b1b95a71729073b8afc240c3dec31aaa67ff2d4e7eb065bfb9db3a8
27628ae091cf34bb40b82a3061c7c112add19712286286846333e46713dea6e5
27f25e25548db93895cb1297ce29e3eda3c9dd19b9cb489531c3c6e72c25c124
28be27d04ce0ebac3fcd2862aa85bd45139b448cfa41647480b6a9f0180289e3
294fee2592fcd17a99abb7a2d42206ba16d53f5e723a399b48da5d968a646006
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2e0ad82330f539d6a7b21f48bad9d70af5ee1cdcf2abbabc3dc2ed9c2b9e7442
2f0c55d18635ef599631e6051edbc7b2205dcfd41dfe2f57f30a8ad35dd23df7
30fa8a0749dc0bb92c4288b4943ef149f7d78cd2bf12e2f8d85dd8b8e9a9934a
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
3afba0278000027442ccc792f53e973de2e0c1bbfdeef3999e52bc9a6b261f03
3ec0b8df59897ac5ea6a49beb181980c55eca17e05fac676ccec4877706ab36a
3f1debe1ac6066919736837125f1f35a225efcd0f56c5cf0a9a9b86b537d656a
3f3074ee77def4f5989b7916a4e069766c64b354aa48c622fdb08ab3a69b9a84
46b2fbd331a8a92a4591f8f3d708008d616b4015bdb08a9bb7287a993edbb7f1
47f2a76ad3b65df0396aeda0f0598804e347e4d82fb686f840c0a7fa96d62d50
4ad570868b8f1c173122fc83a75ff6ba5ff0b493cc1efd04d5c954c5555c87b8
4b649bd0733d0e2823f6895ab6d9443a7cb8d290f291a4f1e5d130a5f7232a6d
4c26780c3c620681ada032bd94f4f9b2a861fe5a9e9236b56ea7b8743e775c07
506bf502727bf7f6d04e2d89644915ca02e9be653639c9a8a99f650484e7c816
50bfee41764a3c7187c7270fbe10d3a63dda404b7fa65aaeeb79adb6f90af078
5973e900044b7ba7f027b9ff2d3657e3a36ffe467ca3b93a94a8dfffd9712de8
59878950d91ec1bfaf89e816b8e34520e3ce477f06ebac44dd6be668f370f2bb
5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7
5f88e83abd49a4b489750efbdf94cdac5a4d5f10eacd1142c755393eae43e3bf
63c6af93792a61982b7d9c578adbc9253db6ba03cb0363b48673e5a091ca1d81
66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b
6a58e48f4d19343df1d2a23fd1cac27a4b8b8c151b2f6919d00fdd90b4e411de
72c4f6732695498372e04875b8b916ea64ce6478cfe8e47649ddecf78761dbc5
74081f7f1484afd31b61d46b9d8b1539f2213cd695aa1788a0770925f0422dd2
773afca3f4a74ebf98d36934fe196ba6d2bfbf8f1f16f6e5950dc1d10bf6bade
7741efc17a8c3ca83bc702a8c2b351238cb2222fa29562ea501838410910df02
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87d29c78cbd6e6774671b07b512ffb14dfc2dc4fe512a5e1c4909df54fbaa2bf
8838edf59d534383bbed1cbfe3b65e01300ffa70171a5219094724d8963409ea
88c86cad531af25ec4d245348e0d09c5bc72ddbeded898d23a878bf06eca1851
88e6a43bcf4e5dbcbea1ef43c8170d6b9f34fb7221ba2386cc65a7b7aa85bac3
8bf9912b50f4833163aaa120988899b07a0969c12e9bf00121dbc9f626005485
8c9aa9a6f60be7eb2abf8bf2bdbf9f991709ef5b41a2a1ddc9c2a0e7c1e015b5
8d916586dfc524ef2bd907065a2f066dbe4994b52d2bff4533878f0095a2c593
8fe9228e8ed4c718c9c88bf5c7b035d0043f3ac9667962d90c1352eecaf145e9
900280cf188bec620bda3b04a4c276e5a2ee8cefd50291bf94ccdf9ef5e8b14f
92a63f3e20b95ce42b018ef035944109d7f6c877b6190d57bcf0d1a21c384a28
9311074c8ac69efb461ef9c3f6fadc79e9bba0695eb1b302831ec3f6c3f3693b
968c6fcac3e0e3e68dc963603ab6c958bdd38f0de1dbb1d9b4aa5cd5a16a2762
97d6fadc215c74f7c0742b9653d5c7743c09a71278f9614dc0d774a3b72f7bef
9889e03333527c0312e1de90af0f3b38a0dfa3709543ef7b3606d1a5f184e2d9
9920d0676fce2d3a4f80dee5fb41b92ab8bf5c07cd00e56ecd5fd06da27c133f
9af4dc042719cb34971bf7f7b3bd919e44bf622f6b14c4de5bf1b0de234c02d3
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a272e8baf743246bfecfccf0e186b404a765cda6121df9113c5be651ffb628b1
abe035119b659da2bc121046eba03d3d8bd2f212449adb2adb64102b4997cce0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b78be4c3aad16be931566668275f952ac4ef33a638c71b2fe1d6420b5259b71a
b7afb41c08a5f2e79cf1ef98d99863156c4887bf57f44250058c66462bf52084
b91492d44a545978056524ce910f5ecfc36001978a6cdf29ef2d837beee5b511
bbb3928757a16d75ffbe0335371c415d745b3003326b5d92526067ae5e5dde49
c1e0f3de0d74b71afc1c829b5fe13794dab875596d3dfe6ff4b49796e65cf275
c2c943793cbe241f60b49f7d29d002b6ed3cfe438a2a1a6d367cf5243526bb91
c5b55e1dbbff7d32090541404ffc611d3615f638cf591f53c4ff8c46fbc6eda0
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d74e4e013110890db5f47dda2599ff4ca433d7705aa73915710efa7fedf2ffc2
d8e3f695777148a697d183754990ce9ac6fb387d3ce57062fca438728582b0f2
dd6fcbce64c5f9ff581c3add894dcac7bde7f5605ea48cf152a98a4c232e388e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e20b4113f490c79fe88206fd2556c651f8c5529bef438d566d3319c53a88eab8
e2770269b649c6185f24dc3952e46f090bf8e1b622abcfa747a8452d0bc665fe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8c80820aa6a0a3bffab4bd83ca5c883d7bdfde75e99bc715ff5fa2aed648377
ebba02658e65406a3e2c22578966a4db79f3cdf269c34a47998b588b0540026d
ee1b48f80768c90788f2d5ad18b08ecf03018b34801e92a199084fd4c13519b5
eeaa0b020ab959147cf2be3829f127b354c30c4fc02e4c055443660e202089fd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0dbab6a7c19e880e91990af9be1cb8eee4bb8ce97bd98a1237aeff3a5ee3be7
f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92
f5cd7b64a89f67a152eb71279dbc465aa5c0204e67ff65d9cfa86c0f4ccac850
fb5a11b52ce1bce54d8fb83ab17294f18bd1caae07f5d6a6a6f5c77b7f9f5a89
fc848a30ac377327155f0e44e88cb199e180032b1ddbe1482505596b7d225b2b
fddb46ba7713e65fe80b841abc388d34ebcca8aa9de29659dd120ce70da32c50

donations.sa Open in urlscan Pro 207.127.96.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

124 Requests

98 %HTTPS

42 %IPv6

20 Domains

26 Subdomains

24 IPs

5 Countries

3406 kBTransfer

6374 kBSize

23 Cookies

3 Outgoing links

Page URL History

Redirected requests

124 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

donations.sa Open in urlscan Pro
207.127.96.77 Public Scan

Screenshot
Live screenshot

Full Image

124
Requests

98 %
HTTPS

42 %
IPv6

20
Domains

26
Subdomains

24
IPs

5
Countries

3406 kB
Transfer

6374 kB
Size

23
Cookies

124 HTTP transactions
0 data transactions