donations.sa Open in urlscan Pro
207.127.96.77 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://donations.sa/
Effective URL:
https://donations.sa/
Submission: On November 16 via api (November 16th 2023, 7:44:55 am UTC) from US — Scanned from DE

Summary HTTP 95 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 19 domains to perform 95 HTTP transactions. The main IP is 207.127.96.77, located in Eastern Province, Saudi Arabia and belongs to ORACLE-BMC-31898, US. The main domain is donations.sa.
TLS certificate: Issued by R3 on November 3rd 2023. Valid for: 3 months.

This is the only time donations.sa was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 46	207.127.96.77 207.127.96.77	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
8	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
1	18.65.39.84 18.65.39.84	() ()
1	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.207.250 143.204.207.250	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
5	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
4	104.16.53.111 104.16.53.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	134.70.100.3 134.70.100.3	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
95	22

46 207.127.96.77 (Eastern Province, Saudi Arabia) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

donations.sa	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.donations.sa	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.39.84 (United States)

ASN- ()
PTR: server-18-65-39-84.ams1.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.207.250 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-250.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.53.111 (None, )

ASN13335 (CLOUDFLARENET, US)

donation-support.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.70.100.3 (Eastern Province, Saudi Arabia)

ASN31898 (ORACLE-BMC-31898, US)

axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	donations.sa 1 redirects donations.sa api.donations.sa	603 KB
9	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2137 ekr.zdassets.com — Cisco Umbrella Rank: 2470	218 KB
5	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 874	1 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2462	21 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	403 KB
4	zendesk.com donation-support.zendesk.com	2 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6862	689 B
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	2 KB
4	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 727 script.hotjar.com — Cisco Umbrella Rank: 901	61 KB
1	oraclecloud.com axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com	335 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	186 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 747	723 B
1	t.co t.co — Cisco Umbrella Rank: 607	377 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145	2 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 713	15 KB
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1161	17 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
95	19

	Domain	Requested by
35	donations.sa	1 redirects donations.sa
11	api.donations.sa	donations.sa
8	static.zdassets.com	donations.sa static.zdassets.com
5	tr.snapchat.com	sc-static.net
5	www.googletagmanager.com	donations.sa www.googletagmanager.com www.google-analytics.com
4	donation-support.zendesk.com	static.zdassets.com
4	www.google.de
3	www.google.com	1 redirects
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	donations.sa connect.facebook.net
1	axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com
1	www.facebook.com
1	googleads.g.doubleclick.net	1 redirects
1	analytics.twitter.com
1	t.co
1	region1.analytics.google.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.ads-twitter.com	donations.sa
1	sc-static.net	donations.sa
1	ekr.zdassets.com	static.zdassets.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	donations.sa
1	fonts.googleapis.com	donations.sa
95	25

This site contains links to these domains. Also see Links.

Domain
wa.link
twitter.com
www.instagram.com
apps.apple.com
play.google.com

Subject Issuer	Validity	Valid
donations.sa R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
zdassets.com E1	`2023-10-23` - `2024-01-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sc-static.net Amazon RSA 2048 M02	`2023-01-20` - `2024-02-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-25` - `2023-11-23`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.snap.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
donation-support.zendesk.com Cloudflare Inc ECC CA-3	`2023-09-21` - `2024-09-20`	a year	crt.sh
*.compat.objectstorage.me-jeddah-1.oraclecloud.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-31` - `2024-08-31`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://donations.sa/
Frame ID: 895AA65831E2351E6C535612D2B5D188
Requests: 78 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js
Frame ID: D626060D14583C447B697626B055B931
Requests: 10 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=26ea1b98-9a08-47c1-a040-a7156b886142&u_scsid=c3041010-3860-414d-9c4d-70b7a3060ad1&u_sclid=facb8f9a-2ad5-4269-b95a-3d8fc965009a
Frame ID: DE3C531CB01BBE0A056E130AE2E21199
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

المنصة الوطنية للتبرعات | تبرع

Page URL History Show full URLs

http://donations.sa/ HTTP 301
https://donations.sa/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

95
Requests

99 %
HTTPS

43 %
IPv6

19
Domains

25
Subdomains

22
IPs

5
Countries

1771 kB
Transfer

4253 kB
Size

23
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://wa.link/7syi15

Search URL Search Domain Scan URL

URL: https://twitter.com/DonationsSA

Search URL Search Domain Scan URL

URL: https://www.instagram.com/DonationsSA

Search URL Search Domain Scan URL

URL: https://apps.apple.com/sa/app/%D8%AA%D8%A8%D8%B1%D8%B9/id1550578715

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.takamol.donations

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://donations.sa/ HTTP 301
https://donations.sa/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/340932350/?random=1658452972&cv=11&fst=1700120690905&bg=ffffff&guid=ON&async=1&gtm=45He3b81v892690771&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonations.sa%2F&label=70SVCOzusaYYEP7tyKIB&hn=www.googleadservices.com&frm=0&tiba=%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9&value=0&auid=577876579.1700120691&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=cshVZY2YPI6vgQethZe4CA&sscte=1&crd=&eitems=ChAIgPXRqgYQmbfSz9jul8MIEh0A-5dRF4-wnIOpK09XYHV49O0sGscgKI8al0QcJQ&pscrd=EkxDaEFJZ1BYUnFnWVEyTlRlMDcyMzZ2Z3RFaVVBbGtOUDRyRnhtZ3ZncjRRR19aa1k0VkpaUHF0S2hoRFF0NkNIc1BJcnhTODlCR1RZGldDaEFJZ1BYUnFnWVFuTmljdU1qUHlva2lFaTBBaExaRUZkZ19RZFV3SlpCQ3lSOXZvNjZ5X2VQTWg2Szgxb0hpbHJRVWE0ZnZaNmJmbzg5TWU4X0J6VVEiEwiNmfKOg8iCAxWOV-AKHa3CBYc HTTP 302
https://www.google.com/pagead/1p-conversion/340932350/?random=1658452972&cv=11&fst=1700120690905&bg=ffffff&guid=ON&async=1&gtm=45He3b81v892690771&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonations.sa%2F&label=70SVCOzusaYYEP7tyKIB&hn=www.googleadservices.com&frm=0&tiba=%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9&value=0&auid=577876579.1700120691&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ1BYUnFnWVEyTlRlMDcyMzZ2Z3RFaVVBbGtOUDRyRnhtZ3ZncjRRR19aa1k0VkpaUHF0S2hoRFF0NkNIc1BJcnhTODlCR1RZGldDaEFJZ1BYUnFnWVFuTmljdU1qUHlva2lFaTBBaExaRUZkZ19RZFV3SlpCQ3lSOXZvNjZ5X2VQTWg2Szgxb0hpbHJRVWE0ZnZaNmJmbzg5TWU4X0J6VVEiEwiNmfKOg8iCAxWOV-AKHa3CBYc&is_vtc=1&ocp_id=cshVZY2YPI6vgQethZe4CA&cid=CAQSGwDICaaNP4BvQ4-V3YCnDvXLf-PLKOQcvtNXxA&eitems=ChAIgPXRqgYQmbfSz9jul8MIEh0A-5dRF3fzOStWEpa0_UxLKi4UPQuJvBHV4sIfVQ&random=3198589054 HTTP 302
https://www.google.de/pagead/1p-conversion/340932350/?random=1658452972&cv=11&fst=1700120690905&bg=ffffff&guid=ON&async=1&gtm=45He3b81v892690771&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonations.sa%2F&label=70SVCOzusaYYEP7tyKIB&hn=www.googleadservices.com&frm=0&tiba=%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9&value=0&auid=577876579.1700120691&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ1BYUnFnWVEyTlRlMDcyMzZ2Z3RFaVVBbGtOUDRyRnhtZ3ZncjRRR19aa1k0VkpaUHF0S2hoRFF0NkNIc1BJcnhTODlCR1RZGldDaEFJZ1BYUnFnWVFuTmljdU1qUHlva2lFaTBBaExaRUZkZ19RZFV3SlpCQ3lSOXZvNjZ5X2VQTWg2Szgxb0hpbHJRVWE0ZnZaNmJmbzg5TWU4X0J6VVEiEwiNmfKOg8iCAxWOV-AKHa3CBYc&is_vtc=1&ocp_id=cshVZY2YPI6vgQethZe4CA&cid=CAQSGwDICaaNP4BvQ4-V3YCnDvXLf-PLKOQcvtNXxA&eitems=ChAIgPXRqgYQmbfSz9jul8MIEh0A-5dRF3fzOStWEpa0_UxLKi4UPQuJvBHV4sIfVQ&random=3198589054&ipr=y

95 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
donations.sa/
Redirect Chain

http://donations.sa/
https://donations.sa/

1 KB
932 B

373ms
108ms

Document
text/html

207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 104d4a361d63560abe63cfc7f47886ed6e235e9e8e3142b319e019ac7116d20e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
etag: W/"652e8884-5ee"
last-modified: Tue, 17 Oct 2023 13:13:40 GMT

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Thu, 16 Nov 2023 07:44:49 GMT
Location: https://donations.sa/
Server: nginx

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
1 KB 168ms
117ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Manrope:wght@400;600&display=swap

Requested by

Host: donations.sa
URL: https://donations.sa/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d916586dfc524ef2bd907065a2f066dbe4994b52d2bff4533878f0095a2c593

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 16 Nov 2023 07:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 07:44:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Nov 2023 07:44:49 GMT

GET
H2 200 chunk-vendors.e40f9d3a.js Show response
donations.sa/js/ 73 KB
30 KB 219ms
218ms Script
application/javascript 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/js/chunk-vendors.e40f9d3a.js
Requested by: Host: donations.sa
URL: https://donations.sa/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 506bf502727bf7f6d04e2d89644915ca02e9be653639c9a8a99f650484e7c816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cache-control: no-store, no-cache
content-encoding: gzip
last-modified: Thursday, 16-Nov-2023 07:44:49 GMT
content-type: application/javascript

GET
H2 200 app.b7df1a6a.js Show response
donations.sa/js/ 17 KB
7 KB 109ms
108ms Script
application/javascript 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/js/app.b7df1a6a.js
Requested by: Host: donations.sa
URL: https://donations.sa/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: e4cbc4de4e652eef113e1aeaba0d07f1cd5b1614ccc2a417bfa4ee90b8bf7d41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cache-control: no-store, no-cache
content-encoding: gzip
last-modified: Thursday, 16-Nov-2023 07:44:49 GMT
content-type: application/javascript

GET
H2 200 config.json Show response
donations.sa/ 698 B
847 B 108ms
108ms Fetch
application/json 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/config.json?timestamp=1700120689923
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.b7df1a6a.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 4abd45b86f270fe8beb279404d29f55da0395203a0234ab148f60198e19d0188

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
last-modified: Thursday, 16-Nov-2023 07:44:49 GMT
accept-ranges: bytes
content-length: 698
content-type: application/json

GET
H2 200 chunk-c69c665a.db27815b.css
donations.sa/css/ 202 KB
40 KB 112ms
111ms Stylesheet
text/css 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/css/chunk-c69c665a.db27815b.css
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.b7df1a6a.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 2cc4c71fe62365f5fbf70fa62eebc1d3f455aa59ec1d47950872a89d0ea34d31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-encoding: gzip
last-modified: Tue, 17 Oct 2023 13:13:40 GMT
etag: W/"652e8884-32862"
content-type: text/css

GET
H2 200 chunk-c69c665a.dd9a79fb.js Show response
donations.sa/js/ 827 KB
282 KB 110ms
110ms Script
application/javascript 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/js/chunk-c69c665a.dd9a79fb.js
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.b7df1a6a.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: abee12d834176dc817dc996208f6043e8637b83ad3918f1aef4fd5f73948c8b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cache-control: no-store, no-cache
content-encoding: gzip
last-modified: Thursday, 16-Nov-2023 07:44:50 GMT
content-type: application/javascript

GET
H2 200 hotjar-3277062.js Show response
static.hotjar.com/c/ 11 KB
5 KB 77ms
25ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3277062.js?sv=6

Requested by

Host: donations.sa
URL: https://donations.sa/js/chunk-c69c665a.dd9a79fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

c18fd562faf32efe55ed11271344d774fdf718ad764a35e5c44506564edb480a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:43:59 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 51
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/1f3abb1a0862915258b1a80fe3a8b1c4
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: w3vNUKEIKYFTtJOFyXaEgJbbvJ6-ryMYDK5WEDQY2iq0cGYDurI47Q==

GET
H2 200 chunk-bca1e516.bf899ed9.css
donations.sa/css/ 3 KB
870 B 112ms
111ms Stylesheet
text/css 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/css/chunk-bca1e516.bf899ed9.css
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.b7df1a6a.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 8c9aa9a6f60be7eb2abf8bf2bdbf9f991709ef5b41a2a1ddc9c2a0e7c1e015b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-encoding: gzip
last-modified: Tue, 17 Oct 2023 13:13:40 GMT
etag: W/"652e8884-bbf"
content-type: text/css

GET
H2 200 chunk-bca1e516.adc3a42d.js Show response
donations.sa/js/ 3 KB
2 KB 112ms
112ms Script
application/javascript 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/js/chunk-bca1e516.adc3a42d.js
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.b7df1a6a.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 74081f7f1484afd31b61d46b9d8b1539f2213cd695aa1788a0770925f0422dd2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cache-control: no-store, no-cache
content-encoding: gzip
last-modified: Thursday, 16-Nov-2023 07:44:50 GMT
content-type: application/javascript

GET
H2 200 icon-down.94278d0c.svg
donations.sa/img/ 467 B
572 B 112ms
110ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-down.94278d0c.svg
Requested by: Host: donations.sa
URL: https://donations.sa/css/chunk-c69c665a.db27815b.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 47f2a76ad3b65df0396aeda0f0598804e347e4d82fb686f840c0a7fa96d62d50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/css/chunk-c69c665a.db27815b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

last-modified: Tue, 17 Oct 2023 13:13:40 GMT
accept-ranges: bytes
etag: "652e8884-1d3"
content-length: 467
content-type: image/svg+xml

GET
H2 200 icon-language.2c28581d.svg
donations.sa/img/ 2 KB
2 KB 112ms
111ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-language.2c28581d.svg
Requested by: Host: donations.sa
URL: https://donations.sa/css/chunk-c69c665a.db27815b.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 099aecc6e6609eb595e1d4649edd152e2fd58109afda4a612ecd9eba978d4a83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/css/chunk-c69c665a.db27815b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

last-modified: Tue, 17 Oct 2023 13:13:40 GMT
accept-ranges: bytes
etag: "652e8884-735"
content-length: 1845
content-type: image/svg+xml

GET
H2 200 icon-app-store.62691038.svg
donations.sa/img/ 10 KB
10 KB 111ms
109ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-app-store.62691038.svg
Requested by: Host: donations.sa
URL: https://donations.sa/css/chunk-c69c665a.db27815b.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 9e594d5fb0bd95526d84ca4b89ee49fff34b81bc1ada06225ae62017a4f0bee5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/css/chunk-c69c665a.db27815b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

last-modified: Tue, 17 Oct 2023 13:13:40 GMT
accept-ranges: bytes
etag: "652e8884-274f"
content-length: 10063
content-type: image/svg+xml

GET
H2 200 icon-google-market.c52e030e.svg
donations.sa/img/ 5 KB
5 KB 112ms
111ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-google-market.c52e030e.svg
Requested by: Host: donations.sa
URL: https://donations.sa/css/chunk-c69c665a.db27815b.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 932231731d506ee6cc7a5283f51c4f6eb3f8437316aa3f3764becc4469fa42e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/css/chunk-c69c665a.db27815b.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

last-modified: Tue, 17 Oct 2023 13:13:40 GMT
accept-ranges: bytes
etag: "652e8884-12ab"
content-length: 4779
content-type: image/svg+xml

GET
H2 200 FrutigerLTArabic55Roman.d083de2a.woff2
donations.sa/fonts/ 47 KB
47 KB 113ms
112ms Font
font/woff2 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/fonts/FrutigerLTArabic55Roman.d083de2a.woff2
Requested by: Host: donations.sa
URL: https://donations.sa/css/chunk-c69c665a.db27815b.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: f5cd7b64a89f67a152eb71279dbc465aa5c0204e67ff65d9cfa86c0f4ccac850

Request headers

Referer: https://donations.sa/css/chunk-c69c665a.db27815b.css
Origin: https://donations.sa
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-encoding: gzip
last-modified: Tue, 17 Oct 2023 13:13:40 GMT
etag: W/"652e8884-ba48"
content-type: font/woff2

GET
H2 200 FrutigerLTArabic65Bold.ca4f07b5.woff2
donations.sa/fonts/ 45 KB
45 KB 112ms
111ms Font
font/woff2 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/fonts/FrutigerLTArabic65Bold.ca4f07b5.woff2
Requested by: Host: donations.sa
URL: https://donations.sa/css/chunk-c69c665a.db27815b.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: e8c80820aa6a0a3bffab4bd83ca5c883d7bdfde75e99bc715ff5fa2aed648377

Request headers

Referer: https://donations.sa/css/chunk-c69c665a.db27815b.css
Origin: https://donations.sa
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-encoding: gzip
last-modified: Tue, 17 Oct 2023 13:13:40 GMT
etag: W/"652e8884-b47c"
content-type: font/woff2

GET
H2 200 FrutigerLTArabic45Light.4da336bf.woff2
donations.sa/fonts/ 48 KB
48 KB 111ms
111ms Font
font/woff2 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/fonts/FrutigerLTArabic45Light.4da336bf.woff2
Requested by: Host: donations.sa
URL: https://donations.sa/css/chunk-c69c665a.db27815b.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 1dc0b98a2d9f8873cd8bba1376b763a6f15b0f90993e0b7e00d35eba9b08e5e1

Request headers

Referer: https://donations.sa/css/chunk-c69c665a.db27815b.css
Origin: https://donations.sa
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-encoding: gzip
last-modified: Tue, 17 Oct 2023 13:13:40 GMT
etag: W/"652e8884-c030"
content-type: font/woff2

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 88ms
35ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=faada610-2fed-4982-8e67-c819e3268784

Requested by

Host: donations.sa
URL: https://donations.sa/js/app.b7df1a6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:44:50 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: AENNNW4RTVV2KN9D
age: 39
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ULqr8Gt/e7TCEkuSp5UAhjxXjJP6/3z8RAZWCFhCJmu2LPko/1kucw0zJ0dJOUmsaCtiUWSSkb4=
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2Bqi%2BWoaWuDTYrcG1SmpH%2Fixq432wPyLEUGxfjTFiPPz7Lx%2BaABo5OYrUs%2FYYmWSaD123Nl4cjFv5iFqMmxfQJCQ0x4kFYo95GVY%2FNgQFtnHWgNXP8tCvgClg7JNEBchHFYnC2s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 826e1c6c7af237dd-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 85ms
37ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-166822255-1

Requested by

Host: donations.sa
URL: https://donations.sa/js/app.b7df1a6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3e949ebecc4d2cee3c50ef15adce743f6aadf32c2a9a3ff8bd1dbb964420e97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:44:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68692
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Nov 2023 07:44:50 GMT

GET
H2 200 gtag.js Show response
donations.sa/ 547 B
510 B 172ms
168ms Script
application/javascript 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/gtag.js
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.b7df1a6a.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 7741efc17a8c3ca83bc702a8c2b351238cb2222fa29562ea501838410910df02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cache-control: no-store, no-cache
content-encoding: gzip
last-modified: Thursday, 16-Nov-2023 07:44:50 GMT
content-type: application/javascript

GET
H2 200 pixel.js Show response
donations.sa/ 899 B
643 B 173ms
169ms Script
application/javascript 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/pixel.js
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.b7df1a6a.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 97d6fadc215c74f7c0742b9653d5c7743c09a71278f9614dc0d774a3b72f7bef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cache-control: no-store, no-cache
content-encoding: gzip
last-modified: Thursday, 16-Nov-2023 07:44:50 GMT
content-type: application/javascript

GET
H2 200 twitter.js Show response
donations.sa/ 297 B
354 B 173ms
170ms Script
application/javascript 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/twitter.js
Requested by: Host: donations.sa
URL: https://donations.sa/js/app.b7df1a6a.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 5f88e83abd49a4b489750efbdf94cdac5a4d5f10eacd1142c755393eae43e3bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cache-control: no-store, no-cache
content-encoding: gzip
last-modified: Thursday, 16-Nov-2023 07:44:50 GMT
content-type: application/javascript

GET
H2 200 logo-default-mobile.82d45164.svg
donations.sa/img/ 4 KB
5 KB 173ms
170ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/logo-default-mobile.82d45164.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 27628ae091cf34bb40b82a3061c7c112add19712286286846333e46713dea6e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

last-modified: Tue, 17 Oct 2023 13:13:40 GMT
accept-ranges: bytes
etag: "652e8884-11bb"
content-length: 4539
content-type: image/svg+xml

GET
H2 200 icon-whatsApp-green.f34ba70c.svg
donations.sa/img/ 1 KB
1 KB 174ms
171ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-whatsApp-green.f34ba70c.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 8838edf59d534383bbed1cbfe3b65e01300ffa70171a5219094724d8963409ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

last-modified: Tue, 17 Oct 2023 13:13:40 GMT
accept-ranges: bytes
etag: "652e8884-577"
content-length: 1399
content-type: image/svg+xml

GET
H2 200 icon-email-green.5b569f75.svg
donations.sa/img/ 778 B
882 B 172ms
169ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-email-green.5b569f75.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 02a747960fe7c155e79dbfcc060e2f854c55cb44215e271aa420a226d7f7dad1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

last-modified: Tue, 17 Oct 2023 13:13:40 GMT
accept-ranges: bytes
etag: "652e8884-30a"
content-length: 778
content-type: image/svg+xml

GET
H2 200 icon-twitter-green.656371e1.svg
donations.sa/img/ 858 B
963 B 173ms
170ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-twitter-green.656371e1.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 26130d7c7b1b95a71729073b8afc240c3dec31aaa67ff2d4e7eb065bfb9db3a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

last-modified: Tue, 17 Oct 2023 13:13:40 GMT
accept-ranges: bytes
etag: "652e8884-35a"
content-length: 858
content-type: image/svg+xml

GET
H2 200 icon-instagram-green.535e4b69.svg
donations.sa/img/ 2 KB
2 KB 174ms
171ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-instagram-green.535e4b69.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 900280cf188bec620bda3b04a4c276e5a2ee8cefd50291bf94ccdf9ef5e8b14f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

last-modified: Tue, 17 Oct 2023 13:13:40 GMT
accept-ranges: bytes
etag: "652e8884-7ac"
content-length: 1964
content-type: image/svg+xml

GET
H2 200 logo-mlsd.98b773d3.svg
donations.sa/img/ 1 KB
1 KB 174ms
171ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/logo-mlsd.98b773d3.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: b05d16b0570a045e6585fecc0fca5c711f3c14692f834924a0a92a4c0bacbd64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

last-modified: Tue, 17 Oct 2023 13:13:40 GMT
accept-ranges: bytes
etag: "652e8884-46d"
content-length: 1133
content-type: image/svg+xml

GET
H2 200 whatsapp.1b325f01.svg
donations.sa/img/ 2 KB
2 KB 174ms
172ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/whatsapp.1b325f01.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 7b68c3d10b17af73b10cfb49b0c23c9cb337eed958bd321094112d23487c72f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

last-modified: Tue, 17 Oct 2023 13:13:40 GMT
accept-ranges: bytes
etag: "652e8884-957"
content-length: 2391
content-type: image/svg+xml

GET
H2 200 icon-email.71ba5a07.svg
donations.sa/img/ 1 KB
1 KB 175ms
173ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-email.71ba5a07.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: d25815000c4a91a04519b7a003a9860ab3740e47e9cb9644eb45448c6e2d10e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

last-modified: Tue, 17 Oct 2023 13:13:40 GMT
accept-ranges: bytes
etag: "652e8884-457"
content-length: 1111
content-type: image/svg+xml

GET
H2 200 twitter.38391100.svg
donations.sa/img/ 662 B
767 B 176ms
174ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/twitter.38391100.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 177de03a7004f06f1812bc74d3d0a09f99707babd3bca119cd202326e6a46d68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

last-modified: Tue, 17 Oct 2023 13:13:40 GMT
accept-ranges: bytes
etag: "652e8884-296"
content-length: 662
content-type: image/svg+xml

GET
H2 200 instagram.6f0e8028.svg
donations.sa/img/ 3 KB
3 KB 174ms
172ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/instagram.6f0e8028.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: bcd9254a611ee3df78109c6c1d854fe3bcd984183068533b3e00d02eb71816f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

last-modified: Tue, 17 Oct 2023 13:13:40 GMT
accept-ranges: bytes
etag: "652e8884-b68"
content-length: 2920
content-type: image/svg+xml

GET
H2 200 footer-logo.1d512a9f.svg
donations.sa/img/ 5 KB
5 KB 175ms
173ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/footer-logo.1d512a9f.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 043e371d4a512c450a215b9668a8b652e8149ff23eec2195decffb1ee134742e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

last-modified: Tue, 17 Oct 2023 13:13:40 GMT
accept-ranges: bytes
etag: "652e8884-1461"
content-length: 5217
content-type: image/svg+xml

GET
H2 200 icon-whatsapp.6231a7b9.svg
donations.sa/img/ 2 KB
2 KB 176ms
175ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-whatsapp.6231a7b9.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 9311074c8ac69efb461ef9c3f6fadc79e9bba0695eb1b302831ec3f6c3f3693b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

last-modified: Tue, 17 Oct 2023 13:13:40 GMT
accept-ranges: bytes
etag: "652e8884-95a"
content-length: 2394
content-type: image/svg+xml

GET
H2 200 icon-email.f89d90c5.svg
donations.sa/img/ 778 B
882 B 173ms
172ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-email.f89d90c5.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 30fa8a0749dc0bb92c4288b4943ef149f7d78cd2bf12e2f8d85dd8b8e9a9934a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

last-modified: Tue, 17 Oct 2023 13:13:40 GMT
accept-ranges: bytes
etag: "652e8884-30a"
content-length: 778
content-type: image/svg+xml

GET
H2 200 icon-twitter.a1cc8de6.svg
donations.sa/img/ 880 B
985 B 175ms
174ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-twitter.a1cc8de6.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: e20b4113f490c79fe88206fd2556c651f8c5529bef438d566d3319c53a88eab8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

last-modified: Tue, 17 Oct 2023 13:13:40 GMT
accept-ranges: bytes
etag: "652e8884-370"
content-length: 880
content-type: image/svg+xml

GET
H2 200 icon-instagram.059bc311.svg
donations.sa/img/ 2 KB
2 KB 175ms
174ms Image
image/svg+xml 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donations.sa/img/icon-instagram.059bc311.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 6a58e48f4d19343df1d2a23fd1cac27a4b8b8c151b2f6919d00fdd90b4e411de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

last-modified: Tue, 17 Oct 2023 13:13:40 GMT
accept-ranges: bytes
etag: "652e8884-75e"
content-length: 1886
content-type: image/svg+xml

GET
H2 200 global_settings Show response
api.donations.sa/ 138 B
663 B 490ms
112ms XHR
application/json 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donations.sa/global_settings

Requested by

Host: donations.sa
URL: https://donations.sa/js/chunk-c69c665a.dd9a79fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

042834661753d2023db72f41309957d34f1ef93165e44433dcdfa89d5260900d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Language: ar

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: ee49a6f3-83ec-41a6-b613-c10f94c1b779
x-runtime: 0.003374
referrer-policy: strict-origin-when-cross-origin
etag: W/"042834661753d2023db72f41309957d3"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
vary: Origin
content-type: application/json; charset=utf-8
x-proxy-cache: HIT

GET
H2 200 modules.f9859f007fa31a6b8e2b.js Show response
script.hotjar.com/ 225 KB
56 KB 101ms
30ms Script
application/javascript 18.65.39.84

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.f9859f007fa31a6b8e2b.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3277062.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.65.39.84 , United States, ASN (),

Reverse DNS

server-18-65-39-84.ams1.r.cloudfront.net

Software

Resource Hash

34d58ee8dc6831f1cee0503cd43e30f6edad8ecb1317ffd9b9a9cf3f938846a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 11:32:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 c337a55bb25a3540411fbbf6c8ad1b46.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 72764
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56977
last-modified: Wed, 15 Nov 2023 11:31:43 GMT
etag: "f565829958ae806575cfc59590c1eb6e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: O_iz4RXgTDNsNUfq28zh6EUiP07QbSx_urp69DstMLx1s3mGHPGgkA==

GET
H2 200 faada610-2fed-4982-8e67-c819e3268784 Show response
ekr.zdassets.com/compose/ 1 KB
1 KB 255ms
193ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/faada610-2fed-4982-8e67-c819e3268784

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=faada610-2fed-4982-8e67-c819e3268784

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a49796fe9c240a197e32db4d7388e3a7d3f7290c2b25dece3a012de38a21f984

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:44:50 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 825460b03d02bb2c-SEA, 825460b03d02bb2c-SEA
x-runtime: 0.009813
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"a49796fe9c240a197e32db4d7388e3a7"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkYkuxYYjvVHmTcTK7bcLoiy9azWNVDowld9NxH955mYKHu6%2BO8%2Bjgy8vIRrY3vIWrsu%2FKSOJS85OHrifFHtbchvbW4quG7%2FhcsnAQ0T%2FKR5vZtVpY5U3rnO6e5YT0fmABs%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 826e1c6d1c863aa4-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
82 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZDFST2V94E&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-166822255-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f8fc9e1f5b20472667ccb155c644ae96aaa8c13beed97e505c91a27d4c3d63e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:44:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83641
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Nov 2023 07:44:50 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 256 KB
87 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PPBTDHC

Requested by

Host: donations.sa
URL: https://donations.sa/gtag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e02eff201fcbf7bba1565cd5f96a5fce8e005a25906066c3f7daafcba5236304

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:44:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 89345
x-xss-protection: 0
last-modified: Thu, 16 Nov 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Nov 2023 07:44:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 72ms
21ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-166822255-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 16 Nov 2023 05:49:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 6909
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 16 Nov 2023 07:49:41 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 39 KB
17 KB 87ms
39ms Script
application/javascript 143.204.207.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: donations.sa
URL: https://donations.sa/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.250 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-250.fra53.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1339d97cacf1c9e291a7b552e853a97abd2b294cdec06935e6f6ec0bbf4a0728

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:44:50 GMT
content-encoding: gzip
via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 16941
x-amz-cf-id: vCfz_B8rJiQv2tJP5i-XEn1hbCEDuCLL1mOmmCz5LgKuvOsm0V8I-A==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 72ms
22ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: donations.sa
URL: https://donations.sa/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 16 Nov 2023 07:44:50 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: V1+UOx67XMkbvQ5XIkhIdW/3C0DA1KxfTUrKd04GQKnx/iFEkFM+xs/hgr6BRdK/TrLqeEoqnmSdMpDqRAqFxg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 79ms
20ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: donations.sa
URL: https://donations.sa/twitter.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:44:50 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230137-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
83 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MVKZZ4JFZZ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPBTDHC

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3959acf5ea96e6364a9afa9b2c692ba2357de504cbb86d53abfebbc9967da81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:44:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85339
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Nov 2023 07:44:50 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/340932350/ 3 KB
2 KB 100ms
34ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/340932350/?random=1700120690905&cv=11&fst=1700120690905&bg=ffffff&guid=ON&async=1&gtm=45He3b81v892690771&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonations.sa%2F&label=70SVCOzusaYYEP7tyKIB&hn=www.googleadservices.com&frm=0&tiba=%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9&value=0&bttype=purchase&auid=577876579.1700120691&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PPBTDHC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

8f7d4727e18664a1630b0ed763eb2d3b18bb742cd30949f19f23c154717c068e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 07:44:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1653
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 76ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-ZDFST2V94E&gtm=45je3b81v9126415453&_p=1700120690797&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1746609932.1700120691&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1700120690&sct=1&seg=0&dl=https%3A%2F%2Fdonations.sa%2F&dt=%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2039
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZDFST2V94E&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 07:44:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donations.sa
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
57 B 86ms
27ms Ping
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-ZDFST2V94E&cid=1746609932.1700120691&gtm=45je3b81v9126415453&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZDFST2V94E&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 07:44:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donations.sa
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
409 B 90ms
40ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-ZDFST2V94E&cid=1746609932.1700120691&gtm=45je3b81v9126415453&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=188982539

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 07:44:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 27ms
27ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=109644619&t=pageview&_s=1&dl=https%3A%2F%2Fdonations.sa%2F&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1080531421&gjid=514852017&cid=1746609932.1700120691&tid=UA-166822255-1&_gid=609099451.1700120691&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1566209759

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 07:44:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donations.sa
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
84 B 27ms
26ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=109644619&t=pageview&_s=1&dl=https%3A%2F%2Fdonations.sa%2F&ul=en-us&de=UTF-8&dt=%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgUABAAAAACAAI~&jid=1478557082&gjid=2145705450&cid=1746609932.1700120691&tid=UA-166822255-1&_gid=609099451.1700120691&_slc=1&gtm=45He3b81n81PPBTDHCv892690771&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cd1=1&z=1454510705

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

ebba02658e65406a3e2c22578966a4db79f3cdf269c34a47998b588b0540026d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 07:44:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donations.sa
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 68ms
27ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-166822255-1&cid=1746609932.1700120691&jid=1478557082&gjid=2145705450&_gid=609099451.1700120691&_u=YCDAgUABAAAAAGAAI~&z=1260325849

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 16 Nov 2023 07:44:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donations.sa
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
377 B 182ms
133ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=317e5927-8c2d-491e-b4b4-83fdf7a3bae6&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=88100ced-13cb-475f-af6a-7934cf89bb90&tw_document_href=https%3A%2F%2Fdonations.sa%2F&tw_iframe_status=0&txn_id=o73ko&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time: 110
date: Thu, 16 Nov 2023 07:44:50 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: ee0e1934e2395ff2
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 84d990eb5857c528a6ac6ffc9afa7522199cf743e155d68ae4538fb82b328944
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
723 B 251ms
200ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=317e5927-8c2d-491e-b4b4-83fdf7a3bae6&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=88100ced-13cb-475f-af6a-7934cf89bb90&tw_document_href=https%3A%2F%2Fdonations.sa%2F&tw_iframe_status=0&txn_id=o73ko&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-response-time: 181
date: Thu, 16 Nov 2023 07:44:50 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 4de3ae67e20ba120
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: a9b2b4a7a28428007dcdcca18198eb2e322155e204c729fc6bfaa1c96c332ad1
content-length: 43

GET
H2 200 984362182168626 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 161ms
160ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/984362182168626?v=2.9.138&r=stable&domain=donations.sa

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

60b2fee8a57707f84798175c80d8087f0b303c918139b09873dd7a5c5ad2da81

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 16 Nov 2023 07:44:51 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: o3Yyn2t/nEJscVT1XzusddKdQdssztmZxHZe3PpgBYqRviI/U3eDsvN25kIdci27d9v2IY1S34olF3jrZm6IDA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 web-widget-main-0345ad6.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame D626 435 KB
136 KB 41ms
40ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=faada610-2fed-4982-8e67-c819e3268784

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c3391b3367fab5d69bc80c43ae6659dac469373c823a7f709147d48fad19bcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:44:51 GMT
x-amz-version-id: MAWFo55nmJzTCV22.OVVsjgzwIcuk5qx
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5NG07683BG19B9SP
age: 633832
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: vBelavEzM+F4Ko+4zGWcfhsix/dqnW0c5dM2hXHExsV321LPz971FRwckA88OeSALRfoF/dRz8w=
last-modified: Mon, 06 Nov 2023 00:52:49 GMT
server: cloudflare
etag: W/"9bf48d8c4bfd9e228c1cfc260b39519b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qgRQPOzWh%2FdJ3lUgFm7PJ%2FSJMs7DAhZVXrEv6zsda5eEhMHLOZ5GRkus9oPxqYMnciq3R7Qi2ivG5%2FyaHaWOVuuhLLayzrlIAT8CrLUBLd6v6JQb2gRqO9bJ5SPQ86AL8Vx3Cv0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 826e1c6ebd2837dd-FRA
expires: Tue, 05 Nov 2024 00:52:48 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
71 B 27ms
27ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-166822255-1&cid=1746609932.1700120691&jid=1080531421&gjid=514852017&_gid=609099451.1700120691&_u=YADAAUAAAAAAACAAI~&z=902457046

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 16 Nov 2023 07:44:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donations.sa
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
55 B 27ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MVKZZ4JFZZ&gtm=45je3b81v872230336z8892690771&_p=1700120690797&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1746609932.1700120691&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700120691&sct=1&seg=0&dl=https%3A%2F%2Fdonations.sa%2F&dt=%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9&en=page_view&_fv=1&_ss=1&tfd=2126
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MVKZZ4JFZZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 07:44:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donations.sa
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 239 KB
83 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZDFST2V94E&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c48be9f67c3ac7830457f2ccea07d32e1a8ec21f428c542b1113e788db15e458

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:44:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85399
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 16 Nov 2023 07:44:51 GMT

GET
H2 200 26ea1b98-9a08-47c1-a040-a7156b886142.js Show response
tr.snapchat.com/config/sa/ 171 B
445 B 154ms
38ms Script
application/javascript 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/config/sa/26ea1b98-9a08-47c1-a040-a7156b886142.js?v=3.4.19-2311140809

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

ef93413d0da3a26d74a45494349de1ceb7a95b8b3af5f264b2cb8cdbbfca598b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://donations.sa/
Origin: https://donations.sa
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:44:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: application/javascript
access-control-allow-origin: https://donations.sa
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 171

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame DE3C 0
202 B 142ms
29ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=26ea1b98-9a08-47c1-a040-a7156b886142&u_scsid=c3041010-3860-414d-9c4d-70b7a3060ad1&u_sclid=facb8f9a-2ad5-4269-b95a-3d8fc965009a

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://donations.sa/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Thu, 16 Nov 2023 07:44:51 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
55 B 28ms
25ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-MVKZZ4JFZZ&gtm=45je3b81v872230336z8892690771&_p=1700120690797&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1746609932.1700120691&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&sid=1700120691&sct=1&seg=1&dl=https%3A%2F%2Fdonations.sa%2F&dt=%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9&_s=2&tfd=2151
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MVKZZ4JFZZ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 07:44:51 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donations.sa
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
409 B 78ms
29ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-166822255-1&cid=1746609932.1700120691&jid=1478557082&_u=YCDAgUABAAAAAGAAI~&z=1058233367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 07:44:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
108 B 38ms
36ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-166822255-1&cid=1746609932.1700120691&jid=1478557082&_u=YCDAgUABAAAAAGAAI~&z=1058233367

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 07:44:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
108 B 78ms
30ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-166822255-1&cid=1746609932.1700120691&jid=1080531421&_u=YADAAUAAAAAAACAAI~&z=1066807081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 07:44:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
108 B 35ms
33ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-166822255-1&cid=1746609932.1700120691&jid=1080531421&_u=YADAAUAAAAAAACAAI~&z=1066807081

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 07:44:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/340932350/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/340932350/?random=1658452972&cv=11&fst=1700120690905&bg=ffffff&guid=ON&async=1&gtm=45He3b81v892690771&gcd=11l1l1l1l1&dma_cps=sypham&...
https://www.google.com/pagead/1p-conversion/340932350/?random=1658452972&cv=11&fst=1700120690905&bg=ffffff&guid=ON&async=1&gtm=45He3b81v892690771&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=12...
https://www.google.de/pagead/1p-conversion/340932350/?random=1658452972&cv=11&fst=1700120690905&bg=ffffff&guid=ON&async=1&gtm=45He3b81v892690771&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=120...

42 B
64 B

33ms
32ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/340932350/?random=1658452972&cv=11&fst=1700120690905&bg=ffffff&guid=ON&async=1&gtm=45He3b81v892690771&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonations.sa%2F&label=70SVCOzusaYYEP7tyKIB&hn=www.googleadservices.com&frm=0&tiba=%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9&value=0&auid=577876579.1700120691&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ1BYUnFnWVEyTlRlMDcyMzZ2Z3RFaVVBbGtOUDRyRnhtZ3ZncjRRR19aa1k0VkpaUHF0S2hoRFF0NkNIc1BJcnhTODlCR1RZGldDaEFJZ1BYUnFnWVFuTmljdU1qUHlva2lFaTBBaExaRUZkZ19RZFV3SlpCQ3lSOXZvNjZ5X2VQTWg2Szgxb0hpbHJRVWE0ZnZaNmJmbzg5TWU4X0J6VVEiEwiNmfKOg8iCAxWOV-AKHa3CBYc&is_vtc=1&ocp_id=cshVZY2YPI6vgQethZe4CA&cid=CAQSGwDICaaNP4BvQ4-V3YCnDvXLf-PLKOQcvtNXxA&eitems=ChAIgPXRqgYQmbfSz9jul8MIEh0A-5dRF3fzOStWEpa0_UxLKi4UPQuJvBHV4sIfVQ&random=3198589054&ipr=y

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Nov 2023 07:44:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Nov 2023 07:44:51 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/340932350/?random=1658452972&cv=11&fst=1700120690905&bg=ffffff&guid=ON&async=1&gtm=45He3b81v892690771&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fdonations.sa%2F&label=70SVCOzusaYYEP7tyKIB&hn=www.googleadservices.com&frm=0&tiba=%D8%A7%D9%84%D9%85%D9%86%D8%B5%D8%A9%20%D8%A7%D9%84%D9%88%D8%B7%D9%86%D9%8A%D8%A9%20%D9%84%D9%84%D8%AA%D8%A8%D8%B1%D8%B9%D8%A7%D8%AA%20%7C%20%D8%AA%D8%A8%D8%B1%D8%B9&value=0&auid=577876579.1700120691&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ1BYUnFnWVEyTlRlMDcyMzZ2Z3RFaVVBbGtOUDRyRnhtZ3ZncjRRR19aa1k0VkpaUHF0S2hoRFF0NkNIc1BJcnhTODlCR1RZGldDaEFJZ1BYUnFnWVFuTmljdU1qUHlva2lFaTBBaExaRUZkZ19RZFV3SlpCQ3lSOXZvNjZ5X2VQTWg2Szgxb0hpbHJRVWE0ZnZaNmJmbzg5TWU4X0J6VVEiEwiNmfKOg8iCAxWOV-AKHa3CBYc&is_vtc=1&ocp_id=cshVZY2YPI6vgQethZe4CA&cid=CAQSGwDICaaNP4BvQ4-V3YCnDvXLf-PLKOQcvtNXxA&eitems=ChAIgPXRqgYQmbfSz9jul8MIEh0A-5dRF3fzOStWEpa0_UxLKi4UPQuJvBHV4sIfVQ&random=3198589054&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 en-us-json-0345ad6.js Show response
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame D626 16 KB
3 KB 34ms
33ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7cb8909e7bd8908268de5793534d73028ccceed62364ef9d1b04bf1e40e41ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:44:51 GMT
x-amz-version-id: SVieg7ebyluTA_U51KpD8k4UW9CnNoR3
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4V5W2Q7RJ2XVY2AE
age: 627543
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: lByA2rdQsh4BEQjHFxOsk9dK9n/2W1sTVwCsDpSDzD2CncDFg3YNwYztgppKADvSYoAnLvDWRfLQIyNbDT0mTA==
last-modified: Mon, 06 Nov 2023 00:52:51 GMT
server: cloudflare
etag: W/"2d7a163ff937b4b9ea7ab13e6c8dfadf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARlLbClr%2FTpgvv2EsjsrFlC2JqjpPLLdlWQBM21Th7s8fCQYdNrNEI7XfdS2y%2BS6f7WrkV8yz2DrOrHUvXJPU6%2FKhonxGIdkqZojiMV3xW2TKdh%2FN9s%2Fr4%2BDEVqq9zxiSEOdSh4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 826e1c6f7dfa37dd-FRA
expires: Tue, 05 Nov 2024 00:52:50 GMT

GET
H2 200 web-widget-4852-0345ad6.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame D626 139 KB
47 KB 38ms
37ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:44:51 GMT
x-amz-version-id: LLGa90fsv7bQUGdN2N0k5kLPN0aE.36G
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5NGB01KW3BRT43XZ
age: 633832
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: LQZNTgqY1L0ACAf+WD7vnBZnk9RvSC7cBtg1A7zmkMrUHUPZMneUa1EGMUwWSOlCU5eK5oKKD6Q=
last-modified: Mon, 06 Nov 2023 00:52:49 GMT
server: cloudflare
etag: W/"ea51d3eb674c1f286144bbe26ba05c86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jm8HCd9LmuL8wF3qy5c%2FWj%2FI4CBXUPXaZ2g8rEOEK1cNsvRolIxpDtfx4XoMwNYNYFFrGjD43zSBrZZcw2DTRyILP6oDibzTZ6deLFuK7Vs2GwHWgSTXZdIMiYjjVhEkvAv4x14%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 826e1c6f7dfc37dd-FRA
expires: Tue, 05 Nov 2024 00:52:48 GMT

GET
H2 200 web-widget-519-0345ad6.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame D626 24 KB
8 KB 36ms
36ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-519-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:44:51 GMT
x-amz-version-id: c3fTu.1VTXTnJfTpV257t3CmA_E19Whc
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: B489Y0EH0VREEAT1
age: 368546
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: tW4oGHXNWcmTGJrP2G7VhjwZAqImn9omdZnC+SKHpwfElnMetRRau0HK+nOmHVPYoxT6NkcBPGY=
last-modified: Mon, 06 Nov 2023 00:52:49 GMT
server: cloudflare
etag: W/"1c9884a2069c7bec6b20dac62004eb1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TE7SuW6l%2FNlicVr58px4mwYMjUas7C76rNENYxvjLGh%2FL6F8nRVaAtLwgSL%2FOc86VdNf7rtLI37MVix%2FDKm41gmCWm9lyjDn9NFS0eYiBX3Yb4FEB3useyrzWsvfJMlcy5PCYFU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 826e1c6f7dfd37dd-FRA
expires: Tue, 05 Nov 2024 00:52:48 GMT

GET
H2 200 web-widget-5178-0345ad6.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame D626 24 KB
7 KB 32ms
31ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:44:51 GMT
x-amz-version-id: WUnw5FU0oRqazTz0z66hJW9BpnBWa3hS
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5NGEDWDDF7CRHGKQ
age: 278001
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Jj5JStxWhYlfR+eKgiItTIEYuvnL7SUb9iZuTn3At0SRbZIxBx2x22m4PUWxdi3pcyuX1bEPqHA=
last-modified: Mon, 06 Nov 2023 00:52:49 GMT
server: cloudflare
etag: W/"11034f049f5eef05b26ed292ac59e1fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOVQpohZftK1zJCxJN%2F258BOWbUI2Xjbs6wtezLick%2BC40jVJQLK0Xf6Wt4fWHdC9OieeV%2Bdn40sCBvafsor%2BzWwui4LOmtFRLDv%2BoZJ9FD0jvoHQoKTsmRTOs83BF7eP96%2Fbiw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 826e1c6f7dfe37dd-FRA
expires: Tue, 05 Nov 2024 00:52:48 GMT

GET
H2 200 web-widget-9535-0345ad6.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame D626 15 KB
6 KB 38ms
38ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0349bc9b3c076b695b88acbf7ef9f770cc1975608d83c51fde327c5e9df3e391

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:44:51 GMT
x-amz-version-id: Htn9g_potgdCgt0Ro1y4Ux_z.nUmgxGP
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5NG6ZBZNDHFNW9NW
age: 368552
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: tSaB2f1ex8mZSEUhD2z2Ko5AA2T1WHanP53UXhEyDdgyE5/zDXOabyumvM8lye7kLB+xrSDhkXYkKD+9bBzf+g==
last-modified: Mon, 06 Nov 2023 00:52:49 GMT
server: cloudflare
etag: W/"d46547a6c79c8800ac99ed5408528a12"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nB8i7o5ar1uKcPNfOSuN0P1PMT9pr7HsMjL7no%2BLw91dY6oofkQR11GxEK29%2BstgFqf80q5IVkXltMJMgbfCk0pTMnOuqn65jCKvkwF4kPjzMilsM%2FBsSuS8QVxyoax9OwLKVpE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 826e1c6f7e0137dd-FRA
expires: Tue, 05 Nov 2024 00:52:48 GMT

OPTIONS
H2 204 pv
donation-support.zendesk.com/frontendevents/ Frame 0
0 127ms
60ms Preflight 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donation-support.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://donations.sa
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 826e1c703a442c6a-FRA
date: Thu, 16 Nov 2023 07:44:51 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQ62jLfXxxZ4hi5Lw4hEKargrtWYZ0PWPNp1NuR7v7hze%2FoC1u%2F7yRb4gVex2f5Opw00HbSi40wt%2BGEu1XFWAeWQ77pFzYuZ7gF8NzWfjbhK7axBhr7pCORV9r0FBbTDco5CIToV0FW2geLV3%2FQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 826e1c703a442c6a-FRA
x-zendesk-zorg: yes

GET
H2 200 web-widget-1042-0345ad6.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame D626 9 KB
4 KB 30ms
30ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-1042-0345ad6.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3603c1b70bbb5f69696353195f595597b370aa748de49c89d3f9e0849417b0e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:44:51 GMT
x-amz-version-id: srx2.TON3tTnlekqxwltp6Bofd5J.n0v
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 4V5KQJ3K96PHM726
age: 633829
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: +p6DQo6Y0V5HWl4oT8sIuvHHj48Ak8j3Ips0U+7EHPqK3o93vrxR40YiqGCi5J9/PnGanbx2/rM=
last-modified: Mon, 06 Nov 2023 00:52:49 GMT
server: cloudflare
etag: W/"ccda88b7a74332005ad6bc303a284640"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGWKeW065rggeo84dtipPDiOZVHAf%2FSv%2FHvmONY%2Ft1G7B9tpUsusanSWRH0akfKVrTiXBNDOIXqV8gpaKdIVSPODE7tsWXNMzVpg0%2BlJOBIHxrislU9ggY%2FA5RWN0R%2BWVUt8m9E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 826e1c6fce6037dd-FRA
expires: Tue, 05 Nov 2024 00:52:48 GMT

POST
H2 200 pv
donation-support.zendesk.com/frontendevents/ Frame D626 0
0 55ms
54ms Fetch 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donation-support.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Nov 2023 07:44:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iqh0NA2F72RMV9xrE9BMRxymxXS1vPTEEiSc7TDr7XQkh9N8UGCGA1iAXv0Erm1MUb7qAF1pbf5Hjl2WhYc8iRi0K8xose2mtMdKenU3A0QiHLkxm5e%2BxYt3BjKaXPuoTYmpEIl6wL0IWtjYuy4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 826e1c709a9d2c6a-FRA
content-length: 0
x-request-id: 826e1c709a9d2c6a-FRA

GET
H2 200 config Show response
donation-support.zendesk.com/embeddable/ Frame D626 862 B
1 KB 143ms
77ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donation-support.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58a2880c1f9d4399006fdbee325276c88556285cf36acd8f8dc8042167a50a62

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:44:51 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-5d8899879d-wfh4n
x-cached: MISS
x-request-id: 826e1c703a462c6a-FRA
x-runtime: 0.002475
last-modified: Thu, 16 Nov 2023 07:08:31 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zYpH6deXzNI5TcTJmJsGbQ9C%2BacR%2BLrQWFhUMgrZXZXNV%2FLrD2Pktey1SYksgWhkGLCBcjiKXZCCDWbvyHHE%2FH5pVXo1mHHETwli7oBgJExmrT0HngFkdaKZLQnI5n14n2%2F3iy52kaL6I7rUmxk%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 826e1c703a462c6a-FRA

OPTIONS
H2 200 sections
api.donations.sa/ Frame 0
0 115ms
112ms Preflight 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://api.donations.sa/sections?section_type=LandingSection&view=landing_section
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-request-id
Access-Control-Request-Method: GET
Origin: https://donations.sa
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: x-request-id
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
access-control-max-age: 7200

OPTIONS
H2 200 projects_areas
api.donations.sa/ Frame 0
0 114ms
113ms Preflight 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://api.donations.sa/projects_areas
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-request-id
Access-Control-Request-Method: GET
Origin: https://donations.sa
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: x-request-id
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
access-control-max-age: 7200

OPTIONS
H2 200 widgets
api.donations.sa/ Frame 0
0 114ms
112ms Preflight 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://api.donations.sa/widgets
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-request-id
Access-Control-Request-Method: GET
Origin: https://donations.sa
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: x-request-id
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
access-control-max-age: 7200

OPTIONS
H2 200 available_proposes
api.donations.sa/projects/ Frame 0
0 114ms
113ms Preflight 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://api.donations.sa/projects/available_proposes
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-request-id
Access-Control-Request-Method: GET
Origin: https://donations.sa
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: x-request-id
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
access-control-max-age: 7200

GET
H2 200 sections Show response
api.donations.sa/ 1 KB
2 KB 112ms
111ms XHR
application/json 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donations.sa/sections?section_type=LandingSection&view=landing_section

Requested by

Host: donations.sa
URL: https://donations.sa/js/chunk-c69c665a.dd9a79fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

a8aa11e026ead5762ba13b3dbee9a5db8a9352af9a8c9a012a0da2f6ccd23b08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
x-request-id: ee49a6f3-83ec-41a6-b613-c10f94c1b779
Content-Language: ar

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: fbba2a2b-103a-4e9c-ac43-898bd544d011
x-runtime: 0.008574
referrer-policy: strict-origin-when-cross-origin
etag: W/"a8aa11e026ead5762ba13b3dbee9a5db"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
vary: Origin
content-type: application/json; charset=utf-8
x-proxy-cache: STALE

GET
H2 200 projects_areas Show response
api.donations.sa/ 29 B
555 B 114ms
114ms XHR
application/json 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donations.sa/projects_areas

Requested by

Host: donations.sa
URL: https://donations.sa/js/chunk-c69c665a.dd9a79fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

8bb856cc738122148d0412a90b1d28e53f43e44ad8ec760ca9ccace426835296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
x-request-id: ee49a6f3-83ec-41a6-b613-c10f94c1b779
Content-Language: ar

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: fbba2a2b-103a-4e9c-ac43-898bd544d011
x-runtime: 0.009663
referrer-policy: strict-origin-when-cross-origin
etag: W/"8bb856cc738122148d0412a90b1d28e5"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
vary: Origin
content-type: application/json; charset=utf-8
x-proxy-cache: STALE

GET
H2 200 widgets Show response
api.donations.sa/ 169 B
695 B 113ms
112ms XHR
application/json 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donations.sa/widgets

Requested by

Host: donations.sa
URL: https://donations.sa/js/chunk-c69c665a.dd9a79fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

8fd6cdac1799a538b560e029e901964bbacaad92f4bda2119e77e909f58a55ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
x-request-id: ee49a6f3-83ec-41a6-b613-c10f94c1b779
Content-Language: ar

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: fbba2a2b-103a-4e9c-ac43-898bd544d011
x-runtime: 0.833734
referrer-policy: strict-origin-when-cross-origin
etag: W/"8fd6cdac1799a538b560e029e901964b"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
vary: Origin
content-type: application/json; charset=utf-8
x-proxy-cache: STALE

GET
H2 200 available_proposes Show response
api.donations.sa/projects/ 97 B
624 B 113ms
113ms XHR
application/json 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donations.sa/projects/available_proposes

Requested by

Host: donations.sa
URL: https://donations.sa/js/chunk-c69c665a.dd9a79fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

d8e3f695777148a697d183754990ce9ac6fb387d3ce57062fca438728582b0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
x-request-id: ee49a6f3-83ec-41a6-b613-c10f94c1b779
Content-Language: ar

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: ee49a6f3-83ec-41a6-b613-c10f94c1b779
x-runtime: 0.029414
referrer-policy: strict-origin-when-cross-origin
etag: W/"d8e3f695777148a697d183754990ce9a"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
vary: Origin
content-type: application/json; charset=utf-8
x-proxy-cache: STALE

GET
H2 200 /
www.facebook.com/tr/ 0
186 B 66ms
20ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=984362182168626&ev=PageView&dl=https%3A%2F%2Fdonations.sa%2F&rl=&if=false&ts=1700120691175&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700120691174.534380569&ler=empty&it=1700120690977&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 16 Nov 2023 07:44:51 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 p
tr.snapchat.com/ 68 B
267 B 32ms
31ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=26ea1b98-9a08-47c1-a040-a7156b886142&ev=PAGE_VIEW&intg=gtm&u_hem=FFF7b7416ec1f35b8a794c92887c2c62529b2179b6fa911173803c59c0c463ba572&pids=26ea1b98-9a08-47c1-a040-a7156b886142&u_c1=d938a488-b320-4b9a-ab45-3abe08c226f0&u_sclid=facb8f9a-2ad5-4269-b95a-3d8fc965009a&u_scsid=c3041010-3860-414d-9c4d-70b7a3060ad1&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=1025&m_fcps=1699&m_pi=1025&m_pl=1025&m_pv=2&m_rd=2361&m_sh=1200&m_sl=1&m_sw=1600&pl=https%3A%2F%2Fdonations.sa%2F&trackId=a2297adf-bd66-440b-ac49-a3598aa0c222&ts=1700120691261&v=3.4.19-2311140809

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:44:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 200 p
tr.snapchat.com/ 68 B
307 B 30ms
30ms Image
image/png 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=26ea1b98-9a08-47c1-a040-a7156b886142&ev=PAGE_VIEW&intg=gtm&u_hem=FFF7b7416ec1f35b8a794c92887c2c62529b2179b6fa911173803c59c0c463ba572&pids=26ea1b98-9a08-47c1-a040-a7156b886142&u_c1=d938a488-b320-4b9a-ab45-3abe08c226f0&u_sclid=facb8f9a-2ad5-4269-b95a-3d8fc965009a&u_scsid=c3041010-3860-414d-9c4d-70b7a3060ad1&bt=1d53c387&d_bvs=%5B%5D&df=true&huah=true&m_dcl=1025&m_fcps=1699&m_pi=1025&m_pl=1025&m_pv=2&m_rd=2362&m_sh=1200&m_sl=1&m_sw=1600&pl=https%3A%2F%2Fdonations.sa%2F&trackId=81d4acb5-5a12-4522-9e15-4f79ddd2a227&ts=1700120691262&v=3.4.19-2311140809

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:44:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68

GET
H2 200 63957888c5a8c40105218fef Show response
donation-support.zendesk.com/embeddable/campaigns/ Frame D626 904 B
778 B 76ms
76ms Fetch
application/json 104.16.53.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://donation-support.zendesk.com/embeddable/campaigns/63957888c5a8c40105218fef
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-0345ad6.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbb3928757a16d75ffbe0335371c415d745b3003326b5d92526067ae5e5dde49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 07:44:51 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-5d8899879d-fqtg2
x-cached: MISS
x-request-id: 826e1c707a812c6a-FRA
x-runtime: 0.001912
last-modified: Sat, 11 Nov 2023 07:33:09 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZefzjHJhLfzOv2xlNc2FL1gZfPKoI%2F36XkuC2IgI5pKFb8TJXc5vxBKIPl8eSxZCrYAsEA2dQKUd5JWB%2BmZMOu49uyEvs0mjtvU2f6JdWviH4cb0zSKig49OJCj9Inm7g2%2FHa2CdyM7YVEjGj5Q%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: max-age=15, public, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 826e1c707a812c6a-FRA

GET
H/1.1 200
OK bsvy4cs3aro88vl74rvubj2l8qeq
axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com/prod-donations-public-bucket/blobs/ 334 KB
335 KB 790ms
240ms Image
image/png 134.70.100.3
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com/prod-donations-public-bucket/blobs/bsvy4cs3aro88vl74rvubj2l8qeq?response-content-disposition=inline%3B%20filename%3D%22home-bg.png%22%3B%20filename%2A%3DUTF-8%27%27home-bg.png&response-content-type=image%2Fpng&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=02d942b82132fed15df7a47ae9f090bf19fb0642%2F20231116%2Fme-jeddah-1%2Fs3%2Faws4_request&X-Amz-Date=20231116T074239Z&X-Amz-Expires=300&X-Amz-SignedHeaders=host&X-Amz-Signature=4474b2abcc4181961ab7a98bc56d9d7e514f844b74ea4117600a3ed30f7084dc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.70.100.3 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 63351e7ebeb6ed0fcbc90371d501babcdf6b8e4f74b4ed29c6cc02efb19a7a8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donations.sa/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: 9d98a79d-1ab1-44bc-ae59-cff40585c433
date: Thu, 16 Nov 2023 07:44:52 GMT
content-md5: piMZKyH4Yblv/Xt/RlO6qg==
x-amz-request-id: jed-1:2BsFIOhXZHwGMKZnPD3GyPgl07wuA2EYCz3zn8iAxnEdPMIoN6mv_ydeS3ezwVP-
content-disposition: inline; filename="home-bg.png"; filename*=UTF-8''home-bg.png
Content-Length: 341789
last-modified: Sun, 05 Mar 2023 08:29:50 GMT
opc-request-id: jed-1:2BsFIOhXZHwGMKZnPD3GyPgl07wuA2EYCz3zn8iAxnEdPMIoN6mv_ydeS3ezwVP-
x-api-id: s3-compatible
etag: "a623192b21f861b96ffd7b7f4653baaa"
access-control-allow-methods: POST,PUT,GET,HEAD,DELETE,OPTIONS
Content-Type: image/png
access-control-allow-origin: *
access-control-expose-headers: accept-ranges,access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,content-disposition,content-length,content-md5,content-type,date,etag,last-modified,opc-client-info,opc-request-id,x-amz-request-id,x-amz-version-id,x-api-id
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 random_projects Show response
api.donations.sa/ 2 KB
3 KB 111ms
110ms XHR
application/json 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://api.donations.sa/random_projects

Requested by

Host: donations.sa
URL: https://donations.sa/js/chunk-c69c665a.dd9a79fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

1d87adffcd5ad05f478669ccd2fd7b57fcad8b75acd90ebc1bd6ad6a78e528f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
x-request-id: ee49a6f3-83ec-41a6-b613-c10f94c1b779
Content-Language: ar

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: fbba2a2b-103a-4e9c-ac43-898bd544d011
x-runtime: 0.744427
referrer-policy: strict-origin-when-cross-origin
etag: W/"1d87adffcd5ad05f478669ccd2fd7b57"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
vary: Origin
content-type: application/json; charset=utf-8
x-proxy-cache: STALE

OPTIONS
H2 200 random_projects
api.donations.sa/ Frame 0
0 114ms
114ms Preflight 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://api.donations.sa/random_projects
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-request-id
Access-Control-Request-Method: GET
Origin: https://donations.sa
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: x-request-id
access-control-allow-methods: GET, PATCH, PUT, DELETE, POST, OPTIONS, SHOW
access-control-allow-origin: https://donations.sa
access-control-expose-headers: authorization, x-request-id
access-control-max-age: 7200

POST
H3 200 p
tr.snapchat.com/ 0
15 B 34ms
34ms Ping
text/plain 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://donations.sa/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 16 Nov 2023 07:44:51 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
access-control-allow-origin: https://donations.sa
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 frutigerltarabic75black.0e9973ce.woff2
donations.sa/fonts/ 44 KB
45 KB 111ms
111ms Font
font/woff2 207.127.96.77
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://donations.sa/fonts/frutigerltarabic75black.0e9973ce.woff2
Requested by: Host: donations.sa
URL: https://donations.sa/css/chunk-c69c665a.db27815b.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.127.96.77 Eastern Province, Saudi Arabia, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 0d90069b88706826498a27b1ca465f4079e6a7e686ced494c82b8999010a5e2e

Request headers

Referer: https://donations.sa/css/chunk-c69c665a.db27815b.css
Origin: https://donations.sa
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-encoding: gzip
last-modified: Tue, 17 Oct 2023 13:13:40 GMT
etag: W/"652e8884-b18c"
content-type: font/woff2

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 16:16:47	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.donations.sa/	1970-01-21 01:00:56	Name: _hjSessionUser_3277062 Value: eyJpZCI6IjU2MjE3ODYzLTk0YTctNTkwOC1iZjFiLTIyMTVmNGJhMGYwNyIsImNyZWF0ZWQiOjE3MDAxMjA2OTA3NzIsImV4aXN0aW5nIjpmYWxzZX0=
.donations.sa/	1970-01-20 16:15:22	Name: _hjFirstSeen Value: 1
.donations.sa/	1970-01-20 16:15:22	Name: _hjIncludedInSessionSample_3277062 Value: 0
.donations.sa/	1970-01-20 16:15:22	Name: _hjSession_3277062 Value: eyJpZCI6IjZlMTQ5YTVlLTJlYjktNDY3Ny05M2VhLTFlNzRlODhjYzA1NSIsImNyZWF0ZWQiOjE3MDAxMjA2OTA3NzQsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6dHJ1ZX0=
.donations.sa/	1970-01-20 16:15:22	Name: _hjAbsoluteSessionInProgress Value: 0
.donations.sa/	1970-01-20 18:24:56	Name: _gcl_au Value: 1.1.577876579.1700120691
.donations.sa/	1970-01-21 01:51:20	Name: _ga_ZDFST2V94E Value: GS1.1.1700120690.1.0.1700120690.60.0.0
.donations.sa/	1970-01-20 16:16:47	Name: _gid Value: GA1.2.609099451.1700120691
.donations.sa/	1970-01-20 16:15:20	Name: _gat_gtag_UA_166822255_1 Value: 1
.donations.sa/	1970-01-20 16:15:20	Name: _dc_gtm_UA-166822255-1 Value: 1
.donations.sa/	1970-01-21 01:45:07	Name: _scid Value: d938a488-b320-4b9a-ab45-3abe08c226f0
.donations.sa/	1970-01-21 01:45:07	Name: _scid_r Value: d938a488-b320-4b9a-ab45-3abe08c226f0
.donations.sa/	1970-01-21 01:51:20	Name: _ga Value: GA1.1.1746609932.1700120691
.donations.sa/	1970-01-21 01:51:20	Name: _ga_MVKZZ4JFZZ Value: GS1.1.1700120691.1.1.1700120691.0.0.0
.doubleclick.net/	1970-01-20 16:15:21	Name: test_cookie Value: CheckForPermission
.t.co/	1970-01-21 01:51:20	Name: muc_ads Value: ebaa2a45-d3ec-440b-a9fa-282729ae11a6
.donations.sa/	1970-01-20 18:24:56	Name: _fbp Value: fb.1.1700120691174.534380569
.twitter.com/	1970-01-21 01:51:20	Name: guest_id_marketing Value: v1%3A170012069107651678
.twitter.com/	1970-01-21 01:51:20	Name: guest_id_ads Value: v1%3A170012069107651678
.twitter.com/	1970-01-21 01:51:20	Name: personalization_id Value: "v1_r6onx/IHnF94xNFl6vTq6g=="
.twitter.com/	1970-01-21 01:51:20	Name: guest_id Value: v1%3A170012069107651678
.snapchat.com/	1970-01-21 01:36:56	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgRUAIAQFwIm895XCOBWmMHx35bxswGiGHJIZRZ6phFvnie5Qe92sAA9s58YHmn08KDIAAAA=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.donations.sa
axyoc73bayij.compat.objectstorage.me-jeddah-1.oraclecloud.com
connect.facebook.net
donation-support.zendesk.com
donations.sa
ekr.zdassets.com
fonts.googleapis.com
googleads.g.doubleclick.net
region1.analytics.google.com
region1.google-analytics.com
sc-static.net
script.hotjar.com
static.ads-twitter.com
static.hotjar.com
static.zdassets.com
stats.g.doubleclick.net
t.co
tr.snapchat.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.16.53.111
104.18.70.113
104.18.72.113
104.244.42.5
104.244.42.67
134.70.100.3
143.204.207.250
146.75.116.157
172.217.16.194
18.65.39.84
18.66.97.10
2001:4860:4802:34::36
207.127.96.77
2a00:1450:4001:806::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2004
2a00:1450:400c:c0a::9c
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
35.190.43.134
02a747960fe7c155e79dbfcc060e2f854c55cb44215e271aa420a226d7f7dad1
0349bc9b3c076b695b88acbf7ef9f770cc1975608d83c51fde327c5e9df3e391
042834661753d2023db72f41309957d34f1ef93165e44433dcdfa89d5260900d
043e371d4a512c450a215b9668a8b652e8149ff23eec2195decffb1ee134742e
099aecc6e6609eb595e1d4649edd152e2fd58109afda4a612ecd9eba978d4a83
0d90069b88706826498a27b1ca465f4079e6a7e686ced494c82b8999010a5e2e
104d4a361d63560abe63cfc7f47886ed6e235e9e8e3142b319e019ac7116d20e
1339d97cacf1c9e291a7b552e853a97abd2b294cdec06935e6f6ec0bbf4a0728
177de03a7004f06f1812bc74d3d0a09f99707babd3bca119cd202326e6a46d68
1d87adffcd5ad05f478669ccd2fd7b57fcad8b75acd90ebc1bd6ad6a78e528f1
1dc0b98a2d9f8873cd8bba1376b763a6f15b0f90993e0b7e00d35eba9b08e5e1
26130d7c7b1b95a71729073b8afc240c3dec31aaa67ff2d4e7eb065bfb9db3a8
27628ae091cf34bb40b82a3061c7c112add19712286286846333e46713dea6e5
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c3391b3367fab5d69bc80c43ae6659dac469373c823a7f709147d48fad19bcf
2cc4c71fe62365f5fbf70fa62eebc1d3f455aa59ec1d47950872a89d0ea34d31
30fa8a0749dc0bb92c4288b4943ef149f7d78cd2bf12e2f8d85dd8b8e9a9934a
34d58ee8dc6831f1cee0503cd43e30f6edad8ecb1317ffd9b9a9cf3f938846a8
3603c1b70bbb5f69696353195f595597b370aa748de49c89d3f9e0849417b0e5
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917
47f2a76ad3b65df0396aeda0f0598804e347e4d82fb686f840c0a7fa96d62d50
4abd45b86f270fe8beb279404d29f55da0395203a0234ab148f60198e19d0188
506bf502727bf7f6d04e2d89644915ca02e9be653639c9a8a99f650484e7c816
58a2880c1f9d4399006fdbee325276c88556285cf36acd8f8dc8042167a50a62
5d0142e7dd8eee7b1776ce44b79a5aa7b292d3a509bae832fb438afb2534bbc7
5f88e83abd49a4b489750efbdf94cdac5a4d5f10eacd1142c755393eae43e3bf
60b2fee8a57707f84798175c80d8087f0b303c918139b09873dd7a5c5ad2da81
63351e7ebeb6ed0fcbc90371d501babcdf6b8e4f74b4ed29c6cc02efb19a7a8e
6a58e48f4d19343df1d2a23fd1cac27a4b8b8c151b2f6919d00fdd90b4e411de
74081f7f1484afd31b61d46b9d8b1539f2213cd695aa1788a0770925f0422dd2
7741efc17a8c3ca83bc702a8c2b351238cb2222fa29562ea501838410910df02
7b68c3d10b17af73b10cfb49b0c23c9cb337eed958bd321094112d23487c72f6
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8838edf59d534383bbed1cbfe3b65e01300ffa70171a5219094724d8963409ea
8bb856cc738122148d0412a90b1d28e53f43e44ad8ec760ca9ccace426835296
8c9aa9a6f60be7eb2abf8bf2bdbf9f991709ef5b41a2a1ddc9c2a0e7c1e015b5
8d916586dfc524ef2bd907065a2f066dbe4994b52d2bff4533878f0095a2c593
8f7d4727e18664a1630b0ed763eb2d3b18bb742cd30949f19f23c154717c068e
8f8fc9e1f5b20472667ccb155c644ae96aaa8c13beed97e505c91a27d4c3d63e
8fd6cdac1799a538b560e029e901964bbacaad92f4bda2119e77e909f58a55ad
900280cf188bec620bda3b04a4c276e5a2ee8cefd50291bf94ccdf9ef5e8b14f
9311074c8ac69efb461ef9c3f6fadc79e9bba0695eb1b302831ec3f6c3f3693b
932231731d506ee6cc7a5283f51c4f6eb3f8437316aa3f3764becc4469fa42e6
97d6fadc215c74f7c0742b9653d5c7743c09a71278f9614dc0d774a3b72f7bef
9e594d5fb0bd95526d84ca4b89ee49fff34b81bc1ada06225ae62017a4f0bee5
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a49796fe9c240a197e32db4d7388e3a7d3f7290c2b25dece3a012de38a21f984
a8aa11e026ead5762ba13b3dbee9a5db8a9352af9a8c9a012a0da2f6ccd23b08
abee12d834176dc817dc996208f6043e8637b83ad3918f1aef4fd5f73948c8b0
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b05d16b0570a045e6585fecc0fca5c711f3c14692f834924a0a92a4c0bacbd64
bbb3928757a16d75ffbe0335371c415d745b3003326b5d92526067ae5e5dde49
bcd9254a611ee3df78109c6c1d854fe3bcd984183068533b3e00d02eb71816f2
c18fd562faf32efe55ed11271344d774fdf718ad764a35e5c44506564edb480a
c48be9f67c3ac7830457f2ccea07d32e1a8ec21f428c542b1113e788db15e458
c7cb8909e7bd8908268de5793534d73028ccceed62364ef9d1b04bf1e40e41ad
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d25815000c4a91a04519b7a003a9860ab3740e47e9cb9644eb45448c6e2d10e9
d8e3f695777148a697d183754990ce9ac6fb387d3ce57062fca438728582b0f2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e02eff201fcbf7bba1565cd5f96a5fce8e005a25906066c3f7daafcba5236304
e20b4113f490c79fe88206fd2556c651f8c5529bef438d566d3319c53a88eab8
e3959acf5ea96e6364a9afa9b2c692ba2357de504cbb86d53abfebbc9967da81
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e949ebecc4d2cee3c50ef15adce743f6aadf32c2a9a3ff8bd1dbb964420e97
e4cbc4de4e652eef113e1aeaba0d07f1cd5b1614ccc2a417bfa4ee90b8bf7d41
e8c80820aa6a0a3bffab4bd83ca5c883d7bdfde75e99bc715ff5fa2aed648377
ebba02658e65406a3e2c22578966a4db79f3cdf269c34a47998b588b0540026d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef93413d0da3a26d74a45494349de1ceb7a95b8b3af5f264b2cb8cdbbfca598b
f5936ea748776aa9d35f5e748d18c78366ef81a770699ca8765457ba8717fd92
f5cd7b64a89f67a152eb71279dbc465aa5c0204e67ff65d9cfa86c0f4ccac850

donations.sa Open in urlscan Pro 207.127.96.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

95 Requests

99 %HTTPS

43 %IPv6

19 Domains

25 Subdomains

22 IPs

5 Countries

1771 kBTransfer

4253 kBSize

23 Cookies

5 Outgoing links

Page URL History

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

donations.sa Open in urlscan Pro
207.127.96.77 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

99 %
HTTPS

43 %
IPv6

19
Domains

25
Subdomains

22
IPs

5
Countries

1771 kB
Transfer

4253 kB
Size

23
Cookies

95 HTTP transactions
0 data transactions