urlscan.io logo urlscan.io
SecurityTrails logo

zbieramyrazem.org Open in urlscan Pro
212.91.26.112  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://fundacjadzieciom.org/index.php?option=com_acym&ctrl=fronturl&task=click&urlid=216&userid=3216728&mailid=109
Effective URL: https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_...
Submission: On March 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 7 domains to perform 27 HTTP transactions. The main IP is 212.91.26.112, located in Elblag, Poland and belongs to ATMAN-ISP-AS ATM S.A., PL. The main domain is zbieramyrazem.org.
TLS certificate: Issued by R3 on March 19th 2022. Valid for: 3 months.
This is the only time zbieramyrazem.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 89.161.184.12 12824 (HOMEPL-AS)
22 212.91.26.112 15694 (ATMAN-ISP...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
27 5
1    89.161.184.12 (Poland)

ASN12824 (HOMEPL-AS, PL)
PTR: cloudserver034556.home.pl
fundacjadzieciom.org
22    212.91.26.112 (Elblag, Poland)

ASN15694 (ATMAN-ISP-AS ATM S.A., PL)
PTR: web46.mydevil.net
zbieramyrazem.org
fundacja.flexisoft2.usermd.net
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c03::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Apex Domain
Subdomains		 Transfer
21 zbieramyrazem.org
zbieramyrazem.org
404 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6433
501 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
444 B
1 usermd.net
fundacja.flexisoft2.usermd.net
38 KB
1 fundacjadzieciom.org
fundacjadzieciom.org
538 B
27 7
Domain Requested by
21 zbieramyrazem.org zbieramyrazem.org
2 www.google-analytics.com zbieramyrazem.org
www.google-analytics.com
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 fundacja.flexisoft2.usermd.net zbieramyrazem.org
1 fundacjadzieciom.org 1 redirects
27 7

This site contains links to these domains. Also see Links.

Domain
pit.zbieramyrazem.org
www.facebook.com
pl-pl.facebook.com
twitter.com
pl.linkedin.com
Subject Issuer Validity Valid
zbieramyrazem.org
R3		 2022-03-19 -
2022-06-17		 3 months crt.sh
fundacja.flexisoft2.usermd.net
R3		 2022-02-28 -
2022-05-29		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
Frame ID: 9C7AC174969B2C0E3B10A03ABCE3C685
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Uciekła od wojny, a teraz choroba niszczy jej dzieciństwo- Fundacja Zbieramy Razem

Page URL History Show full URLs

  1. https://fundacjadzieciom.org/index.php?option=com_acym&ctrl=fronturl&task=click&urlid=216&userid=3216728&... HTTP 303
    https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_sourc... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

27
Requests

100 %
HTTPS

67 %
IPv6

7
Domains

7
Subdomains

5
IPs

3
Countries

464 kB
Transfer

1067 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://fundacjadzieciom.org/index.php?option=com_acym&ctrl=fronturl&task=click&urlid=216&userid=3216728&mailid=109 HTTP 303
    https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie
zbieramyrazem.org/zbiorki/
Redirect Chain
  • https://fundacjadzieciom.org/index.php?option=com_acym&ctrl=fronturl&task=click&urlid=216&userid=3216728&mailid=109
  • https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dzie...
87 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.26.112 Elblag, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web46.mydevil.net
Software
nginx / Express Phusion Passenger
Resource Hash
69c0e04ea63ad662b2b401a59a2f78708dfc817af3ade0d3a908e776fe9f9b28

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Sun, 27 Mar 2022 21:31:42 GMT
content-type
text/html; charset=utf-8
status
200 OK
vary
Accept-Encoding
content-encoding
gzip
x-powered-by
Express Phusion Passenger
etag
"15b9e-Dkd8bVl1ytx6z1uiXfdrw3BsEn4"

Redirect headers

date
Sun, 27 Mar 2022 21:31:44 GMT
content-type
text/html
content-length
760
location
https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
cache-control
public, max-age=900, stale-while-revalidate=1800, stale-if-error=4500
expires
Sun, 27 Mar 2022 21:46:44 GMT
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma
public
server
IdeaWebServer/5.0.0
status
303
x-content-powered-by
K2 v2.10.3 (by JoomlaWorks)
x-logged-in
False
alt-svc
h3-29=":443"
2798166.js
zbieramyrazem.org/_nuxt/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zbieramyrazem.org/_nuxt/2798166.js
Requested by
Host: zbieramyrazem.org
URL: https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.26.112 Elblag, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web46.mydevil.net
Software
nginx / Express, Phusion Passenger
Resource Hash
9a5084102de924552c83a73d02f8ffe07ddace143a84b0bb18795cd45c518eb8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 21:31:42 GMT
content-encoding
gzip
last-modified
Mon, 21 Mar 2022 11:29:59 GMT
server
nginx
x-powered-by
Express, Phusion Passenger
etag
W/"a92-17fac3db2ec"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200 OK
cache-control
public, max-age=31536000
45f280a.js
zbieramyrazem.org/_nuxt/ 		220 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zbieramyrazem.org/_nuxt/45f280a.js
Requested by
Host: zbieramyrazem.org
URL: https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.26.112 Elblag, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web46.mydevil.net
Software
nginx / Express, Phusion Passenger
Resource Hash
bdaf9683f34d5ebe217d95d8df15df0ca8b94d0a45a288a27823887aa319a41f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 21:31:42 GMT
content-encoding
gzip
last-modified
Thu, 27 Jan 2022 19:55:19 GMT
server
nginx
x-powered-by
Express, Phusion Passenger
etag
W/"36fe9-17e9d1b4fd6"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200 OK
cache-control
public, max-age=31536000
6f41248.js
zbieramyrazem.org/_nuxt/ 		157 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zbieramyrazem.org/_nuxt/6f41248.js
Requested by
Host: zbieramyrazem.org
URL: https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.26.112 Elblag, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web46.mydevil.net
Software
nginx / Express, Phusion Passenger
Resource Hash
fca05999f28f712f82cb8cabaa58422dcfae8e58ca06a3b632e0c8f26f9764d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 21:31:42 GMT
content-encoding
gzip
last-modified
Mon, 21 Mar 2022 11:29:59 GMT
server
nginx
x-powered-by
Express, Phusion Passenger
etag
W/"2727a-17fac3db2ec"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200 OK
cache-control
public, max-age=31536000
da9e77b.js
zbieramyrazem.org/_nuxt/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zbieramyrazem.org/_nuxt/da9e77b.js
Requested by
Host: zbieramyrazem.org
URL: https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.26.112 Elblag, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web46.mydevil.net
Software
nginx / Express, Phusion Passenger
Resource Hash
f2d635878cd616cf336eb2a0df4f9b402f9f018b52106505305db1feac37cb3d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 21:31:42 GMT
content-encoding
gzip
last-modified
Mon, 21 Mar 2022 11:29:59 GMT
server
nginx
x-powered-by
Express, Phusion Passenger
etag
W/"160e1-17fac3db2e1"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200 OK
cache-control
public, max-age=31536000
5b109ad.js
zbieramyrazem.org/_nuxt/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zbieramyrazem.org/_nuxt/5b109ad.js
Requested by
Host: zbieramyrazem.org
URL: https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.26.112 Elblag, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web46.mydevil.net
Software
nginx / Express, Phusion Passenger
Resource Hash
7e76a83836c63738f1082bbf964623f74eb289a97c7f039d56425992e36db92b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 21:31:42 GMT
content-encoding
gzip
last-modified
Mon, 21 Mar 2022 11:29:59 GMT
server
nginx
x-powered-by
Express, Phusion Passenger
etag
W/"4be2-17fac3db2eb"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200 OK
cache-control
public, max-age=31536000
logo.2ae0b5f.svg
zbieramyrazem.org/_nuxt/img/ 		25 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zbieramyrazem.org/_nuxt/img/logo.2ae0b5f.svg
Requested by
Host: zbieramyrazem.org
URL: https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.26.112 Elblag, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web46.mydevil.net
Software
nginx / Express, Phusion Passenger
Resource Hash
fbf5c5701e07988f00fafe49c0c750c7959b9821176fe48e355b8f875f356d63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 21:31:42 GMT
content-encoding
gzip
last-modified
Mon, 17 Jan 2022 16:26:55 GMT
server
nginx
x-powered-by
Express, Phusion Passenger
etag
W/"6460-17e68dce8c9"
vary
Accept-Encoding
content-type
image/svg+xml
status
200 OK
cache-control
public, max-age=31536000
QgSClcZYqXg_Original.2e16d0ba.fill-800x450.jpg
fundacja.flexisoft2.usermd.net/media/images/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundacja.flexisoft2.usermd.net/media/images/QgSClcZYqXg_Original.2e16d0ba.fill-800x450.jpg
Requested by
Host: zbieramyrazem.org
URL: https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.26.112 Elblag, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web46.mydevil.net
Software
nginx /
Resource Hash
8b5c16b748a62e7f6790004bb8599d5d556e68f7d3b31b3cda58c325b0ca635b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zbieramyrazem.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 21:31:42 GMT
last-modified
Fri, 11 Mar 2022 07:03:09 GMT
server
nginx
accept-ranges
bytes
etag
"622af42d-9676"
content-length
38518
content-type
image/jpeg
payu.200a908.png
zbieramyrazem.org/_nuxt/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zbieramyrazem.org/_nuxt/img/payu.200a908.png
Requested by
Host: zbieramyrazem.org
URL: https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.26.112 Elblag, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web46.mydevil.net
Software
nginx / Express, Phusion Passenger
Resource Hash
940f48b941ca2c07b3064e6f95f942d8c078ae429b7f55e65c4244c93830b172

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 21:31:42 GMT
last-modified
Mon, 17 Jan 2022 16:26:55 GMT
server
nginx
x-powered-by
Express, Phusion Passenger
etag
W/"74a-17e68dce8e0"
content-type
image/png
status
200 OK
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1866
paypal-logo.2de1e57.png
zbieramyrazem.org/_nuxt/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zbieramyrazem.org/_nuxt/img/paypal-logo.2de1e57.png
Requested by
Host: zbieramyrazem.org
URL: https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.26.112 Elblag, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web46.mydevil.net
Software
nginx / Express, Phusion Passenger
Resource Hash
4ee570121ac0d8f9cc60e1f5d2063a1d85c7141f937936b2753fce07c8337fd9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 21:31:42 GMT
last-modified
Mon, 21 Mar 2022 11:29:59 GMT
server
nginx
x-powered-by
Express, Phusion Passenger
etag
W/"8d6-17fac3db2e3"
content-type
image/png
status
200 OK
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2262
logo-white.8e9378a.svg
zbieramyrazem.org/_nuxt/img/ 		43 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zbieramyrazem.org/_nuxt/img/logo-white.8e9378a.svg
Requested by
Host: zbieramyrazem.org
URL: https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.26.112 Elblag, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web46.mydevil.net
Software
nginx / Express, Phusion Passenger
Resource Hash
94e6f4b836439fd8f82f208bd0504593ca03f9906a6a7a1ba26a7c5a197af9e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 21:31:42 GMT
content-encoding
gzip
last-modified
Mon, 17 Jan 2022 16:26:55 GMT
server
nginx
x-powered-by
Express, Phusion Passenger
etag
W/"acc4-17e68dce8cd"
vary
Accept-Encoding
content-type
image/svg+xml
status
200 OK
cache-control
public, max-age=31536000
fb.bb30432.svg
zbieramyrazem.org/_nuxt/img/ 		1 KB
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zbieramyrazem.org/_nuxt/img/fb.bb30432.svg
Requested by
Host: zbieramyrazem.org
URL: https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.26.112 Elblag, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web46.mydevil.net
Software
nginx / Express, Phusion Passenger
Resource Hash
e873d5a37f5385a7906703b72630b8b9d82e760f94330485d86dc8c1c7bcc00c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 21:31:42 GMT
content-encoding
gzip
last-modified
Mon, 17 Jan 2022 16:26:55 GMT
server
nginx
x-powered-by
Express, Phusion Passenger
etag
W/"48f-17e68dce8cd"
vary
Accept-Encoding
content-type
image/svg+xml
status
200 OK
cache-control
public, max-age=31536000
twitter.5bbb91d.svg
zbieramyrazem.org/_nuxt/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zbieramyrazem.org/_nuxt/img/twitter.5bbb91d.svg
Requested by
Host: zbieramyrazem.org
URL: https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.26.112 Elblag, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web46.mydevil.net
Software
nginx / Express, Phusion Passenger
Resource Hash
ad97186c9db7b0dd735ae0198bdc1e0f266d08f902a57592d5b2d2c1a7dc8096

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 21:31:42 GMT
content-encoding
gzip
last-modified
Mon, 17 Jan 2022 16:26:55 GMT
server
nginx
x-powered-by
Express, Phusion Passenger
etag
W/"86f-17e68dce8cd"
vary
Accept-Encoding
content-type
image/svg+xml
status
200 OK
cache-control
public, max-age=31536000
linkedin.a6159ea.svg
zbieramyrazem.org/_nuxt/img/ 		2 KB
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zbieramyrazem.org/_nuxt/img/linkedin.a6159ea.svg
Requested by
Host: zbieramyrazem.org
URL: https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.26.112 Elblag, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web46.mydevil.net
Software
nginx / Express, Phusion Passenger
Resource Hash
08b0b112b5aa66fdcbeb369a3d9014c9caa864110c2cd59ace2f53b4edd2e6bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 21:31:42 GMT
content-encoding
gzip
last-modified
Mon, 17 Jan 2022 16:26:55 GMT
server
nginx
x-powered-by
Express, Phusion Passenger
etag
W/"746-17e68dce8cd"
vary
Accept-Encoding
content-type
image/svg+xml
status
200 OK
cache-control
public, max-age=31536000
proo.36ad4e3.png
zbieramyrazem.org/_nuxt/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zbieramyrazem.org/_nuxt/img/proo.36ad4e3.png
Requested by
Host: zbieramyrazem.org
URL: https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.26.112 Elblag, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web46.mydevil.net
Software
nginx / Express, Phusion Passenger
Resource Hash
ee8d26670f5f7ba3dec5788e507b5e42a53c178408a985c46f150bc8acce7c30

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 21:31:42 GMT
last-modified
Thu, 27 Jan 2022 19:55:19 GMT
server
nginx
x-powered-by
Express, Phusion Passenger
etag
W/"1366-17e9d1b4fcf"
content-type
image/png
status
200 OK
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
4966
niw.2ab7377.png
zbieramyrazem.org/_nuxt/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zbieramyrazem.org/_nuxt/img/niw.2ab7377.png
Requested by
Host: zbieramyrazem.org
URL: https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.26.112 Elblag, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web46.mydevil.net
Software
nginx / Express, Phusion Passenger
Resource Hash
6531d6221578cd269b3cb4fb8ecd9d18ac2e828188d32b52284dfe1ece774528

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 21:31:42 GMT
last-modified
Thu, 27 Jan 2022 19:55:19 GMT
server
nginx
x-powered-by
Express, Phusion Passenger
etag
W/"1021-17e9d1b4fcf"
content-type
image/png
status
200 OK
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
4129
material-icons-outlined.aa80805.woff2
zbieramyrazem.org/_nuxt/fonts/ 		143 KB
143 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://zbieramyrazem.org/_nuxt/fonts/material-icons-outlined.aa80805.woff2
Requested by
Host: zbieramyrazem.org
URL: https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.26.112 Elblag, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web46.mydevil.net
Software
nginx / Express, Phusion Passenger
Resource Hash
32738b648d59e35c15da826e765b97b3a6fb06f90536d94477a72ac6d6516538

Request headers

Referer
https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
Origin
https://zbieramyrazem.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 21:31:42 GMT
last-modified
Mon, 17 Jan 2022 16:26:55 GMT
server
nginx
x-powered-by
Express, Phusion Passenger
etag
W/"23a04-17e68dce8cd"
content-type
font/woff2
status
200 OK
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
145924
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: zbieramyrazem.org
URL: https://zbieramyrazem.org/_nuxt/6f41248.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zbieramyrazem.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5219
date
Sun, 27 Mar 2022 20:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 27 Mar 2022 22:04:46 GMT
collect
www.google-analytics.com/j/ 		4 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1275117008&t=pageview&_s=1&dl=https%3A%2F%2Fzbieramyrazem.org%2Fzbiorki%2Fwojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie%3Futm_source%3Dnewsletter_38%26utm_medium%3Demail%26utm_campaign%3Duciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo&dp=%2Fzbiorki%2Fwojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie%3Futm_source%3Dnewsletter_38%26utm_medium%3Demail%26utm_campaign%3Duciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo&ul=en-us&de=UTF-8&dt=Uciek%C5%82a%20od%20wojny%2C%20a%20teraz%20choroba%20niszczy%20jej%20dzieci%C5%84stwo-%20Fundacja%20Zbieramy%20Razem&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAAC~&jid=1744690766&gjid=599437072&cid=672973531.1648416705&tid=UA-54809962-1&_gid=205260242.1648416705&_r=1&_slc=1&z=1704394264
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://zbieramyrazem.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 27 Mar 2022 21:31:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://zbieramyrazem.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
13762e5.js
zbieramyrazem.org/_nuxt/ 		101 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zbieramyrazem.org/_nuxt/13762e5.js
Requested by
Host: zbieramyrazem.org
URL: https://zbieramyrazem.org/_nuxt/2798166.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.26.112 Elblag, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web46.mydevil.net
Software
nginx / Express, Phusion Passenger
Resource Hash
d21928c2e5e0272adfae4ff41e82dc6fc03f2f34ff41b4ca2c830c329e2ee6cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 21:31:42 GMT
content-encoding
gzip
last-modified
Mon, 21 Mar 2022 11:29:59 GMT
server
nginx
x-powered-by
Express, Phusion Passenger
etag
W/"193fd-17fac3db2e1"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200 OK
cache-control
public, max-age=31536000
1d295c5.js
zbieramyrazem.org/_nuxt/ 		31 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zbieramyrazem.org/_nuxt/1d295c5.js
Requested by
Host: zbieramyrazem.org
URL: https://zbieramyrazem.org/_nuxt/2798166.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.26.112 Elblag, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web46.mydevil.net
Software
nginx / Express, Phusion Passenger
Resource Hash
df26d027f86c6b66eb03a7d0480edbcf141794801b87abe06f77fc99e40823ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 21:31:42 GMT
content-encoding
gzip
last-modified
Mon, 21 Mar 2022 11:29:59 GMT
server
nginx
x-powered-by
Express, Phusion Passenger
etag
W/"7c8c-17fac3db2e8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200 OK
cache-control
public, max-age=31536000
6796cef.js
zbieramyrazem.org/_nuxt/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zbieramyrazem.org/_nuxt/6796cef.js
Requested by
Host: zbieramyrazem.org
URL: https://zbieramyrazem.org/_nuxt/2798166.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.26.112 Elblag, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web46.mydevil.net
Software
nginx / Express, Phusion Passenger
Resource Hash
dd148cf55784df85ebdace3d82eaee982917d9bca4ef6b22b3d5efa910cd16ae

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 21:31:42 GMT
content-encoding
gzip
last-modified
Mon, 21 Mar 2022 11:29:59 GMT
server
nginx
x-powered-by
Express, Phusion Passenger
etag
W/"350e-17fac3db2ec"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200 OK
cache-control
public, max-age=31536000
c093ed7.js
zbieramyrazem.org/_nuxt/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zbieramyrazem.org/_nuxt/c093ed7.js
Requested by
Host: zbieramyrazem.org
URL: https://zbieramyrazem.org/_nuxt/2798166.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.26.112 Elblag, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web46.mydevil.net
Software
nginx / Express, Phusion Passenger
Resource Hash
8299440f3402d141e776922388d79447d94fb1cd61e44c48039ffe9e6beb91f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 21:31:42 GMT
content-encoding
gzip
last-modified
Mon, 21 Mar 2022 11:29:59 GMT
server
nginx
x-powered-by
Express, Phusion Passenger
etag
W/"3081-17fac3db2e6"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200 OK
cache-control
public, max-age=31536000
9c1e0b5.js
zbieramyrazem.org/_nuxt/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zbieramyrazem.org/_nuxt/9c1e0b5.js
Requested by
Host: zbieramyrazem.org
URL: https://zbieramyrazem.org/_nuxt/2798166.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.91.26.112 Elblag, Poland, ASN15694 (ATMAN-ISP-AS ATM S.A., PL),
Reverse DNS
web46.mydevil.net
Software
nginx / Express, Phusion Passenger
Resource Hash
505ab291129b35621dcdf7692feb524c5d0f4c127c13b721a2497aed5f269c94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zbieramyrazem.org/zbiorki/wojna-zniszczyla-jej-dziecinstwo-nie-pozwolmy-tez-chorobie?utm_source=newsletter_38&utm_medium=email&utm_campaign=uciekla-od-wojny-a-teraz-choroba-niszczy-jej-dziecinstwo
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 21:31:42 GMT
content-encoding
gzip
last-modified
Mon, 21 Mar 2022 11:29:59 GMT
server
nginx
x-powered-by
Express, Phusion Passenger
etag
W/"535b-17fac3db2ec"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200 OK
cache-control
public, max-age=31536000
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-54809962-1&cid=672973531.1648416705&jid=1744690766&gjid=599437072&_gid=205260242.1648416705&_u=aEBAAEAAEAAAAC~&z=376739492
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c03::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://zbieramyrazem.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 27 Mar 2022 21:31:45 GMT
content-type
text/plain
access-control-allow-origin
https://zbieramyrazem.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54809962-1&cid=672973531.1648416705&jid=1744690766&_u=aEBAAEAAEAAAAC~&z=1681848483
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zbieramyrazem.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Mar 2022 21:31:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-54809962-1&cid=672973531.1648416705&jid=1744690766&_u=aEBAAEAAEAAAAC~&z=1681848483
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://zbieramyrazem.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Mar 2022 21:31:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored object| __NUXT__ object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady function| Hammer object| $nuxt object| google_tag_data function| ga object| gaplugins boolean| ga-disable-UA-54809962-1 object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
fundacjadzieciom.org/ Name: e8b7dd9b486fa5100d5111135b2ebf74
Value: 674b973835b4e2792636036a74f42b36
.zbieramyrazem.org/ Name: _ga
Value: GA1.2.672973531.1648416705
.zbieramyrazem.org/ Name: _gid
Value: GA1.2.205260242.1648416705
.zbieramyrazem.org/ Name: _gat
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fundacja.flexisoft2.usermd.net
fundacjadzieciom.org
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
zbieramyrazem.org
212.91.26.112
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2004
2a00:1450:4001:829::2003
2a00:1450:400c:c03::9a
89.161.184.12
08b0b112b5aa66fdcbeb369a3d9014c9caa864110c2cd59ace2f53b4edd2e6bc
32738b648d59e35c15da826e765b97b3a6fb06f90536d94477a72ac6d6516538
4ee570121ac0d8f9cc60e1f5d2063a1d85c7141f937936b2753fce07c8337fd9
505ab291129b35621dcdf7692feb524c5d0f4c127c13b721a2497aed5f269c94
6531d6221578cd269b3cb4fb8ecd9d18ac2e828188d32b52284dfe1ece774528
69c0e04ea63ad662b2b401a59a2f78708dfc817af3ade0d3a908e776fe9f9b28
7e76a83836c63738f1082bbf964623f74eb289a97c7f039d56425992e36db92b
8299440f3402d141e776922388d79447d94fb1cd61e44c48039ffe9e6beb91f7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b5c16b748a62e7f6790004bb8599d5d556e68f7d3b31b3cda58c325b0ca635b
940f48b941ca2c07b3064e6f95f942d8c078ae429b7f55e65c4244c93830b172
94e6f4b836439fd8f82f208bd0504593ca03f9906a6a7a1ba26a7c5a197af9e1
9a5084102de924552c83a73d02f8ffe07ddace143a84b0bb18795cd45c518eb8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ad97186c9db7b0dd735ae0198bdc1e0f266d08f902a57592d5b2d2c1a7dc8096
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bdaf9683f34d5ebe217d95d8df15df0ca8b94d0a45a288a27823887aa319a41f
d21928c2e5e0272adfae4ff41e82dc6fc03f2f34ff41b4ca2c830c329e2ee6cb
dd148cf55784df85ebdace3d82eaee982917d9bca4ef6b22b3d5efa910cd16ae
df26d027f86c6b66eb03a7d0480edbcf141794801b87abe06f77fc99e40823ba
e873d5a37f5385a7906703b72630b8b9d82e760f94330485d86dc8c1c7bcc00c
ee8d26670f5f7ba3dec5788e507b5e42a53c178408a985c46f150bc8acce7c30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d635878cd616cf336eb2a0df4f9b402f9f018b52106505305db1feac37cb3d
fbf5c5701e07988f00fafe49c0c750c7959b9821176fe48e355b8f875f356d63
fca05999f28f712f82cb8cabaa58422dcfae8e58ca06a3b632e0c8f26f9764d7