marketing.0nline4u.pl Open in urlscan Pro
146.59.12.77  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set unsub Show response marketing.0nline4u.pl/r/HvtcxMjCMmNOuBUQSiITxx1x5sVPORETwWUS7WncZDlQtXFd/	4 KB 2 KB	24659ms 24560ms	Document text/html	146.59.12.77 OVH
General Check archive.org Show headers Download Go to Full URL https://marketing.0nline4u.pl/r/HvtcxMjCMmNOuBUQSiITxx1x5sVPORETwWUS7WncZDlQtXFd/unsub Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 146.59.12.77 , France, ASN16276 (OVH, FR), Reverse DNS mx.0nline4u.pl Software gunicorn / Resource Hash 5e99a5d84c74e101a221eae31cede68d5de965ea12fac72820271d415dfabf35 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Host marketing.0nline4u.pl Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 30 Jul 2021 12:00:34 GMT Server gunicorn Content-Type text/html; charset=utf-8 X-Frame-Options DENY Vary Cookie,Origin,Accept-Encoding X-Content-Type-Options nosniff Referrer-Policy same-origin Content-Encoding gzip Content-Length 1716 Set-Cookie csrftoken=Zo3iSB5ZFc3MTadEvijl49VGG2Um7nbGcxdzrICzOTjcnmD9QSAK93GHEIEni5wc; expires=Fri, 29 Jul 2022 12:00:34 GMT; Max-Age=31449600; Path=/; SameSite=Lax Keep-Alive timeout=5, max=100 Connection Keep-Alive
GET H2	200	bootstrap.min.js Show response cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/js/	60 KB 16 KB	8ms 6ms	Script application/javascript	2a04:4e42:3::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/js/bootstrap.min.js Requested by Host: marketing.0nline4u.pl URL: https://marketing.0nline4u.pl/r/HvtcxMjCMmNOuBUQSiITxx1x5sVPORETwWUS7WncZDlQtXFd/unsub Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 1bbdb19132cece5103c0a2919e09320edc6687ab3879fc3bb1d28f0f0fa5d45f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Origin https://marketing.0nline4u.pl Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 120949 x-jsd-version 5.0.0-beta3 x-cache HIT cross-origin-resource-policy cross-origin content-length 15910 etag W/"f1c5-lhuikqyMaMc4OVbHy82SnK9kvSQ" x-served-by cache-fra19120-FRA x-jsd-version-type version date Fri, 30 Jul 2021 12:00:34 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/css/	151 KB 22 KB	7ms 5ms	Stylesheet text/css	2a04:4e42:3::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/css/bootstrap.min.css Requested by Host: marketing.0nline4u.pl URL: https://marketing.0nline4u.pl/r/HvtcxMjCMmNOuBUQSiITxx1x5sVPORETwWUS7WncZDlQtXFd/unsub Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0d4f6240127cf5d1cfda2caeb0283efb4c9c879e43031f102fa3fc09853ae1b2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Origin https://marketing.0nline4u.pl Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 3025951 x-cache HIT cross-origin-resource-policy cross-origin content-length 22890 etag W/"25cfb-UcVSpq1X1XvRNJScPVMSiB9RqJM" x-served-by cache-fra19120-FRA date Fri, 30 Jul 2021 12:00:34 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	bootstrap.bundle.min.js Show response cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/js/	79 KB 22 KB	13ms 10ms	Script application/javascript	2a04:4e42:3::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/js/bootstrap.bundle.min.js Requested by Host: marketing.0nline4u.pl URL: https://marketing.0nline4u.pl/r/HvtcxMjCMmNOuBUQSiITxx1x5sVPORETwWUS7WncZDlQtXFd/unsub Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 05304a8f26373142efa126a87977201cbc22d408c573f151ee2907933e9099f7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Origin https://marketing.0nline4u.pl Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 3021552 x-cache HIT cross-origin-resource-policy cross-origin content-length 22361 etag W/"13a2b-LayF+MVECCdqC/PP+pHf1O96P1E" x-served-by cache-fra19120-FRA date Fri, 30 Jul 2021 12:00:34 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	chart.min.js Show response cdn.jsdelivr.net/npm/chart.js@3.0.2/dist/	173 KB 60 KB	13ms 11ms	Script application/javascript	2a04:4e42:3::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/chart.js@3.0.2/dist/chart.min.js Requested by Host: marketing.0nline4u.pl URL: https://marketing.0nline4u.pl/r/HvtcxMjCMmNOuBUQSiITxx1x5sVPORETwWUS7WncZDlQtXFd/unsub Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash f42283b81348428fdd420acaf67c8af97703d8c0636f42609cf30036b430e82b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Origin https://marketing.0nline4u.pl Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 43132 x-jsd-version 3.0.2 x-cache HIT cross-origin-resource-policy cross-origin content-length 61081 etag W/"2b2d5-F5y5Q+WnVMwINzLo6x6xhymlW2k" x-served-by cache-fra19120-FRA x-jsd-version-type version date Fri, 30 Jul 2021 12:00:34 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	feather.min.js Show response cdn.jsdelivr.net/npm/feather-icons@4.28.0/dist/	74 KB 21 KB	9ms 7ms	Script application/javascript	2a04:4e42:3::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/feather-icons@4.28.0/dist/feather.min.js Requested by Host: marketing.0nline4u.pl URL: https://marketing.0nline4u.pl/r/HvtcxMjCMmNOuBUQSiITxx1x5sVPORETwWUS7WncZDlQtXFd/unsub Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5dfcdd882f92d647a26beb3d974ef2ef27b96bcef8b01abaef32b8bbb2d38ef9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Origin https://marketing.0nline4u.pl Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 117792 x-jsd-version 4.28.0 x-cache HIT cross-origin-resource-policy cross-origin content-length 20683 etag W/"12803-VGvmKj49iNws8jK+EoeSCbRlrvE" x-served-by cache-fra19120-FRA x-jsd-version-type version date Fri, 30 Jul 2021 12:00:34 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	jquery-3.6.0.js Show response code.jquery.com/	282 KB 83 KB	25ms 8ms	Script application/javascript	2001:4de0:ac18::1:a:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.js Requested by Host: marketing.0nline4u.pl URL: https://marketing.0nline4u.pl/r/HvtcxMjCMmNOuBUQSiITxx1x5sVPORETwWUS7WncZDlQtXFd/unsub Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239 Request headers Origin https://marketing.0nline4u.pl Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 30 Jul 2021 12:00:34 GMT content-encoding gzip last-modified Tue, 02 Mar 2021 17:27:20 GMT server nginx etag W/"603e7578-46744" vary Accept-Encoding x-hw 1627646434.dop213.fr8.t,1627646434.cds280.fr8.hc,1627646434.cds148.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 84714
GET H2	200	popper.min.js Show response cdn.jsdelivr.net/npm/@popperjs/core@2.9.1/dist/umd/	18 KB 7 KB	8ms 6ms	Script application/javascript	2a04:4e42:3::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@popperjs/core@2.9.1/dist/umd/popper.min.js Requested by Host: marketing.0nline4u.pl URL: https://marketing.0nline4u.pl/r/HvtcxMjCMmNOuBUQSiITxx1x5sVPORETwWUS7WncZDlQtXFd/unsub Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash a8caa3ef54f21cd971f2ea91425a00f871d492a69a8814b5786bac39292d9cfd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Origin https://marketing.0nline4u.pl Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 718368 x-jsd-version 2.9.1 x-cache HIT cross-origin-resource-policy cross-origin content-length 6624 etag W/"4853-tjv/BFEf7IDrFeQXJXqHE+6I79Q" x-served-by cache-fra19120-FRA x-jsd-version-type version date Fri, 30 Jul 2021 12:00:34 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H3-29	200	icon fonts.googleapis.com/	568 B 365 B	17ms 15ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: marketing.0nline4u.pl URL: https://marketing.0nline4u.pl/r/HvtcxMjCMmNOuBUQSiITxx1x5sVPORETwWUS7WncZDlQtXFd/unsub Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f295f3a15e6f626ecd83939aad05199ab904ae34a90f0982bdb554bc04cd9fc5 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 30 Jul 2021 12:00:34 GMT server ESF date Fri, 30 Jul 2021 12:00:34 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 30 Jul 2021 12:00:34 GMT
GET H/1.1	200 OK	materialize.css static.directoffer.pl/materialize/css/	178 KB 26 KB	201ms 58ms	Stylesheet text/css	51.83.223.48 OVH
General Check archive.org Show headers Download Go to Full URL https://static.directoffer.pl/materialize/css/materialize.css Requested by Host: marketing.0nline4u.pl URL: https://marketing.0nline4u.pl/r/HvtcxMjCMmNOuBUQSiITxx1x5sVPORETwWUS7WncZDlQtXFd/unsub Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 51.83.223.48 , France, ASN16276 (OVH, FR), Reverse DNS ns31258711.ip-51-83-223.eu Software Apache/2.4.46 (Ubuntu) / Resource Hash 493f9ad2470b9b935700ca9b0750ebd4c6d4bd889a123f2c8f97b7cfee03837c Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 30 Jul 2021 12:00:35 GMT Content-Encoding gzip Last-Modified Mon, 24 May 2021 10:15:15 GMT Server Apache/2.4.46 (Ubuntu) ETag "2c800-5c310af8252c0-gzip" Vary Accept-Encoding Upgrade h2,h2c Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type text/css Keep-Alive timeout=5, max=100 Content-Length 26668
GET H/1.1	200 OK	materialize.js Show response static.directoffer.pl/materialize/js/	375 KB 74 KB	221ms 74ms	Script application/javascript	51.83.223.48 OVH
General Check archive.org Show headers Download Go to Full URL https://static.directoffer.pl/materialize/js/materialize.js Requested by Host: marketing.0nline4u.pl URL: https://marketing.0nline4u.pl/r/HvtcxMjCMmNOuBUQSiITxx1x5sVPORETwWUS7WncZDlQtXFd/unsub Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 51.83.223.48 , France, ASN16276 (OVH, FR), Reverse DNS ns31258711.ip-51-83-223.eu Software Apache/2.4.46 (Ubuntu) / Resource Hash 33396868243aae59a93e25b85f04757887617561a0c205b0e95a0f051cf4f84c Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 30 Jul 2021 12:00:35 GMT Content-Encoding gzip Last-Modified Mon, 24 May 2021 10:15:15 GMT Server Apache/2.4.46 (Ubuntu) ETag "5ddb0-5c310af8252c0-gzip" Vary Accept-Encoding Upgrade h2,h2c Transfer-Encoding chunked Connection Upgrade, Keep-Alive Accept-Ranges bytes Content-Type application/javascript Keep-Alive timeout=5, max=100

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
code.jquery.com
fonts.googleapis.com
marketing.0nline4u.pl
static.directoffer.pl
146.59.12.77
2001:4de0:ac18::1:a:1b
2a00:1450:4001:831::200a
2a04:4e42:3::485
51.83.223.48
05304a8f26373142efa126a87977201cbc22d408c573f151ee2907933e9099f7
0d4f6240127cf5d1cfda2caeb0283efb4c9c879e43031f102fa3fc09853ae1b2
1bbdb19132cece5103c0a2919e09320edc6687ab3879fc3bb1d28f0f0fa5d45f
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
33396868243aae59a93e25b85f04757887617561a0c205b0e95a0f051cf4f84c
493f9ad2470b9b935700ca9b0750ebd4c6d4bd889a123f2c8f97b7cfee03837c
5dfcdd882f92d647a26beb3d974ef2ef27b96bcef8b01abaef32b8bbb2d38ef9
5e99a5d84c74e101a221eae31cede68d5de965ea12fac72820271d415dfabf35
a8caa3ef54f21cd971f2ea91425a00f871d492a69a8814b5786bac39292d9cfd
f295f3a15e6f626ecd83939aad05199ab904ae34a90f0982bdb554bc04cd9fc5
f42283b81348428fdd420acaf67c8af97703d8c0636f42609cf30036b430e82b