kurierowo.link Open in urlscan Pro
2606:4700:3033::6815:3a43 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://kurierowo.link/Ay09G29jOr5tRQv2H/G5Cvae
Submission: On August 02 via manual (August 2nd 2021, 7:22:42 am UTC) from PL

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3033::6815:3a43, located in United States and belongs to CLOUDFLARENET, US. The main domain is kurierowo.link.
TLS certificate: Issued by R3 on August 1st 2021. Valid for: 3 months.

This is the only time kurierowo.link was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayU (Financial)

Domain & IP information

	IP Address		AS Autonomous System
15	2606:4700:303... 2606:4700:3033::6815:3a43		13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	1

15 2606:4700:3033::6815:3a43 (United States)

ASN13335 (CLOUDFLARENET, US)

kurierowo.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	kurierowo.link kurierowo.link	649 KB
15	1

	Domain	Requested by
15	kurierowo.link	kurierowo.link
15	1

This site contains no links.

Subject Issuer	Validity	Valid
*.kurierowo.link R3	`2021-08-01` - `2021-10-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://kurierowo.link/Ay09G29jOr5tRQv2H/G5Cvae
Frame ID: B8E516ADF864784E04D8CA2CDCAC39DF
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

649 kB
Transfer

740 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request G5Cvae Show response kurierowo.link/Ay09G29jOr5tRQv2H/	13 KB 4 KB	154ms 115ms	Document text/html	2606:4700:3033::6815:3a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kurierowo.link/Ay09G29jOr5tRQv2H/G5Cvae Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:3a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash `7a1048d0f60e9ffe32593d39bb3856b4868461b5c9becd0982e7ee96cb41b340` Request headers :method GET :authority kurierowo.link :scheme https :path /Ay09G29jOr5tRQv2H/G5Cvae pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 07:22:21 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-powered-by PHP/7.2.34 set-cookie PHPSESSID=6445ddbc0a77e26a5263d00411a73f7c; path=/ 1e4f043cb84893e304979dfe3da075ab=2473189502; expires=Mon, 02-Aug-2021 08:25:02 GMT; Max-Age=3761 46925a87b89d52918d96b7d8d1b34148=3780039428; expires=Mon, 02-Aug-2021 08:18:37 GMT; Max-Age=3376 fff6c2513988044c89cc9518ff907028=2866673065; expires=Mon, 02-Aug-2021 08:22:06 GMT; Max-Age=3585 expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swPM%2BXblgIBEqrgLUDvaLOvEOWnzrBz%2Bqi%2BlxOJa2DTDjGTlZ39GUAbm7tOwJQAij4gRYRSw0ufQitdazO2aFWtjYECOQ7Y220hlzbTIqpUdinfxKqwe0CRvFtc4v8t56fcgbz%2BRJqHpnoRyHw%3D%3D"}],"group":"cf-nel","max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 67858df938e64e0e-FRA content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	c83db9c934598df9ef0f9b303089d2722.css kurierowo.link/Ay09G29jOr5tRQv2H/css/	38 KB 10 KB	120ms 109ms	Stylesheet text/css	2606:4700:3033::6815:3a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css Requested by Host: kurierowo.link URL: https://kurierowo.link/Ay09G29jOr5tRQv2H/G5Cvae Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:3a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash `27970e53d5478332b329e8292f519713b721def87872b5be486ac171bece92d7` Request headers :path /Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css pragma no-cache cookie 1e4f043cb84893e304979dfe3da075ab=2473189502; 46925a87b89d52918d96b7d8d1b34148=3780039428; fff6c2513988044c89cc9518ff907028=2866673065; PHPSESSID=6445ddbc0a77e26a5263d00411a73f7c accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,/;q=0.1 cache-control no-cache sec-fetch-dest style :authority kurierowo.link referer https://kurierowo.link/Ay09G29jOr5tRQv2H/G5Cvae :scheme https sec-fetch-site same-origin :method GET Referer https://kurierowo.link/Ay09G29jOr5tRQv2H/G5Cvae User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 02 Aug 2021 07:22:21 GMT content-encoding br cf-cache-status BYPASS nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.2.34 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QHkb9WWKLjyLbWbxd3IeWocY%2BZYk7dH6ZyxwSIH09tsIQaUHiqYNPETVOtfL%2FP%2F6ZVCmzWsXbLKj3g1Om9Hb%2BJhRa7sVr4BrhJj7GUqp1%2F0rBPe2BZM9NF1FHVTwTuX8GE6fFvdnp44rwX1Spg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css;charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 67858dfa09f24e2b-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3-29	200	jquery.js Show response kurierowo.link/Ay09G29jOr5tRQv2H/	86 KB 32 KB	29ms 17ms	Script application/javascript	2606:4700:3033::6815:3a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kurierowo.link/Ay09G29jOr5tRQv2H/jquery.js Requested by Host: kurierowo.link URL: https://kurierowo.link/Ay09G29jOr5tRQv2H/G5Cvae Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:3a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a` Request headers :path /Ay09G29jOr5tRQv2H/jquery.js pragma no-cache cookie 1e4f043cb84893e304979dfe3da075ab=2473189502; 46925a87b89d52918d96b7d8d1b34148=3780039428; fff6c2513988044c89cc9518ff907028=2866673065; PHPSESSID=6445ddbc0a77e26a5263d00411a73f7c accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept / cache-control no-cache sec-fetch-dest script :authority kurierowo.link referer https://kurierowo.link/Ay09G29jOr5tRQv2H/G5Cvae :scheme https sec-fetch-site same-origin :method GET Referer https://kurierowo.link/Ay09G29jOr5tRQv2H/G5Cvae User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 07:22:21 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 59986 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Fri, 06 Mar 2020 13:17:46 GMT server cloudflare etag W/"5e624d7a-15851" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwY2GLhVFtKScMnfgjWyx8yEYNd64B2sjPQ0HjRnRziQObiqDTWINiseELyhAoBcUziiEqkksBNWgO8rE2wKyZORARirCdDQga4aIWvrwG855PmSJQSbuwlhY9ZOh%2FVPcIcZa6C5%2B4vtAXJGhA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=315360000 cf-ray 67858dfa09f04e2b-FRA expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3-29	200	8945a63acd417b52661228bde5dcbc0f.jpg kurierowo.link/Ay09G29jOr5tRQv2H/css/	59 KB 60 KB	103ms 103ms	Image image/jpeg	2606:4700:3033::6815:3a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kurierowo.link/Ay09G29jOr5tRQv2H/css/8945a63acd417b52661228bde5dcbc0f.jpg Requested by Host: kurierowo.link URL: https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:3a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash `8ab3bdb66c72f8f3afb3aef7f00bd1224ba4ebf7d260e928d3d19a8b0af98944` Request headers :path /Ay09G29jOr5tRQv2H/css/8945a63acd417b52661228bde5dcbc0f.jpg pragma no-cache cookie 1e4f043cb84893e304979dfe3da075ab=2473189502; 46925a87b89d52918d96b7d8d1b34148=3780039428; fff6c2513988044c89cc9518ff907028=2866673065; PHPSESSID=6445ddbc0a77e26a5263d00411a73f7c accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority kurierowo.link referer https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css :scheme https sec-fetch-site same-origin :method GET Referer https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 02 Aug 2021 07:22:21 GMT cf-cache-status BYPASS nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.2.34 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kt%2Bi5GU%2B7ZSnnV3b5IGugTXM%2B7xOx4K5ZZZl3WtKR1mEZ3ayPnUV%2Fyc%2FM%2FA8%2F1Xe0lfJrpnkLtQ0Ujlv9szIszjj4Q3e8Ky7GKgg87HSqheuj6GELR2kR0FSgHe4JEug01%2FTnpjbe962yOVR6A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control no-store, no-cache, must-revalidate cf-ray 67858dfacb434e2b-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3-29	200	e71c322f331dab4d1ba678acba3c6bc7.png kurierowo.link/Ay09G29jOr5tRQv2H/css/	5 KB 6 KB	104ms 103ms	Image image/png	2606:4700:3033::6815:3a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kurierowo.link/Ay09G29jOr5tRQv2H/css/e71c322f331dab4d1ba678acba3c6bc7.png Requested by Host: kurierowo.link URL: https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:3a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash `5e5d542d8fb2f44477ca62ccf2d1dd188a4e537f9657a54485349723f6cc0584` Request headers :path /Ay09G29jOr5tRQv2H/css/e71c322f331dab4d1ba678acba3c6bc7.png pragma no-cache cookie 1e4f043cb84893e304979dfe3da075ab=2473189502; 46925a87b89d52918d96b7d8d1b34148=3780039428; fff6c2513988044c89cc9518ff907028=2866673065; PHPSESSID=6445ddbc0a77e26a5263d00411a73f7c accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority kurierowo.link referer https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css :scheme https sec-fetch-site same-origin :method GET Referer https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 07:22:21 GMT cf-cache-status BYPASS nel {"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.2.34 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 5442 pragma no-cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihHA4h7Dq6UwbZy%2FDC%2Fre50AKXT9CgMZgVTI%2Ff3KpCLhY0%2BttS3E4UQzfwVrcL%2Fri9Q2%2FmX6c001IjzymqWvFTwjTVebxKbYL28BzVcpuJRCVQ1OjUhs3Cj4pKrWe6bz4gCJY39uixUdEQ0gKg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control no-store, no-cache, must-revalidate accept-ranges bytes cf-ray 67858dfacb454e2b-FRA expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3-29	200	19fa9557bca75ce27365b3551059bb33.png kurierowo.link/Ay09G29jOr5tRQv2H/css/	135 KB 135 KB	107ms 107ms	Image image/png	2606:4700:3033::6815:3a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kurierowo.link/Ay09G29jOr5tRQv2H/css/19fa9557bca75ce27365b3551059bb33.png Requested by Host: kurierowo.link URL: https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:3a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash `73e157409a3ad150c03f5d19879bcb45203faf1a9418bf72e20b20b63c428683` Request headers :path /Ay09G29jOr5tRQv2H/css/19fa9557bca75ce27365b3551059bb33.png pragma no-cache cookie 1e4f043cb84893e304979dfe3da075ab=2473189502; 46925a87b89d52918d96b7d8d1b34148=3780039428; fff6c2513988044c89cc9518ff907028=2866673065; PHPSESSID=6445ddbc0a77e26a5263d00411a73f7c accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority kurierowo.link referer https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css :scheme https sec-fetch-site same-origin :method GET Referer https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 02 Aug 2021 07:22:21 GMT cf-cache-status BYPASS nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.2.34 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8HsIvSGwB7vBPuKlI4P7R3UCWBfLPB9Hne%2BuJZvgevR65aiyhT93IPbkiTg%2FbyQi05KvGzXwsTjvim%2FYUx%2Bo%2B8LZ3iYfT%2FDQTs%2Fduv86AJB7jkT60sfw1STSeuVIuHnUsnBUVjliVddbGgI%2B9g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control no-store, no-cache, must-revalidate cf-ray 67858dfacb484e2b-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3-29	200	f2f47f05d2dc3842e0f15310e716edf0.png kurierowo.link/Ay09G29jOr5tRQv2H/css/	1 KB 2 KB	107ms 107ms	Image image/png	2606:4700:3033::6815:3a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://kurierowo.link/Ay09G29jOr5tRQv2H/css/f2f47f05d2dc3842e0f15310e716edf0.png Requested by Host: kurierowo.link URL: https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:3a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash `ff5cc2782f7bb5a7651ca70445b22930e0e5ab97e06fd703c8b6d1b522b5ec45` Request headers :path /Ay09G29jOr5tRQv2H/css/f2f47f05d2dc3842e0f15310e716edf0.png pragma no-cache cookie 1e4f043cb84893e304979dfe3da075ab=2473189502; 46925a87b89d52918d96b7d8d1b34148=3780039428; fff6c2513988044c89cc9518ff907028=2866673065; PHPSESSID=6445ddbc0a77e26a5263d00411a73f7c accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/,/;q=0.8 cache-control* no-cache sec-fetch-dest image :authority kurierowo.link referer https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css :scheme https sec-fetch-site same-origin :method GET Referer https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 07:22:21 GMT cf-cache-status BYPASS nel {"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.2.34 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 1393 pragma no-cache server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BMHbyHhmjb6AfPVtUWivgacIGxDkIIptwfYHcHo9%2BMsidZdJ0SX06k3YoSxxPErmkJBAkPLMTp6vW7dNg3334LssrC8NbZuhHmEDgR5KmVeuXW55btPhUoDwnzhRAkdynflNXG4E6G9Mk%2BM7g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control no-store, no-cache, must-revalidate accept-ranges bytes cf-ray 67858dfacb4a4e2b-FRA expires Thu, 19 Nov 1981 08:52:00 GMT
GET H3-29	200	opensans-regular-webfont.woff kurierowo.link/Ay09G29jOr5tRQv2H/css/fonts/	87 KB 88 KB	14ms 14ms	Font application/font-woff	2606:4700:3033::6815:3a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kurierowo.link/Ay09G29jOr5tRQv2H/css/fonts/opensans-regular-webfont.woff Requested by Host: kurierowo.link URL: https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:3a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9650a5ba277274205e90974e7fb4183289ca51653c33fc291ad064bf8dd998e1` Request headers sec-fetch-mode cors origin https://kurierowo.link accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest font cookie 1e4f043cb84893e304979dfe3da075ab=2473189502; 46925a87b89d52918d96b7d8d1b34148=3780039428; fff6c2513988044c89cc9518ff907028=2866673065; PHPSESSID=6445ddbc0a77e26a5263d00411a73f7c :path /Ay09G29jOr5tRQv2H/css/fonts/opensans-regular-webfont.woff pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept / cache-control no-cache :authority kurierowo.link referer https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css :scheme https sec-fetch-site same-origin :method GET Origin https://kurierowo.link Referer https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 07:22:21 GMT content-encoding br cf-cache-status HIT last-modified Sun, 21 Oct 2018 18:37:28 GMT server cloudflare age 6727 etag W/"15de8-578c16db2aa00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liqD7qeoXmKFV5lKHQmbzzixjQ6x%2BRtoWpyrK0zZ18E4A4aGqpsfPQtQpL4OX43Wr8%2Btv29lMo%2BtJmtPgFIAb5rWqSsCTOklVOhaizQh2QRwD7VEmDPGxYPH%2FtvN4RkP33CI5QcBbygWBUGk0A%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 67858dfacb564e2b-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	opensans-light-webfont.woff kurierowo.link/Ay09G29jOr5tRQv2H/css/fonts/	84 KB 85 KB	25ms 25ms	Font application/font-woff	2606:4700:3033::6815:3a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kurierowo.link/Ay09G29jOr5tRQv2H/css/fonts/opensans-light-webfont.woff Requested by Host: kurierowo.link URL: https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:3a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `0fe491e2047389b9deb7a06fd36de7fec03af2791ec29461be02571cbebdb4ab` Request headers sec-fetch-mode cors origin https://kurierowo.link accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest font cookie 1e4f043cb84893e304979dfe3da075ab=2473189502; 46925a87b89d52918d96b7d8d1b34148=3780039428; fff6c2513988044c89cc9518ff907028=2866673065; PHPSESSID=6445ddbc0a77e26a5263d00411a73f7c :path /Ay09G29jOr5tRQv2H/css/fonts/opensans-light-webfont.woff pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept / cache-control no-cache :authority kurierowo.link referer https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css :scheme https sec-fetch-site same-origin :method GET Origin https://kurierowo.link Referer https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 07:22:21 GMT content-encoding br cf-cache-status HIT last-modified Sun, 21 Oct 2018 18:36:32 GMT server cloudflare age 6727 etag W/"15000-578c16a5c2c00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aniqc5dDHM7JA6%2BW1re%2BpkGIuBNsI1NynbOk7SmjGK%2F6R7YugYphW%2Fub%2FhdwE%2FGh62ju68p3ZxR19KykTO6U6Jex%2BKXbJ%2FS0Wv4Ku9XN9NOr8w1iRnZHnm%2Fe%2FXCXZJEAOATbJmhUWt%2Bdw4JoFA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 67858dfadb624e2b-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	opensans-semibold-webfont.woff kurierowo.link/Ay09G29jOr5tRQv2H/css/fonts/	89 KB 90 KB	31ms 30ms	Font application/font-woff	2606:4700:3033::6815:3a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kurierowo.link/Ay09G29jOr5tRQv2H/css/fonts/opensans-semibold-webfont.woff Requested by Host: kurierowo.link URL: https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:3a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `431817115e31ff8604ab76a86ce6ed55d02cd5ea7332bd0ed3d15d9b5bf9aaae` Request headers sec-fetch-mode cors origin https://kurierowo.link accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest font cookie 1e4f043cb84893e304979dfe3da075ab=2473189502; 46925a87b89d52918d96b7d8d1b34148=3780039428; fff6c2513988044c89cc9518ff907028=2866673065; PHPSESSID=6445ddbc0a77e26a5263d00411a73f7c :path /Ay09G29jOr5tRQv2H/css/fonts/opensans-semibold-webfont.woff pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept / cache-control no-cache :authority kurierowo.link referer https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css :scheme https sec-fetch-site same-origin :method GET Origin https://kurierowo.link Referer https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 07:22:21 GMT content-encoding br cf-cache-status HIT last-modified Sun, 21 Oct 2018 18:38:38 GMT server cloudflare age 6727 etag W/"16420-578c171dec780" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpDuDZwTpGWViZxia6XhonRTmeW2SJLj1nkgbD9kdXWByIP48Eso4sHCFTGEHsPXw6VwaA%2FvY4cw%2BOMLeQ1X29QJJsLXzLrnj52VUt2KBCGQ1zjRS9JZsg%2Fj07Utf9AiANlA0koeZcRwCppxSQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 67858dfadb644e2b-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
GET H3-29	200	PFBeauSansPro-Bold.woff kurierowo.link/Ay09G29jOr5tRQv2H/css/fonts/	142 KB 136 KB	33ms 32ms	Font application/font-woff	2606:4700:3033::6815:3a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kurierowo.link/Ay09G29jOr5tRQv2H/css/fonts/PFBeauSansPro-Bold.woff Requested by Host: kurierowo.link URL: https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:3a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c8b380cdc92601f7195d0cd34c777bcdee7dcd285e110534a8cf48bfa7d8b2e8` Request headers sec-fetch-mode cors origin https://kurierowo.link accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest font cookie 1e4f043cb84893e304979dfe3da075ab=2473189502; 46925a87b89d52918d96b7d8d1b34148=3780039428; fff6c2513988044c89cc9518ff907028=2866673065; PHPSESSID=6445ddbc0a77e26a5263d00411a73f7c :path /Ay09G29jOr5tRQv2H/css/fonts/PFBeauSansPro-Bold.woff pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept / cache-control no-cache :authority kurierowo.link referer https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css :scheme https sec-fetch-site same-origin :method GET Origin https://kurierowo.link Referer https://kurierowo.link/Ay09G29jOr5tRQv2H/css/c83db9c934598df9ef0f9b303089d2722.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 02 Aug 2021 07:22:21 GMT content-encoding br cf-cache-status HIT last-modified Sun, 21 Oct 2018 18:35:56 GMT server cloudflare age 6727 etag W/"2374c-578c16836db00" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZqWIH3n8Xsebesuv8ZHcNuOzp0yxuWIlpfqukxZAtTNpkVoBkB%2BxmbaQBmrpCBBJFTiwzPMG8BsKjLIAX1EKJePtzZMnM%2FeucCp1%2BADvlilC%2FFiDsSiVw9a%2F8LG8OIRljDw2hlcnKgvp%2FlNSIA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/font-woff cache-control max-age=14400 nel {"report_to":"cf-nel","max_age":604800} cf-ray 67858dfadb664e2b-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
POST H2	200	online.php Show response kurierowo.link/Ay09G29jOr5tRQv2H/	0 356 B	67ms 67ms	XHR text/html	2606:4700:3033::6815:3a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kurierowo.link/Ay09G29jOr5tRQv2H/online.php Requested by Host: kurierowo.link URL: https://kurierowo.link/Ay09G29jOr5tRQv2H/jquery.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:3a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-fetch-mode cors origin https://kurierowo.link accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest empty x-requested-with XMLHttpRequest content-length 29 :path /Ay09G29jOr5tRQv2H/online.php pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type application/x-www-form-urlencoded; charset=UTF-8 accept / cache-control no-cache :authority kurierowo.link referer https://kurierowo.link/Ay09G29jOr5tRQv2H/G5Cvae :scheme https sec-fetch-site same-origin :method POST Accept / Referer https://kurierowo.link/Ay09G29jOr5tRQv2H/G5Cvae X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers pragma no-cache date Mon, 02 Aug 2021 07:22:31 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.2.34 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTWVbcCiklk6%2FeuRWNKixfzDsqWIkldqMscVOJuw7eZc1Pl3SESr%2Fz8OQVWmcHeYS9aXIqCrsallJAgVwTEEg%2Bs3%2BELeHJEdYSrz1GqA3oXuiznkGGRy2%2Bn%2FMp656nY9W%2BpzULRxvmY1W%2F9vQw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate set-cookie PHPSESSID=35a7081c33349d9505e8912410db7dc4; path=/ cf-ray 67858e399ba54e0e-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H3-29	200	online.php Show response kurierowo.link/Ay09G29jOr5tRQv2H/	0 619 B	106ms 106ms	XHR text/html	2606:4700:3033::6815:3a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kurierowo.link/Ay09G29jOr5tRQv2H/online.php Requested by Host: kurierowo.link URL: https://kurierowo.link/Ay09G29jOr5tRQv2H/jquery.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:3a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-fetch-mode cors origin https://kurierowo.link accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest empty x-requested-with XMLHttpRequest cookie PHPSESSID=35a7081c33349d9505e8912410db7dc4 content-length 29 :path /Ay09G29jOr5tRQv2H/online.php pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type application/x-www-form-urlencoded; charset=UTF-8 accept / cache-control no-cache :authority kurierowo.link referer https://kurierowo.link/Ay09G29jOr5tRQv2H/G5Cvae :scheme https sec-fetch-site same-origin :method POST Accept / Referer https://kurierowo.link/Ay09G29jOr5tRQv2H/G5Cvae X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers pragma no-cache date Mon, 02 Aug 2021 07:22:32 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.2.34 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2BV6Ny9E0DFisP%2FeVyeLW%2BKQ8cjZvGhpaNd1e87NpXgDFImivwT51W8po%2BCHySU0atTIT6UevOZEFNGiuCVa0%2BqZZtf8hM5%2BGyzF7z8AY6Mg7PWK9XU%2B8xAyzcPwyQN3vac%2FI1NeGkdBMrhslA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 67858e435e394e2b-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H3-29	200	online.php Show response kurierowo.link/Ay09G29jOr5tRQv2H/	0 608 B	100ms 100ms	XHR text/html	2606:4700:3033::6815:3a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kurierowo.link/Ay09G29jOr5tRQv2H/online.php Requested by Host: kurierowo.link URL: https://kurierowo.link/Ay09G29jOr5tRQv2H/jquery.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:3a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-fetch-mode cors origin https://kurierowo.link accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest empty x-requested-with XMLHttpRequest cookie PHPSESSID=35a7081c33349d9505e8912410db7dc4 content-length 29 :path /Ay09G29jOr5tRQv2H/online.php pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type application/x-www-form-urlencoded; charset=UTF-8 accept / cache-control no-cache :authority kurierowo.link referer https://kurierowo.link/Ay09G29jOr5tRQv2H/G5Cvae :scheme https sec-fetch-site same-origin :method POST Accept / Referer https://kurierowo.link/Ay09G29jOr5tRQv2H/G5Cvae X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers pragma no-cache date Mon, 02 Aug 2021 07:22:34 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.2.34 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcRSMSiwooAo8H77ISzHent5MpuN2qQet26YVnpjkKmthF2zf5Pjc3C6R%2Be8K2NVHvKwMbJBsjW5xadw5772IYtXJId3SDzMNeUDksUjbmCI8er8iMlENBFt93rbOkJmHX0VdKh45pkD9Oi63w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 67858e4d6b3c4e2b-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H2	200	online.php Show response kurierowo.link/Ay09G29jOr5tRQv2H/	0 347 B	62ms 61ms	XHR text/html	2606:4700:3033::6815:3a43 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kurierowo.link/Ay09G29jOr5tRQv2H/online.php Requested by Host: kurierowo.link URL: https://kurierowo.link/Ay09G29jOr5tRQv2H/jquery.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:3a43 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.34 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers sec-fetch-mode cors origin https://kurierowo.link accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest empty x-requested-with XMLHttpRequest content-length 29 :path /Ay09G29jOr5tRQv2H/online.php pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 content-type application/x-www-form-urlencoded; charset=UTF-8 accept / cache-control no-cache :authority kurierowo.link referer https://kurierowo.link/Ay09G29jOr5tRQv2H/G5Cvae :scheme https sec-fetch-site same-origin :method POST Accept / Referer https://kurierowo.link/Ay09G29jOr5tRQv2H/G5Cvae X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers pragma no-cache date Mon, 02 Aug 2021 07:22:36 GMT content-encoding br cf-cache-status DYNAMIC nel {"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.2.34 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LenifeFO12B3mcCwCMU1gm3gky9YlNFIKxkSg%2BIfTO7NzAL3nrFPsc4Xz%2B5jILiTFxOtCb61PLwHWzr4umTgEbWadzPkcCpLGJu7fSh7OtqdRAOioFfVzoKwyrB7wyKSwYrn3GwpI3yuTBqAQg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate set-cookie PHPSESSID=a1c21ada9a9b86d349bf9c5e4d8b5695; path=/ cf-ray 67858e576d334e0e-FRA alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayU (Financial)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kurierowo.link/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6445ddbc0a77e26a5263d00411a73f7c
kurierowo.link/Ay09G29jOr5tRQv2H	1970-01-19 20:11:32	Name: fff6c2513988044c89cc9518ff907028 Value: 2866673065
kurierowo.link/Ay09G29jOr5tRQv2H	1970-01-19 20:11:32	Name: 46925a87b89d52918d96b7d8d1b34148 Value: 3780039428
kurierowo.link/Ay09G29jOr5tRQv2H	1970-01-19 20:11:32	Name: 1e4f043cb84893e304979dfe3da075ab Value: 2473189502

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

kurierowo.link
2606:4700:3033::6815:3a43
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0fe491e2047389b9deb7a06fd36de7fec03af2791ec29461be02571cbebdb4ab
27970e53d5478332b329e8292f519713b721def87872b5be486ac171bece92d7
431817115e31ff8604ab76a86ce6ed55d02cd5ea7332bd0ed3d15d9b5bf9aaae
5e5d542d8fb2f44477ca62ccf2d1dd188a4e537f9657a54485349723f6cc0584
73e157409a3ad150c03f5d19879bcb45203faf1a9418bf72e20b20b63c428683
7a1048d0f60e9ffe32593d39bb3856b4868461b5c9becd0982e7ee96cb41b340
8ab3bdb66c72f8f3afb3aef7f00bd1224ba4ebf7d260e928d3d19a8b0af98944
9650a5ba277274205e90974e7fb4183289ca51653c33fc291ad064bf8dd998e1
c8b380cdc92601f7195d0cd34c777bcdee7dcd285e110534a8cf48bfa7d8b2e8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ff5cc2782f7bb5a7651ca70445b22930e0e5ab97e06fd703c8b6d1b522b5ec45

kurierowo.link Open in urlscan Pro 2606:4700:3033::6815:3a43 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

649 kBTransfer

740 kBSize

4 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

15 JavaScript Global Variables

4 Cookies

Indicators

kurierowo.link Open in urlscan Pro
2606:4700:3033::6815:3a43 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

649 kB
Transfer

740 kB
Size

4
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!