urlscan.io logo urlscan.io
SecurityTrails logo

klh.notifications.website Open in urlscan Pro
2600:1f18:510:802:596c:f30b:b71c:833  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://srv.mndsrv.com/v2/125/a64d1a42-6f9e-11ed-a33e-0cc47a1e59eb/1/cl
Effective URL: http://klh.notifications.website/static/wall.html
Submission: On November 29 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 6 domains to perform 17 HTTP transactions. The main IP is 2600:1f18:510:802:596c:f30b:b71c:833, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is klh.notifications.website.
This is the only time klh.notifications.website was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    2607:f5a8:c000:2:a236:9fff:fe72:28a8 (United States)

ASN27589 (MOJOHOST, US)
srv.mndsrv.com
3    2600:1f18:510:802:596c:f30b:b71c:833 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
klh.notifications.website
1    2607:f8b0:4006:824::200a (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:1f18:510:801:5e05:97f7:effd:7fc3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pushads.popcash.net
10    2606:4700:4400::6812:22ec (United States)

ASN13335 (CLOUDFLARENET, US)
s-img.adskeeper.co.uk
2    2607:f8b0:4006:822::2003 (Hudson Falls, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
10 adskeeper.co.uk
s-img.adskeeper.co.uk — Cisco Umbrella Rank: 27283
1 MB
3 notifications.website
klh.notifications.website
3 KB
2 gstatic.com
fonts.gstatic.com
46 KB
1 popcash.net
pushads.popcash.net
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
1001 B
1 mndsrv.com
srv.mndsrv.com — Cisco Umbrella Rank: 374273
115 B
17 6
Domain Requested by
10 s-img.adskeeper.co.uk
3 klh.notifications.website klh.notifications.website
2 fonts.gstatic.com fonts.googleapis.com
1 pushads.popcash.net klh.notifications.website
1 fonts.googleapis.com klh.notifications.website
1 srv.mndsrv.com 1 redirects
17 6

This site contains links to these domains. Also see Links.

Domain
clck.adskeeper.co.uk
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-27 -
2023-05-26		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://klh.notifications.website/static/wall.html
Frame ID: CDEBF907BF6AF872DF9F2CBA26453ECC
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://srv.mndsrv.com/v2/125/a64d1a42-6f9e-11ed-a33e-0cc47a1e59eb/1/cl HTTP 302
    http://klh.notifications.website/static/wall.html Page URL

Page Statistics

17
Requests

76 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

5
IPs

1
Countries

1321 kB
Transfer

1327 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://srv.mndsrv.com/v2/125/a64d1a42-6f9e-11ed-a33e-0cc47a1e59eb/1/cl HTTP 302
    http://klh.notifications.website/static/wall.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request wall.html
klh.notifications.website/static/
Redirect Chain
  • https://srv.mndsrv.com/v2/125/a64d1a42-6f9e-11ed-a33e-0cc47a1e59eb/1/cl
  • http://klh.notifications.website/static/wall.html
703 B
632 B 		Document
General
Check archive.org
Download Go to
Full URL
http://klh.notifications.website/static/wall.html
Protocol
HTTP/1.1
Server
2600:1f18:510:802:596c:f30b:b71c:833 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
1527b448aea8e234c8a49d55f05fbcf23efe3affe5ac362484ab277b6fb93afb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 29 Nov 2022 17:04:36 GMT
ETag
W/"61fbeefb-2bf"
Last-Modified
Thu, 03 Feb 2022 15:04:27 GMT
Server
nginx/1.15.12
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

cache-control
no-cache
content-length
0
date
Tue, 29 Nov 2022 17:04:36 GMT
location
http://klh.notifications.website/static/wall.html
server
nginx/1.20.1
grid.min.css
klh.notifications.website/static/css/ 		1 KB
904 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://klh.notifications.website/static/css/grid.min.css
Requested by
Host: klh.notifications.website
URL: http://klh.notifications.website/static/wall.html
Protocol
HTTP/1.1
Server
2600:1f18:510:802:596c:f30b:b71c:833 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
9f696f6c56033842dddafbc681a0c5c95e506d247d8e8c38a33674b5cb42d171

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://klh.notifications.website/static/wall.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 17:04:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Feb 2022 15:04:27 GMT
Server
nginx/1.15.12
ETag
W/"61fbeefb-401"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
script.obf.js
klh.notifications.website/static/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://klh.notifications.website/static/js/script.obf.js
Requested by
Host: klh.notifications.website
URL: http://klh.notifications.website/static/wall.html
Protocol
HTTP/1.1
Server
2600:1f18:510:802:596c:f30b:b71c:833 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
2e16912165bf2ca9172e5c694d08f737f730b9609120d28c6bfcc7d4a8e59ba2

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://klh.notifications.website/static/wall.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 17:04:36 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Feb 2022 15:04:27 GMT
Server
nginx/1.15.12
ETag
W/"61fbeefb-1080"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		4 KB
1001 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400,300,300italic,400italic,700,700italic
Requested by
Host: klh.notifications.website
URL: http://klh.notifications.website/static/css/grid.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200a Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f4e10277e91d26c2c9037be02123ca73b93e29f9b91fef7483e6cd234541a35f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 29 Nov 2022 17:04:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 16:19:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Nov 2022 17:04:36 GMT
wallOffers
pushads.popcash.net/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://pushads.popcash.net/wallOffers
Requested by
Host: klh.notifications.website
URL: http://klh.notifications.website/static/js/script.obf.js
Protocol
HTTP/1.1
Server
2600:1f18:510:801:5e05:97f7:effd:7fc3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.15.12 / PHP/7.2.18
Resource Hash
fa3924b7dbb8e3b993b6c07e1b00cbd20f798037257f063ba15ade209f8e8e06

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Tue, 29 Nov 2022 17:04:37 GMT
Content-Encoding
gzip
Server
nginx/1.15.12
X-Powered-By
PHP/7.2.18
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
http://klh.notifications.website
Cache-Control
no-cache, private
Connection
keep-alive
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA5LzM2NDE4Ny8yNzg2M...
s-img.adskeeper.co.uk/g/14748766/492x328/-/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/14748766/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA5LzM2NDE4Ny8yNzg2MjQ4NWU4ZDkwZGQ2ZTkxNzMxODY5OWU2NzhlOS5qcGVn.webp?v=1669741477-WZxsvaRaRV1-VaF13S2xVq0K8B1i2JvtFrd3XV2Vqgg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93ca84dc7c8e76d704a5a80fce5bf9f4ed1419b771a8fd0aca5b9aa711f2ce40

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:04:37 GMT
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 15:55:03 GMT
x-mg-request-uuid
e71c1c8e-ae9a-40d1-8b8e-279dfc7268c1
server
cloudflare
age
79252
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
771cec67c953714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8852
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA1LzM1NDcwMS9lYmZlY...
s-img.adskeeper.co.uk/g/14698349/492x328/-/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/14698349/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA1LzM1NDcwMS9lYmZlYTBiZjZiYjgyODliODAwMTBhM2M3NTlhYTdjYy5qcGc.webp?v=1669741477-GdTIGvMwvXZKAIjHSMkOduaIV_OQ3LJKRDh3sXHSioI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b29bb0675b3c933ecb401aa1378a3add93750c3d56c06731927888993ac92202

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:04:37 GMT
cf-cache-status
HIT
last-modified
Tue, 22 Nov 2022 12:51:26 GMT
x-mg-request-uuid
c1106015-2a56-40bf-acf4-b527efca4e72
server
cloudflare
age
513546
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
771cec67b947714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13014
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEyLzM1NDcwMS8zMmU0Z...
s-img.adskeeper.co.uk/g/14736354/492x328/-/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/14736354/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEyLzM1NDcwMS8zMmU0ZWJlY2YyZTUxYzVkMGQwZjEzYzU0ZTNjMmVjNi5qcGc.webp?v=1669741477-L8GMpy8uzvCB7y8s4xoc029EL_Q3zT8yMRwc_2aBbW8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19621a9ce6062d52c8a167a72b305e8a3fafc8eb2398f72913578998f2798812

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:04:37 GMT
cf-cache-status
HIT
last-modified
Sat, 26 Nov 2022 10:16:59 GMT
x-mg-request-uuid
69e907f6-eb4a-4b12-84ef-72a2136191ad
server
cloudflare
age
281214
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
771cec67b945714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13802
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTExLzY4ODY3NS8wYzA2N...
s-img.adskeeper.co.uk/g/14508244/492x328/-/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/14508244/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTExLzY4ODY3NS8wYzA2NjE0OWE4YzA3NTE5NWMxZmYwYjEyMGE2MTY2My5qcGc.webp?v=1669741477-_iFp5r8oayaret2mIRagOBgeDryQeJTIx7JO5LE46eI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41dea0098cbd92a3082fba2269536bf7b615b3e216d34ab38ce5162e4a70684f

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:04:37 GMT
cf-cache-status
HIT
last-modified
Tue, 15 Nov 2022 15:36:17 GMT
x-mg-request-uuid
598483ee-4d23-4358-a5ea-9a94f76dc7f1
server
cloudflare
age
95488
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
771cec67b948714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9188
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZl9naWYsZmxfbG9zc3ksZ19mYWNlczphdXRvLHdfOTYwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3LzM2NjkwNC82MjRhYmMyNjVlMGE0YTIyZTdkMjhiM...
s-img.adskeeper.co.uk/g/14323424/492x328/-/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/14323424/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZl9naWYsZmxfbG9zc3ksZ19mYWNlczphdXRvLHdfOTYwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3LzM2NjkwNC82MjRhYmMyNjVlMGE0YTIyZTdkMjhiMTc3NTQ2OGY0Yy5naWY.gif?v=1669741477-jRsjYFK-atrS9g01U_i3rJd8kRb7uddsPVtV4vxuQR0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ff4f4abe03853520d96d68d86d858f55f60b539162490772d92b017ca83f0

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:04:37 GMT
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 13:31:29 GMT
x-mg-request-uuid
59486443-213a-4348-be7b-4a023816febb
server
cloudflare
age
97764
vary
Accept-Encoding
content-type
image/gif
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
771cec67c954714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1128730
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF80ODMseV8zNzUvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTEvM...
s-img.adskeeper.co.uk/g/14729189/492x328/-/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/14729189/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF80ODMseV8zNzUvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMTEvMjk1NTUzLzdmNTIwZDY2ZDlmZGMxYzNlMWE2OTA3MGY3OWZjZWZjLmpwZw.webp?v=1669741477-u1Glw2uT7Sdo8CHwHw_wOj9auXIKs3FutWr1-ZeQvz4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dd1183d726da0f86e3f4edbc4eb9781f43a0ee0e63b7651527275d51a078c36

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:04:37 GMT
cf-cache-status
HIT
last-modified
Mon, 28 Nov 2022 13:31:41 GMT
x-mg-request-uuid
13349ab4-49de-49df-95c8-687c35fdb2b7
server
cloudflare
age
98844
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
771cec67b93e714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30400
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzcxMTEyNi8xNzMwO...
s-img.adskeeper.co.uk/g/13839659/492x328/-/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/13839659/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzcxMTEyNi8xNzMwOGQ2OGYwYTBjYjliZjIxYzQzZWNhZTkzOTJjNy5qcGc.webp?v=1669741477-Fwiyqc1oRqvpYqeFcWEP1w-9W6ipyccVNzorA0HCVEY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1c5e0aef7ac14d5936c04f80fe84cd135082c4a2ef0793137aacb5c6ba5aa31

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:04:37 GMT
cf-cache-status
HIT
last-modified
Mon, 12 Sep 2022 14:05:45 GMT
x-mg-request-uuid
7f396644-8969-44fa-808c-e4ecaef72e75
server
cloudflare
age
93596
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
771cec67b941714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22334
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTExLzY4ODY3NS9iNDQ5O...
s-img.adskeeper.co.uk/g/14508236/492x328/-/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/14508236/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTExLzY4ODY3NS9iNDQ5ODljNWJlNjRhOTBmMDhiZDQwZTkyY2IxZGM1YS5qcGc.webp?v=1669741477-cZ8qUpgYOsEvdM6Gcmum1yHwfqHwIseGyYaq2BHJTbM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1b0186bc8d301f7d5bc8ee8404b87c7631a4a3e25e3eb7d6aceae6154187d3c

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:04:37 GMT
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 15:15:10 GMT
x-mg-request-uuid
3ca21d32-d39a-4504-b323-97b16be0ca04
server
cloudflare
age
6029
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
771cec67b93a714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
29396
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3LzM2NjkwNC9lYWVmM...
s-img.adskeeper.co.uk/g/14323378/492x328/-/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/14323378/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3LzM2NjkwNC9lYWVmMDFmNTA4ZjM5YjJkZDBkZTZmYjU0Y2ViYjYyOC5qcGc.webp?v=1669741477-BZ46YatMY2eoMjaXaU2tl9MPUZiwPrHP6GNzJLGMeqY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ed501b751b29a591082a3b85d4dec413e3ad3568aa598195103687895c2a13a

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:04:37 GMT
cf-cache-status
HIT
last-modified
Wed, 12 Oct 2022 18:25:12 GMT
x-mg-request-uuid
ac2a589e-b079-4ee7-8f51-feb473b48190
server
cloudflare
age
449561
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
771cec67b93f714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18532
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF8zNzEseV8yODQvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNjE2MDgxLzE5OWE4Y...
s-img.adskeeper.co.uk/g/12572586/492x328/-/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.adskeeper.co.uk/g/12572586/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF8zNzEseV8yODQvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNjE2MDgxLzE5OWE4YzAxZTNlYjI5MGZhNGVlZWMzOGU3ZDI1OTgxLmpwZw.webp?v=1669741477-0BuEMFT6B2yt4mRCy6xn3QQAv0jO-3zrIBnJxXC4sNg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:22ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2af216abcb097bbe8eb8e7bd54a2fb62ea80bd1d26e915ddb761244f374bf26c

Request headers

accept-language
en-CA,en;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 17:04:37 GMT
cf-cache-status
HIT
last-modified
Sun, 16 Oct 2022 18:07:30 GMT
x-mg-request-uuid
da6b4bfb-d0fd-4608-9a20-4b783cd8ed43
server
cloudflare
age
157711
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
771cec67b943714a-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21140
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300,300italic,400italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://klh.notifications.website
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 07:52:48 GMT
x-content-type-options
nosniff
age
33109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 07:52:48 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300,300italic,400italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 Hudson Falls, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://klh.notifications.website
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 07:09:38 GMT
x-content-type-options
nosniff
age
554099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 07:09:38 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _0x190e string| baseUrl object| localCache object| xhttp function| generateDiv number| j

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
klh.notifications.website
pushads.popcash.net
s-img.adskeeper.co.uk
srv.mndsrv.com
2600:1f18:510:801:5e05:97f7:effd:7fc3
2600:1f18:510:802:596c:f30b:b71c:833
2606:4700:4400::6812:22ec
2607:f5a8:c000:2:a236:9fff:fe72:28a8
2607:f8b0:4006:822::2003
2607:f8b0:4006:824::200a
1527b448aea8e234c8a49d55f05fbcf23efe3affe5ac362484ab277b6fb93afb
19621a9ce6062d52c8a167a72b305e8a3fafc8eb2398f72913578998f2798812
2af216abcb097bbe8eb8e7bd54a2fb62ea80bd1d26e915ddb761244f374bf26c
2e16912165bf2ca9172e5c694d08f737f730b9609120d28c6bfcc7d4a8e59ba2
41dea0098cbd92a3082fba2269536bf7b615b3e216d34ab38ce5162e4a70684f
4e6ff4f4abe03853520d96d68d86d858f55f60b539162490772d92b017ca83f0
7dd1183d726da0f86e3f4edbc4eb9781f43a0ee0e63b7651527275d51a078c36
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93ca84dc7c8e76d704a5a80fce5bf9f4ed1419b771a8fd0aca5b9aa711f2ce40
9ed501b751b29a591082a3b85d4dec413e3ad3568aa598195103687895c2a13a
9f696f6c56033842dddafbc681a0c5c95e506d247d8e8c38a33674b5cb42d171
b1c5e0aef7ac14d5936c04f80fe84cd135082c4a2ef0793137aacb5c6ba5aa31
b29bb0675b3c933ecb401aa1378a3add93750c3d56c06731927888993ac92202
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
f1b0186bc8d301f7d5bc8ee8404b87c7631a4a3e25e3eb7d6aceae6154187d3c
f4e10277e91d26c2c9037be02123ca73b93e29f9b91fef7483e6cd234541a35f
fa3924b7dbb8e3b993b6c07e1b00cbd20f798037257f063ba15ade209f8e8e06