klh.notifications.website Open in urlscan Pro
2600:1f18:510:801:f9c1:c642:6924:3e65  Public Scan

Submitted URL: https://srv.eu.mndsrv.com/v2/419/90bb4764-3e58-11ed-9152-002590f370c6/1/cl
Effective URL: http://klh.notifications.website/static/wall.html
Submission: On September 28 via manual from EE — Scanned from DE

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 17 HTTP transactions. The main IP is 2600:1f18:510:801:f9c1:c642:6924:3e65, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is klh.notifications.website.
This is the only time klh.notifications.website was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
10 adskeeper.co.uk
s-img.adskeeper.co.uk — Cisco Umbrella Rank: 45390
162 KB
3 notifications.website
klh.notifications.website
3 KB
2 gstatic.com
fonts.gstatic.com
46 KB
1 popcash.net
pushads.popcash.net
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
1001 B
1 mndsrv.com
srv.eu.mndsrv.com
201 B
17 6
Domain Requested by
10 s-img.adskeeper.co.uk
3 klh.notifications.website klh.notifications.website
2 fonts.gstatic.com fonts.googleapis.com
1 pushads.popcash.net klh.notifications.website
1 fonts.googleapis.com klh.notifications.website
1 srv.eu.mndsrv.com 1 redirects
17 6

This site contains links to these domains. Also see Links.

Domain
clck.adskeeper.co.uk
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3
2022-09-12 -
2022-12-05
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-05-27 -
2023-05-26
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-09-05 -
2022-11-28
3 months crt.sh

This page contains 1 frames:

Primary Page: http://klh.notifications.website/static/wall.html
Frame ID: 0B64D1DF7C22DDBF294CC7B49402909F
Requests: 17 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://srv.eu.mndsrv.com/v2/419/90bb4764-3e58-11ed-9152-002590f370c6/1/cl HTTP 302
    http://klh.notifications.website/static/wall.html Page URL

Page Statistics

17
Requests

76 %
HTTPS

100 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

215 kB
Transfer

223 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://srv.eu.mndsrv.com/v2/419/90bb4764-3e58-11ed-9152-002590f370c6/1/cl HTTP 302
    http://klh.notifications.website/static/wall.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request wall.html
klh.notifications.website/static/
Redirect Chain
  • https://srv.eu.mndsrv.com/v2/419/90bb4764-3e58-11ed-9152-002590f370c6/1/cl
  • http://klh.notifications.website/static/wall.html
703 B
632 B
Document
General
Full URL
http://klh.notifications.website/static/wall.html
Protocol
HTTP/1.1
Server
2600:1f18:510:801:f9c1:c642:6924:3e65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
1527b448aea8e234c8a49d55f05fbcf23efe3affe5ac362484ab277b6fb93afb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 28 Sep 2022 08:36:10 GMT
ETag
W/"61fbeefb-2bf"
Last-Modified
Thu, 03 Feb 2022 15:04:27 GMT
Server
nginx/1.15.12
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

cache-control
no-cache
content-length
0
date
Wed, 28 Sep 2022 08:36:10 GMT
location
http://klh.notifications.website/static/wall.html
server
CDN77-Turbo
x-77-cache
MISS
x-77-nzt
AdRmOLTWKAeh
x-77-nzt-ray
9lsQ47MjYvc
x-77-pop
frankfurtDE
x-cache
MISS
grid.min.css
klh.notifications.website/static/css/
1 KB
904 B
Stylesheet
General
Full URL
http://klh.notifications.website/static/css/grid.min.css
Requested by
Host: klh.notifications.website
URL: http://klh.notifications.website/static/wall.html
Protocol
HTTP/1.1
Server
2600:1f18:510:801:f9c1:c642:6924:3e65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
9f696f6c56033842dddafbc681a0c5c95e506d247d8e8c38a33674b5cb42d171

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://klh.notifications.website/static/wall.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 08:36:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Feb 2022 15:04:27 GMT
Server
nginx/1.15.12
ETag
W/"61fbeefb-401"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
script.obf.js
klh.notifications.website/static/js/
4 KB
1 KB
Script
General
Full URL
http://klh.notifications.website/static/js/script.obf.js
Requested by
Host: klh.notifications.website
URL: http://klh.notifications.website/static/wall.html
Protocol
HTTP/1.1
Server
2600:1f18:510:801:f9c1:c642:6924:3e65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.15.12 /
Resource Hash
2e16912165bf2ca9172e5c694d08f737f730b9609120d28c6bfcc7d4a8e59ba2

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://klh.notifications.website/static/wall.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 08:36:11 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Feb 2022 15:04:27 GMT
Server
nginx/1.15.12
ETag
W/"61fbeefb-1080"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=315360000, public
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/
4 KB
1001 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,300,300italic,400italic,700,700italic
Requested by
Host: klh.notifications.website
URL: http://klh.notifications.website/static/css/grid.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f4e10277e91d26c2c9037be02123ca73b93e29f9b91fef7483e6cd234541a35f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Sep 2022 08:36:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Sep 2022 08:36:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Sep 2022 08:36:11 GMT
wallOffers
pushads.popcash.net/
7 KB
3 KB
XHR
General
Full URL
http://pushads.popcash.net/wallOffers
Requested by
Host: klh.notifications.website
URL: http://klh.notifications.website/static/js/script.obf.js
Protocol
HTTP/1.1
Server
2600:1f18:510:802:56d:ee81:69b1:1b04 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.15.12 / PHP/7.2.18
Resource Hash
6631636ed45bd3a80ccb35212bcb7fc81be7cc4cbdb661f993ae9eae81a2515a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date
Wed, 28 Sep 2022 08:36:11 GMT
Content-Encoding
gzip
Server
nginx/1.15.12
X-Powered-By
PHP/7.2.18
Transfer-Encoding
chunked
Vary
Accept-Encoding, Origin
Content-Type
application/json
Access-Control-Allow-Origin
http://klh.notifications.website
Cache-Control
no-cache, private
Connection
keep-alive
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA2LzU2OTI5OS9jZTNlZ...
s-img.adskeeper.co.uk/g/13363938/492x328/-/
9 KB
9 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/13363938/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA2LzU2OTI5OS9jZTNlZTFkMjU3NDBmZTVjNTdjNjk4MTk2MjZjZjI2OC5qcGVn.webp?v=1664354171-W-At2Pl3p4Lx2AjVJPXiJaDDtELR4O7vbO1ijZD5WiI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5f2c99e4079cd12ad3b63d38a975961dd53a12da19641bbff78bea049b0d40e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 08:36:11 GMT
cf-cache-status
HIT
last-modified
Mon, 12 Sep 2022 05:17:55 GMT
x-mg-request-uuid
a7ec38d2-f9a2-49b7-ab92-cfbf85cdb0a0
server
cloudflare
age
1394218
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
751b2663aa9abb43-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9360
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzU0NzI1OC8xYjE5Z...
s-img.adskeeper.co.uk/g/13758158/492x328/-/
23 KB
23 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/13758158/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzU0NzI1OC8xYjE5ZGZhZjM5NWYyMmY0MjhkZTQyNTViZGMwZWY1Ny5qcGVn.webp?v=1664354171-ON0QvdQkk-Eam9Lp3oPQZwB6d8rnZC01HD6etitbOSU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98a89e1abdb371a085e1cc45e5d4b840347d7c49ca6ab107a1df85c46b3c2b8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 08:36:11 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Aug 2022 05:55:35 GMT
x-mg-request-uuid
03a25dc4-c1e3-4de8-9cb0-1ea592350306
server
cloudflare
age
1128026
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
751b2663aa9dbb43-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23328
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzcxNTgxMy9lYzVlM...
s-img.adskeeper.co.uk/g/13935153/492x328/-/
13 KB
13 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/13935153/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzcxNTgxMy9lYzVlMTEwZDQzNDk3YTk1YzIyMTQ4YzlhNGVhMDE3MS5qcGc.webp?v=1664354171-j4Vkku5dg1WWGxoqkYB6F4I9r7jc4YrDd66Ot3UM3uM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b2298e5cee4227e4c464ef07f59be1189174c38ff68f6c89313ab56f0e37c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 08:36:11 GMT
cf-cache-status
HIT
last-modified
Tue, 30 Aug 2022 10:23:33 GMT
x-mg-request-uuid
5ffb30b9-cacd-4ac3-acf3-65a114b9de59
server
cloudflare
age
1888160
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
751b2663aa9fbb43-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12968
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzcxNTgxMy80MTNhM...
s-img.adskeeper.co.uk/g/13881603/492x328/-/
8 KB
8 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/13881603/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzcxNTgxMy80MTNhMjI0NjUzODA4YmExMWZmODIyMjQxODBhODkzZS5qcGVn.webp?v=1664354171-WkxfxBpGmZRWm_pPBqijgQYliy9f1-MrBWnyZC2PR48
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
217b35ef3d03df8525b0172eb4772ee4ddc6be34eb36a97306a96dfe5bedf0d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 08:36:11 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Aug 2022 08:24:25 GMT
x-mg-request-uuid
b6ee504c-7be0-4be6-a86e-6df8f287fd1b
server
cloudflare
age
2251026
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
751b2663aaa1bb43-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7936
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA5LzI4NzM1NS8zYzU1N...
s-img.adskeeper.co.uk/g/14158639/492x328/-/
9 KB
9 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/14158639/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA5LzI4NzM1NS8zYzU1NWQwN2E1YzdiYmEwODcyYjM4NTA2NmZkYTIxMi5qcGc.webp?v=1664354171-Wt8MMRP_SAecBAwApbYyepSsMVG4NnP9016atDlqqD0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
174de9f51887a8e698a314449bd1c4a1e51f09d1248b695c1b32bc24f58b4825

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 08:36:11 GMT
cf-cache-status
HIT
last-modified
Mon, 26 Sep 2022 07:06:57 GMT
x-mg-request-uuid
c650507b-0c22-4940-ba57-11794697ea61
server
cloudflare
age
178137
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
751b2663babfbb43-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9440
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3LzQ0NTQ0NC84ZDVkY...
s-img.adskeeper.co.uk/g/14111927/492x328/-/
11 KB
11 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/14111927/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3LzQ0NTQ0NC84ZDVkYTNkYTkzNWYyZDM1NWVkNTZjY2RkNjM5Mzc0Yi5qcGc.webp?v=1664354171-q8ilaLwqQEDWt95gB4GXaYFrn44yikZADh9dKrIfBAM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50633073ea11af73f0eda2ecfabec6deebd5fa8fc44505e20ed49eb8db3357c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 08:36:11 GMT
cf-cache-status
HIT
last-modified
Tue, 20 Sep 2022 05:30:41 GMT
x-mg-request-uuid
54d25c8a-03a8-4c94-9c0e-d558c7a9d415
server
cloudflare
age
699343
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
751b2663babbbb43-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10792
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA5LzQ0NTQ0NC9mNDNkM...
s-img.adskeeper.co.uk/g/14137148/492x328/-/
6 KB
6 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/14137148/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA5LzQ0NTQ0NC9mNDNkMWY0NGE3ZjUzMWFlZDhjMjM2MWE0MGJiYTE4Zi5qcGc.webp?v=1664354171-I03Xrarqbbf3oR2H2TBaA63ZVMlJB7x5hNBQ6Cs5H-k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d7840852d4aa28d4fb4a64a788387345ed4caf3136c4a6e4d04106d99fc928a

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 08:36:11 GMT
cf-cache-status
HIT
last-modified
Fri, 23 Sep 2022 14:21:45 GMT
x-mg-request-uuid
09a55570-6709-4bb4-bf48-bdb6589cdc47
server
cloudflare
age
411068
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
751b2663aa95bb43-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5668
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA5LzI4NzM1NS83Y2E2M...
s-img.adskeeper.co.uk/g/14159872/492x328/-/
36 KB
36 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/14159872/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA5LzI4NzM1NS83Y2E2MThmNTRhYzFkNjc5NWE2ODY1N2QwYjI3ZmUzYy5qcGc.webp?v=1664354171-oEyfLXqwH8x-6vrM_yCIFoDVZxK51XjAwMyoHa42ojI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9828d04c46821be3516da73e134697f60d30fe06d5c3085f49c932d21233416

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 08:36:11 GMT
cf-cache-status
HIT
last-modified
Mon, 26 Sep 2022 11:54:37 GMT
x-mg-request-uuid
aaab05fb-1967-48b7-814b-3b9f27e871e7
server
cloudflare
age
160611
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
751b2663aa98bb43-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36710
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzcxMTEyNi8yNWY2N...
s-img.adskeeper.co.uk/g/13813995/492x328/-/
21 KB
21 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/13813995/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzcxMTEyNi8yNWY2NDQ5NTAyOWFiNmZmYWIxMmU3NmRkMGFiYmVhYS5qcGc.webp?v=1664354171-kZQEtvely0NIM7znLyUG2fFz5OOdMaGVH4Gencz9jPE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f13f983c54938c09fe6ba0bec48259346a4cc82a7742326e51eda6712a82956

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 08:36:11 GMT
cf-cache-status
HIT
last-modified
Mon, 05 Sep 2022 09:14:31 GMT
x-mg-request-uuid
192cd35e-359f-4601-9218-27d82ce9f809
server
cloudflare
age
91266
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
751b2663aa99bb43-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21298
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzQ0NTQ0NC9jZTY3M...
s-img.adskeeper.co.uk/g/14025036/492x328/-/
26 KB
26 KB
Image
General
Full URL
https://s-img.adskeeper.co.uk/g/14025036/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA4LzQ0NTQ0NC9jZTY3MDFiZGUxNjI4OTMzMjFhMmU2Y2JjNGQ0YmIxMy5qcGVn.webp?v=1664354171-0rJTv2k3dS31LluwtNfUIk0lzFowRkin5-6YHTrRrLM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1aae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
811bd886b5b20eba483959f702e15535cc42983add1686ddcdbda70f883e8751

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://klh.notifications.website/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Wed, 28 Sep 2022 08:36:11 GMT
cf-cache-status
HIT
last-modified
Wed, 28 Sep 2022 07:06:06 GMT
x-mg-request-uuid
da1572d1-7258-4323-a2b0-887f3ed4d2f1
server
cloudflare
age
5010
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
751b2663aa91bb43-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26692
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300,300italic,400italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://klh.notifications.website
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:05:49 GMT
x-content-type-options
nosniff
age
73822
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Sep 2023 12:05:49 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300,300italic,400italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://klh.notifications.website
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 17:08:09 GMT
x-content-type-options
nosniff
age
55682
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Sep 2023 17:08:09 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| _0x190e string| baseUrl object| localCache object| xhttp function| generateDiv number| j

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
klh.notifications.website
pushads.popcash.net
s-img.adskeeper.co.uk
srv.eu.mndsrv.com
2600:1f18:510:801:f9c1:c642:6924:3e65
2600:1f18:510:802:56d:ee81:69b1:1b04
2606:4700::6812:1aae
2a00:1450:4001:806::2003
2a00:1450:4001:827::200a
2a02:6ea0:c700::22
1527b448aea8e234c8a49d55f05fbcf23efe3affe5ac362484ab277b6fb93afb
174de9f51887a8e698a314449bd1c4a1e51f09d1248b695c1b32bc24f58b4825
217b35ef3d03df8525b0172eb4772ee4ddc6be34eb36a97306a96dfe5bedf0d3
2e16912165bf2ca9172e5c694d08f737f730b9609120d28c6bfcc7d4a8e59ba2
50633073ea11af73f0eda2ecfabec6deebd5fa8fc44505e20ed49eb8db3357c5
60b2298e5cee4227e4c464ef07f59be1189174c38ff68f6c89313ab56f0e37c1
6631636ed45bd3a80ccb35212bcb7fc81be7cc4cbdb661f993ae9eae81a2515a
6f13f983c54938c09fe6ba0bec48259346a4cc82a7742326e51eda6712a82956
811bd886b5b20eba483959f702e15535cc42983add1686ddcdbda70f883e8751
8d7840852d4aa28d4fb4a64a788387345ed4caf3136c4a6e4d04106d99fc928a
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
98a89e1abdb371a085e1cc45e5d4b840347d7c49ca6ab107a1df85c46b3c2b8a
9f696f6c56033842dddafbc681a0c5c95e506d247d8e8c38a33674b5cb42d171
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d5f2c99e4079cd12ad3b63d38a975961dd53a12da19641bbff78bea049b0d40e
f4e10277e91d26c2c9037be02123ca73b93e29f9b91fef7483e6cd234541a35f
f9828d04c46821be3516da73e134697f60d30fe06d5c3085f49c932d21233416