salg.kim Open in urlscan Pro
2a07:7800::191 Public Scan

URL:
https://salg.kim/
Submission: On July 03 via api (July 3rd 2024, 5:17:32 am UTC) from US — Scanned from GB

Summary HTTP 11 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 11 HTTP transactions. The main IP is 2a07:7800::191, located in United Kingdom and belongs to TWENTYI, GB. The main domain is salg.kim.
TLS certificate: Issued by Certera DV SSL CA on May 28th 2024. Valid for: a year.

This is the only time salg.kim was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a07:7800::191 2a07:7800::191	48254 (TWENTYI) (TWENTYI)
8	172.67.68.226 172.67.68.226	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	3

2 2a07:7800::191 (United Kingdom)

ASN48254 (TWENTYI, GB)

salg.kim	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.67.68.226 (United States)

ASN13335 (CLOUDFLARENET, US)

cfw42.rabbitloader.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	rabbitloader.xyz cfw42.rabbitloader.xyz — Cisco Umbrella Rank: 272996	159 KB
2	salg.kim salg.kim	69 KB
11	2

	Domain	Requested by
8	cfw42.rabbitloader.xyz	salg.kim
2	salg.kim	salg.kim
11	2

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.pinterest.com
instagram.com

Subject Issuer	Validity	Valid
salg.kim Certera DV SSL CA	`2024-05-28` - `2025-06-28`	a year	crt.sh
rabbitloader.xyz E1	`2024-06-03` - `2024-09-01`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://salg.kim/
Frame ID: FE8A74F1C5E56EBA42863436807871BB
Requests: 13 HTTP requests in this frame

Frame: https://salg.kim/wp-admin/admin-ajax.php?action=se_async
Frame ID: A735292370AB58A29F94608F1F3F6F37
Requests: 1 HTTP requests in this frame

Frame: https://salg.kim/wp-admin/admin-ajax.php?action=se_async
Frame ID: 379FB03350E53A2447DC06CCD6C8175A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

salg.kim - Online shopping af Kim

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

11
Requests

91 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

228 kB
Transfer

441 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/ltd.kim.shop
Title: 0 Fans 0Fans

Search URL Search Domain Scan URL

URL: http://twitter.com/
Title: 0 Followers 0Followers

Search URL Search Domain Scan URL

URL: http://www.pinterest.com/ltdkim
Title: 0 Followers 0Followers

Search URL Search Domain Scan URL

URL: http://instagram.com/b2cc6d9e9df294daac3bad9d8a038fcb
Title: 0 Followers 0Followers

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
salg.kim/ 236 KB
68 KB 201ms
92ms Document
text/html 2a07:7800::191
TWENTYI

General

Check archive.org

Show headers Download Go to

Full URL

https://salg.kim/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a07:7800::191 , United Kingdom, ASN48254 (TWENTYI, GB),

Reverse DNS

Software

Apache / PHP/8.0.30

Resource Hash

06c5840ebd0b09fc7c6f6cc741e1b95fc8acadcd2533196ad3ffdbbcb5ba36c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 03 Jul 2024 05:17:28 GMT
link: <https://salg.kim/>; rel=shortlink, <https://cfw42.rabbitloader.xyz/95rtnexm/v8.658f70fcc649724729e2c027ac30d678.1.1.a28/rl.bs.critical.css?v=sfz46d>; rel=preload; as=style; fetchpriority=high;, <https://cfw42.rabbitloader.xyz/rl.cl.m.v4.3.5.js>; rel=preload; as=script; fetchpriority=high;
server: Apache
server-timing: wp-before-template;dur=2669.57
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-cache-enabled: true
x-cdn-cache-status: MISS
x-cdn-node-is-at-origin: 1
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-origin-cache-status: MISS
x-powered-by: PHP/8.0.30
x-provided-by: StackCDN
x-rl-cache: hit
x-rl-mode: ac
x-rl-modified: Wed, 03 Jul 2024 05:14:47 GMT
x-rl-rule: 66081f4d35a4af2299beccc9
x-stackcache-cacheable: yes
x-via: LHR3
x-xss-protection: 0

GET
H3 200 rl.bs.critical.css
cfw42.rabbitloader.xyz/95rtnexm/v8.658f70fcc649724729e2c027ac30d678.1.1.a28/ 60 KB
15 KB 247ms
185ms Stylesheet
text/css 172.67.68.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cfw42.rabbitloader.xyz/95rtnexm/v8.658f70fcc649724729e2c027ac30d678.1.1.a28/rl.bs.critical.css?v=sfz46d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.68.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e91af245ddac803192829c145082461a15c8a0c4e66039a124eea806a6e4aa6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salg.kim/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 03 Jul 2025 05:17:28 GMT
date: Wed, 03 Jul 2024 05:17:28 GMT
content-encoding: gzip
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 1072
cdn-storageserver: UK-624
cdn-cachedat: 07/03/2024 05:17:28
cdn-pullzone: 1642391
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 01 Jul 2024 00:03:06 GMT
cdn-proxyver: 1.04
cdn-fileserver: 747
cdn-requestpullcode: 200
server: cloudflare
etag: W/"6681f23a-ee48"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AqlcNSMrEpbB%2FbatfT7RO9m0FMecQQczTS61LGe5%2FM9aiIA5nsx%2Bi%2BMNpCmpmeoMNyyETGCeFfMDKzYKQzcpQWqIz%2Beu4tfRjGo3vLOCGuTkmVfVPsSREaZgJ6CNfRNlS1XgqtdY32o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cdn-cache: MISS
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestid: 00fd71c6cdf51e09838ec92dac27de51
timing-allow-origin: *
cf-ray: 89d468cadb854922-LHR
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3 200 rl.cl.m.v4.3.5.js Show response
cfw42.rabbitloader.xyz/ 12 KB
6 KB 122ms
60ms Script
application/javascript 172.67.68.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cfw42.rabbitloader.xyz/rl.cl.m.v4.3.5.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.68.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bb0f01cb3d7e6817a1312fab229ed5dc0259e12cd268e955d5981392aeb8dd7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salg.kim/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 03 Jul 2024 05:17:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4516473
etag: W/"fc28551c8dc3722e8515196eb659f9a9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FTI2EIendF4Kx0oLrmWmezwGnbNqy%2FpgAmkOfXEDOzm4kozglh2OgjGKpk4RKMRqqQj12e0XbDSYZugk5k28VIFXZtln%2ByJZLGirNODO%2FvZGiannHXa%2BjQ2h7jAn7p7JFsIJ6J4deLc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 89d468cadb874922-LHR
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 261 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 773d6ed4462c07cf48b1a60527eb4b00cd86d660d33af4277e0d67708568fee1

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 261 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f803b9a4a1bcce0fc5a839db1c723dfcef3ccea7ce764c22880c937e3ab9301

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 260 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3f92efbdd98ca28cd7d6d7fd411e783268f9bfd89554dea0493adf44f18cce3

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 admin-ajax.php Show response
salg.kim/wp-admin/ Frame A735 2 B
634 B 4000ms
4000ms Document
text/html 2a07:7800::191
TWENTYI

General

Check archive.org

Show headers Download Go to

Full URL

https://salg.kim/wp-admin/admin-ajax.php?action=se_async

Requested by

Host: salg.kim
URL: https://salg.kim/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a07:7800::191 , United Kingdom, ASN48254 (TWENTYI, GB),

Reverse DNS

Software

Apache / PHP/8.0.30

Resource Hash

5ec1f7e700f37c3d0b2981d04855fc34b94aaa15457b05ca571817442d228f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: https://salg.kim/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 03 Jul 2024 05:17:24 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding Accept-Encoding
x-cdn-cache-status: MISS
x-cdn-node-is-at-origin: 1
x-content-type-options: nosniff nosniff
x-dns-prefetch-control: on
x-frame-options: SAMEORIGIN
x-origin-cache-status: MISS
x-powered-by: PHP/8.0.30
x-provided-by: StackCDN
x-rl-mode: ac
x-rl-skip: ajax
x-robots-tag: noindex
x-via: LHR3
x-xss-protection: 0

GET admin-ajax.php
salg.kim/wp-admin/ Frame 379F 0
0

GET
H3 200 logo-white-1.png
cfw42.rabbitloader.xyz/eyJjIjp0cnVlLCJoIjoic2FsZy5raW0iLCJ2Ijo5NTMxMjYxMiwiaSI6IjY5NzM3OTY5LTY0NDgtNGVhMS1jOWVmLTM2MDNmM2VmZDcwMCJ9/wp-content/uploads/2024/06/ 8 KB
9 KB 82ms
82ms Image
image/avif 172.67.68.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfw42.rabbitloader.xyz/eyJjIjp0cnVlLCJoIjoic2FsZy5raW0iLCJ2Ijo5NTMxMjYxMiwiaSI6IjY5NzM3OTY5LTY0NDgtNGVhMS1jOWVmLTM2MDNmM2VmZDcwMCJ9/wp-content/uploads/2024/06/logo-white-1.png

Requested by

Host: salg.kim
URL: https://salg.kim/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.68.226 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

543536e88fce64a068a879af4918f20a8c0996b554e2c457799473f8a780b84d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salg.kim/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
age: 434767
x-rl-iw: 1920
cdn-pullzone: 1991230
cf-bgj: imgq:85,h2pri
cdn-proxyver: 1.04
etag: "cfQctjJt0y6Ce3eC0NZS97cOnne1sgMahxlIID1lwFDQ"
vary: Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cdn-cache: MISS
cache-control: public, max-age=31536000, s-maxage=31536000, stale-while-revalidate=7200
link: <https://salg.kim/wp-content/uploads/2024/06/logo-white-1.png>; rel='canonical'
cdn-requestcountrycode: GB
cf-images: internal=ok/- q=0 n=1117+113 c=0+0 v=2024.6.0 l=8550
date: Wed, 03 Jul 2024 05:17:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 1072
cdn-cachedat: 06/28/2024 04:31:21
alt-svc: h3=":443"; ma=86400
content-length: 8550
server: cloudflare
cdn-requestpullcode: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QijGworNJcmH5VAONywBtOMUYmDPU113Hmplvr3cj1S51rmTpxBL%2BPIO782HMgMOyJRZ4cK7XzKrRh1Od%2Bto4PVaTgAgzRelZwAzRtwIvL6sM7I5VNUzgAr%2F9tS8DmtFYG1zBG5Pz80%3D"}],"group":"cf-nel","max_age":604800}
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestid: df6faf0ad512ca9a4ed82d882e924ce4
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89d468cc8c934922-LHR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 0730852167438_R00-jpg.webp
cfw42.rabbitloader.xyz/eyJjIjp0cnVlLCJoIjoic2FsZy5raW0iLCJ2Ijo5NTMxMjYxMiwiaSI6IjAxNzdiZjNlLWYxYzgtNDMyZC00Y2Q1LWY1NmI1ZTgzOTQwMCJ9/wp-content/uploads/2024/07/ 15 KB
16 KB 259ms
259ms Image
image/avif 172.67.68.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfw42.rabbitloader.xyz/eyJjIjp0cnVlLCJoIjoic2FsZy5raW0iLCJ2Ijo5NTMxMjYxMiwiaSI6IjAxNzdiZjNlLWYxYzgtNDMyZC00Y2Q1LWY1NmI1ZTgzOTQwMCJ9/wp-content/uploads/2024/07/0730852167438_R00-jpg.webp

Requested by

Host: salg.kim
URL: https://salg.kim/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.68.226 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bba69743b3501276fc4bf7101014c735c7e6dbc46d8afa57c5b90c43b181e881

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salg.kim/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-rl-iw: 1920
cdn-pullzone: 1991230
cf-bgj: imgq:85,h2pri
cdn-proxyver: 1.04
etag: "cfbRLSeQT4edjaxaj5w0mCFIhDe1sgMahxlIID1lwFDQ"
vary: Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cdn-cache: MISS
cache-control: public, max-age=31536000, s-maxage=31536000, stale-while-revalidate=7200
link: <https://salg.kim/wp-content/uploads/2024/07/0730852167438_R00-jpg.webp>; rel='canonical'
cdn-requestcountrycode: GB
cf-images: internal=ok/- q=0 n=22+185 c=10+454 v=2024.6.0 l=15815
date: Wed, 03 Jul 2024 05:17:28 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 1073
cdn-cachedat: 07/03/2024 05:17:28
alt-svc: h3=":443"; ma=86400
content-length: 15815
server: cloudflare
cdn-requestpullcode: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1jfzhmePB0QdBtvwukIAwK56enqv9uMDuHhDAOHt%2BlJ1cjpuLGqAYMK%2FSgvTeMIchYSXm76otWkA556EB9DtcTwfFrWQVKCddL5a%2B%2F%2BUtV1yab%2B8b456VxweDhl1RdfZ08zVvxEeBZs%3D"}],"group":"cf-nel","max_age":604800}
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestid: 911e52b32ea4868038cd818182383b97
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89d468cc8c944922-LHR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 3605972368782_R02-jpg.webp
cfw42.rabbitloader.xyz/eyJjIjp0cnVlLCJoIjoic2FsZy5raW0iLCJ2Ijo5NTMxMjYxMiwiaSI6IjY4M2U5NGZhLTNiYzktNGQ1OC01ZWM2LWM5YmZhYjBmMGMwMCJ9/wp-content/uploads/2024/07/ 34 KB
35 KB 281ms
280ms Image
image/avif 172.67.68.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfw42.rabbitloader.xyz/eyJjIjp0cnVlLCJoIjoic2FsZy5raW0iLCJ2Ijo5NTMxMjYxMiwiaSI6IjY4M2U5NGZhLTNiYzktNGQ1OC01ZWM2LWM5YmZhYjBmMGMwMCJ9/wp-content/uploads/2024/07/3605972368782_R02-jpg.webp

Requested by

Host: salg.kim
URL: https://salg.kim/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.68.226 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c104ec6e509c0d62b4fe78a788348f9036ea96603f92cc3808190b828160478e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salg.kim/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-rl-iw: 1920
cdn-pullzone: 1991230
cf-bgj: imgq:85,h2pri
cdn-proxyver: 1.04
etag: "cfPOp35PhDpT-c9yGLP9zyF-1Re1sgMahxlIID1lwFDQ"
vary: Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cdn-cache: MISS
cache-control: public, max-age=31536000, s-maxage=31536000, stale-while-revalidate=7200
link: <https://salg.kim/wp-content/uploads/2024/07/3605972368782_R02-jpg.webp>; rel='canonical'
cdn-requestcountrycode: GB
cf-images: internal=ok/- q=0 n=616+105 c=14+555 v=2024.6.0 l=34848
date: Wed, 03 Jul 2024 05:17:28 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 947
cdn-cachedat: 07/03/2024 05:17:28
alt-svc: h3=":443"; ma=86400
content-length: 34848
server: cloudflare
cdn-requestpullcode: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UvKaRJAziOeESRS004hyvFpeB15m3EzBXT0i3UJSrqe7eVAvRBXA%2BK8Xos0fwDimWvDMGUqhXtf3FWTjyiri1djlcEPq8TW%2BWI%2B2%2Fd3b1A0i3HkMt2XK6xZ8ONizaZLH%2FtnCQWrFlAs%3D"}],"group":"cf-nel","max_age":604800}
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestid: 7fb167466c1a7e715aa2856e53416794
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89d468cc8c954922-LHR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 0020714873769_S4513947_P01-jpg.webp
cfw42.rabbitloader.xyz/eyJjIjp0cnVlLCJoIjoic2FsZy5raW0iLCJ2Ijo5NTMxMjYxMiwiaSI6ImJkNzQ0MmE0LTM5NjctNGY5Mi1hNGNlLWY3ZjEzMDczZGEwMCJ9/wp-content/uploads/2024/07/ 22 KB
22 KB 193ms
193ms Image
image/avif 172.67.68.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfw42.rabbitloader.xyz/eyJjIjp0cnVlLCJoIjoic2FsZy5raW0iLCJ2Ijo5NTMxMjYxMiwiaSI6ImJkNzQ0MmE0LTM5NjctNGY5Mi1hNGNlLWY3ZjEzMDczZGEwMCJ9/wp-content/uploads/2024/07/0020714873769_S4513947_P01-jpg.webp

Requested by

Host: salg.kim
URL: https://salg.kim/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.68.226 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ffa9fccee5b8d50a5ac53100922cfff87a93aa0b6c3b8b24792735ede52fb88

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salg.kim/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-rl-iw: 1920
cdn-pullzone: 1991230
cf-bgj: imgq:85,h2pri
cdn-proxyver: 1.04
etag: "cflBsjVfxt1Xe8t_K9eyBlcB_4e1sgMahxlIID1lwFDQ"
vary: Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cdn-cache: MISS
cache-control: public, max-age=31536000, s-maxage=31536000, stale-while-revalidate=7200
link: <https://salg.kim/wp-content/uploads/2024/07/0020714873769_S4513947_P01-jpg.webp>; rel='canonical'
cdn-requestcountrycode: GB
cf-images: internal=ok/- q=0 n=254+87 c=12+1070 v=2024.6.0 l=22080
date: Wed, 03 Jul 2024 05:17:28 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 946
cdn-cachedat: 07/03/2024 05:17:28
alt-svc: h3=":443"; ma=86400
content-length: 22080
server: cloudflare
cdn-requestpullcode: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rB%2Bj4jyFCwtl4hibBn55l4zzJhCEXHh6Mie%2BQkPyV3twvE%2FraNwH2usAv9ZJk6tnWw9%2FuxAJTG32UKwQbozDw6t3xGLOG%2Bjn1qsk%2BDXSBd8oGSBCP2MsiVLRudkfVqCCXafCJaEwFxs%3D"}],"group":"cf-nel","max_age":604800}
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestid: f03f9e1f22f4deac105c279059be6f0b
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89d468cc8c974922-LHR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 0729238139428_R41-jpg.webp
cfw42.rabbitloader.xyz/eyJjIjp0cnVlLCJoIjoic2FsZy5raW0iLCJ2Ijo5NTMxMjYxMiwiaSI6IjAyOWJlM2VhLTk2N2UtNGFhZi03OWZlLWYzMDUwOGFlMjkwMCJ9/wp-content/uploads/2024/07/ 41 KB
42 KB 305ms
305ms Image
image/avif 172.67.68.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfw42.rabbitloader.xyz/eyJjIjp0cnVlLCJoIjoic2FsZy5raW0iLCJ2Ijo5NTMxMjYxMiwiaSI6IjAyOWJlM2VhLTk2N2UtNGFhZi03OWZlLWYzMDUwOGFlMjkwMCJ9/wp-content/uploads/2024/07/0729238139428_R41-jpg.webp

Requested by

Host: salg.kim
URL: https://salg.kim/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.68.226 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1173807836b626f0a0898e10046594ff5994de1f0003204d53df81dde6015c30

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salg.kim/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-rl-iw: 1920
cdn-pullzone: 1991230
cf-bgj: imgq:85,h2pri
cdn-proxyver: 1.04
etag: "cfT31NU4x_mlCHsvOld7r89toKe1sgMahxlIID1lwFDQ"
vary: Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cdn-cache: MISS
cache-control: public, max-age=31536000, s-maxage=31536000, stale-while-revalidate=7200
link: <https://salg.kim/wp-content/uploads/2024/07/0729238139428_R41-jpg.webp>; rel='canonical'
cdn-requestcountrycode: GB
cf-images: internal=ok/- q=0 n=743+45 c=15+638 v=2024.6.0 l=42450
date: Wed, 03 Jul 2024 05:17:28 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 947
cdn-cachedat: 07/03/2024 05:17:28
alt-svc: h3=":443"; ma=86400
content-length: 42450
server: cloudflare
cdn-requestpullcode: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uiyhbnthzaqYNUcHkRPFp4E0zX%2BxyEPWLKYHNmW3v6LQ6NIN57%2FZvW1Gk%2BHoKg%2Ft%2Bqw6ffd2etBf5zwRQiYWt29SbPPVUPJtsMZ0uukGBB2c8uGEg5z%2FkVb18c9Q3Zj7GPOiPqMmlEw%3D"}],"group":"cf-nel","max_age":604800}
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestid: 3b5fe98f3753ffbae5943564826eca04
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89d468cc8c984922-LHR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 header-1.png
cfw42.rabbitloader.xyz/eyJjIjp0cnVlLCJoIjoic2FsZy5raW0iLCJ2Ijo5NTMxMjYxMiwiaSI6IjI2MWNkMWM0LThmYTEtNDk5MS04ODM3LTkyMzE4NjAwNGIwMCJ9/wp-content/uploads/2024/05/ 12 KB
12 KB 983ms
983ms Image
image/avif 172.67.68.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cfw42.rabbitloader.xyz/eyJjIjp0cnVlLCJoIjoic2FsZy5raW0iLCJ2Ijo5NTMxMjYxMiwiaSI6IjI2MWNkMWM0LThmYTEtNDk5MS04ODM3LTkyMzE4NjAwNGIwMCJ9/wp-content/uploads/2024/05/header-1.png

Requested by

Host: salg.kim
URL: https://salg.kim/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.68.226 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cde92588b74701c0c6ac807186a90d3edf5b9c9a023d4b69ea58708a3eb2584

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://salg.kim/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-rl-iw: 1920
cdn-pullzone: 1991230
cf-bgj: imgq:85,h2pri
cdn-proxyver: 1.04
etag: "cf6AeNzGM_03FZCv8HH5EXgsqhe1sgMahxlIID1lwFDQ"
vary: Accept-Encoding
content-type: image/avif
access-control-allow-origin: *
cdn-cache: MISS
cache-control: public, max-age=31536000, s-maxage=31536000, stale-while-revalidate=7200
link: <https://salg.kim/wp-content/uploads/2024/05/header-1.png>; rel='canonical'
cdn-requestcountrycode: GB
cf-images: internal=ok/- q=0 n=626+141 c=0+0 v=2024.6.0 l=11788
date: Wed, 03 Jul 2024 05:17:29 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 951
cdn-cachedat: 07/03/2024 05:17:29
alt-svc: h3=":443"; ma=86400
content-length: 11788
server: cloudflare
cdn-requestpullcode: 200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BvBIiihim7uE5CdhGVfMTL8OwR08Nb%2BgWRzOuZzV4UD9iz%2BRWDoxza1S7j95EVYPTLmuJIDOYgv%2FyClgDHlJNNLReQG1DkMmnZVaahJgmckV8ZI0Jj9MB5CcBV7EtzixNpm3lsajbkg%3D"}],"group":"cf-nel","max_age":604800}
cdn-uid: 1896b2ec-270e-4ff5-9215-88cf218c5219
cdn-requestid: 063c9f87f23c1c717e1db18a3126065c
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89d468cc8c994922-LHR
cdn-status: 200
cdn-requestpullsuccess: True

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: salg.kim
URL: https://salg.kim/wp-admin/admin-ajax.php?action=se_async

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			salg.kim/	1969-12-31 23:59:59	Name: rlCached Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cfw42.rabbitloader.xyz
salg.kim
salg.kim
172.67.68.226
2a07:7800::191
06c5840ebd0b09fc7c6f6cc741e1b95fc8acadcd2533196ad3ffdbbcb5ba36c5
0cde92588b74701c0c6ac807186a90d3edf5b9c9a023d4b69ea58708a3eb2584
1173807836b626f0a0898e10046594ff5994de1f0003204d53df81dde6015c30
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
4ffa9fccee5b8d50a5ac53100922cfff87a93aa0b6c3b8b24792735ede52fb88
543536e88fce64a068a879af4918f20a8c0996b554e2c457799473f8a780b84d
5ec1f7e700f37c3d0b2981d04855fc34b94aaa15457b05ca571817442d228f81
6f803b9a4a1bcce0fc5a839db1c723dfcef3ccea7ce764c22880c937e3ab9301
773d6ed4462c07cf48b1a60527eb4b00cd86d660d33af4277e0d67708568fee1
7bb0f01cb3d7e6817a1312fab229ed5dc0259e12cd268e955d5981392aeb8dd7
8e91af245ddac803192829c145082461a15c8a0c4e66039a124eea806a6e4aa6
bba69743b3501276fc4bf7101014c735c7e6dbc46d8afa57c5b90c43b181e881
c104ec6e509c0d62b4fe78a788348f9036ea96603f92cc3808190b828160478e
f3f92efbdd98ca28cd7d6d7fd411e783268f9bfd89554dea0493adf44f18cce3

salg.kim Open in urlscan Pro 2a07:7800::191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

91 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

228 kBTransfer

441 kBSize

1 Cookies

4 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

10 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

salg.kim Open in urlscan Pro
2a07:7800::191 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

91 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

228 kB
Transfer

441 kB
Size

1
Cookies

11 HTTP transactions
4 data transactions