urlscan.io logo urlscan.io
SecurityTrails logo

www.mongolia-tours.com Open in urlscan Pro
156.234.6.150  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mongolia-tours.com/js/ajax/face.php
Effective URL: http://www.mongolia-tours.com/js/ajax/face.php
Submission: On July 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 156.234.6.150, located in Central, Hong Kong and belongs to SUNHK-DATA-AS-AP Sun Network Hong Kong Limited - HongKong Backbone, HK. The main domain is www.mongolia-tours.com.
This is the only time www.mongolia-tours.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 156.234.6.150 136800 (SUNHK-DAT...)
6 103.235.46.191 55967 (BAIDU Bei...)
2 172.120.167.35 18779 (EGIHOSTING)
13 4
Apex Domain
Subdomains		 Transfer
6 baidu.com
hm.baidu.com — Cisco Umbrella Rank: 7790
36 KB
4 mongolia-tours.com
mongolia-tours.com
www.mongolia-tours.com
2 KB
2 selu299.xyz
api.selu299.xyz
1 KB
13 3
Domain Requested by
6 hm.baidu.com www.mongolia-tours.com
api.selu299.xyz
3 www.mongolia-tours.com www.mongolia-tours.com
2 api.selu299.xyz www.mongolia-tours.com
api.selu299.xyz
1 mongolia-tours.com 1 redirects
13 4

This site contains no links.

Subject Issuer Validity Valid
baidu.com
GlobalSign RSA OV SSL CA 2018		 2021-11-15 -
2022-08-02		 9 months crt.sh

This page contains 2 frames:

Primary Page: http://www.mongolia-tours.com/js/ajax/face.php
Frame ID: DE17DE016A64B8723C93C72ABB1F538A
Requests: 7 HTTP requests in this frame

Frame: http://api.selu299.xyz/news/data.php
Frame ID: 2E6263629FF3D1C888F6643D020E25DA
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

51排行網51排行網

Page URL History Show full URLs

  1. http://mongolia-tours.com/js/ajax/face.php HTTP 301
    http://www.mongolia-tours.com/js/ajax/face.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • hm\.baidu\.com/hm\.js

Page Statistics

13
Requests

46 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

4
IPs

2
Countries

39 kB
Transfer

92 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mongolia-tours.com/js/ajax/face.php HTTP 301
    http://www.mongolia-tours.com/js/ajax/face.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request face.php
www.mongolia-tours.com/js/ajax/
Redirect Chain
  • http://mongolia-tours.com/js/ajax/face.php
  • http://www.mongolia-tours.com/js/ajax/face.php
636 B
777 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.mongolia-tours.com/js/ajax/face.php
Protocol
HTTP/1.1
Server
156.234.6.150 Central, Hong Kong, ASN136800 (SUNHK-DATA-AS-AP Sun Network Hong Kong Limited - HongKong Backbone, HK),
Reverse DNS
Software
nginx /
Resource Hash
fe50715bfb9f9e8460246ee053069180db9ec5bd9686fcfde87f68d74f6b7044

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
636
Content-Type
text/html
Date
Sun, 03 Jul 2022 11:14:55 GMT
Server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html
Date
Sun, 03 Jul 2022 11:14:54 GMT
Location
http://www.mongolia-tours.com/js/ajax/face.php
Server
nginx
common.js
www.mongolia-tours.com/ 		1 KB
967 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.mongolia-tours.com/common.js
Requested by
Host: www.mongolia-tours.com
URL: http://www.mongolia-tours.com/js/ajax/face.php
Protocol
HTTP/1.1
Server
156.234.6.150 Central, Hong Kong, ASN136800 (SUNHK-DATA-AS-AP Sun Network Hong Kong Limited - HongKong Backbone, HK),
Reverse DNS
Software
nginx /
Resource Hash
4fa75a8cd2a0463bc61ed42ac8db1554b1b3b59c1795e58e9fa1b794309ac474

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mongolia-tours.com/js/ajax/face.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 11:14:55 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
Vary
Accept-Encoding
Content-Type
application/x-javascript
tj.js
www.mongolia-tours.com/ 		258 B
414 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.mongolia-tours.com/tj.js
Requested by
Host: www.mongolia-tours.com
URL: http://www.mongolia-tours.com/js/ajax/face.php
Protocol
HTTP/1.1
Server
156.234.6.150 Central, Hong Kong, ASN136800 (SUNHK-DATA-AS-AP Sun Network Hong Kong Limited - HongKong Backbone, HK),
Reverse DNS
Software
nginx /
Resource Hash
f28e51e202c50c4face6eb84dcaa9f27542acfa12d8ab95336e7dd4432763525

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mongolia-tours.com/js/ajax/face.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 11:14:56 GMT
Server
nginx
Connection
keep-alive
Content-Length
258
Content-Type
application/x-javascript
hm.js
hm.baidu.com/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?691f6750c34420497f549bfe5a7835a9
Requested by
Host: www.mongolia-tours.com
URL: http://www.mongolia-tours.com/js/ajax/face.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
416a6a7bf97b4301b59fd525789fae9659905d962b618ce63bfd2d72c3ea0095
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mongolia-tours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 11:14:50 GMT
Content-Encoding
gzip
Server
apache
Etag
285c6a1f215d478257c4bc93727eeeed
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11292
list.php
api.selu299.xyz/news/ Frame 2E62 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://api.selu299.xyz/news/list.php
Requested by
Host: www.mongolia-tours.com
URL: http://www.mongolia-tours.com/js/ajax/face.php
Protocol
HTTP/1.1
Server
172.120.167.35 Santa Clara, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Apache /
Resource Hash
fa5ce6635e46409b70f77d12a9f9e78226eacee77dc6467531da064358995848

Request headers

Referer
http://www.mongolia-tours.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Upgrade, close
Content-Encoding
gzip
Content-Length
810
Content-Type
text/html; charset=UTF-8
Date
Sun, 03 Jul 2022 11:14:49 GMT
Server
Apache
Upgrade
h2
Vary
Accept-Encoding
hm.js
hm.baidu.com/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?4633546c9d006548072ef2822f2de999
Requested by
Host: www.mongolia-tours.com
URL: http://www.mongolia-tours.com/tj.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
11eabe9cea988ec00e7f9b50819b313f15f8ee7c0f0ce376bd09f9459d1426f5
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mongolia-tours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 11:14:50 GMT
Content-Encoding
gzip
Server
apache
Etag
7bc18f873c76fe739b4f9a64cc4e64a6
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11291
hm.js
hm.baidu.com/ Frame 2E62 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hm.baidu.com/hm.js?4ec3f59cdf0aeaaf3968bfb8fe69d449
Requested by
Host: api.selu299.xyz
URL: http://api.selu299.xyz/news/list.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
feba5ecbd637c8a820d6c846ef547876f61047d82f4213dfbcc554aed90c039a
Security Headers
Name Value
Strict-Transport-Security max-age=172800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://api.selu299.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Sun, 03 Jul 2022 11:14:50 GMT
Content-Encoding
gzip
Server
apache
Etag
580d447b61487e2f3569b0f3cdeef59c
Strict-Transport-Security
max-age=172800
P3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control
max-age=0, must-revalidate
Content-Type
application/javascript
Content-Length
11299
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1141577815&si=691f6750c34420497f549bfe5a7835a9&v=1.2.94&lv=1&sn=56557&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.mongolia-tours.com%2Fjs%2Fajax%2Fface.php&tt=51%E6%8E%92%E8%A1%8C%E7%B6%B2
Requested by
Host: www.mongolia-tours.com
URL: http://www.mongolia-tours.com/js/ajax/face.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mongolia-tours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Jul 2022 11:14:51 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1628885403&si=4633546c9d006548072ef2822f2de999&v=1.2.94&lv=1&sn=56557&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fwww.mongolia-tours.com%2Fjs%2Fajax%2Fface.php&tt=51%E6%8E%92%E8%A1%8C%E7%B6%B2
Requested by
Host: www.mongolia-tours.com
URL: http://www.mongolia-tours.com/js/ajax/face.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://www.mongolia-tours.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Jul 2022 11:14:51 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
hm.gif
hm.baidu.com/ Frame 2E62 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hm.baidu.com/hm.gif?cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1045087067&si=4ec3f59cdf0aeaaf3968bfb8fe69d449&su=http%3A%2F%2Fwww.mongolia-tours.com%2F&v=1.2.94&lv=1&sn=56557&r=0&ww=1600&ct=!!&u=http%3A%2F%2Fapi.selu299.xyz%2Fnews%2Flist.php
Requested by
Host: api.selu299.xyz
URL: http://api.selu299.xyz/news/list.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=172800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://api.selu299.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 03 Jul 2022 11:14:51 GMT
X-Content-Type-Options
nosniff
Server
apache
Strict-Transport-Security
max-age=172800
Content-Type
image/gif
Cache-Control
private, max-age=0, no-cache
Content-Length
43
data.php
api.selu299.xyz/news/ Frame 2E62 		33 B
269 B 		Document
General
Check archive.org
Download Go to
Full URL
http://api.selu299.xyz/news/data.php
Requested by
Host: api.selu299.xyz
URL: http://api.selu299.xyz/news/list.php
Protocol
HTTP/1.1
Server
172.120.167.35 Santa Clara, United States, ASN18779 (EGIHOSTING, US),
Reverse DNS
Software
Apache /
Resource Hash
525ce2c9293480e9e7136749b6c8dcb7a940fa608cc862fcf90116f09365efbb

Request headers

Referer
http://api.selu299.xyz/news/list.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Upgrade, close
Content-Encoding
gzip
Content-Length
49
Content-Type
text/html; charset=UTF-8
Date
Sun, 03 Jul 2022 11:14:53 GMT
Server
Apache
Upgrade
h2
Vary
Accept-Encoding
hm.gif
hm.baidu.com/ Frame 2E62 		0
0
index.php
api.selu299.xyz/news/ Frame 2E62 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hm.baidu.com
URL
https://hm.baidu.com/hm.gif?hca=B3EABE1A4F3FC246&cc=0&ck=1&cl=24-bit&ds=1600x1200&vl=1200&ep=1680%2C1680&et=3&ja=0&ln=en-us&lo=0&rnd=1162446344&si=4ec3f59cdf0aeaaf3968bfb8fe69d449&su=http%3A%2F%2Fwww.mongolia-tours.com%2F&v=1.2.94&lv=1&sn=56557&r=0&ww=1600&u=http%3A%2F%2Fapi.selu299.xyz%2Fnews%2Flist.php
Domain
api.selu299.xyz
URL
http://api.selu299.xyz/news/index.php

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| _hmt string| titlestr function| setFrame boolean| _bdhm_loaded_691f6750c34420497f549bfe5a7835a9 object| mini_tangram_log_touy4q boolean| _bdhm_loaded_4633546c9d006548072ef2822f2de999 object| mini_tangram_log_a9jkgt

5 Cookies

Domain/Path Name / Value
.hm.baidu.com/ Name: HMACCOUNT_BFESS
Value: E9F8A8487ED09DFC
.www.mongolia-tours.com/ Name: Hm_lvt_691f6750c34420497f549bfe5a7835a9
Value: 1656846892
.www.mongolia-tours.com/ Name: Hm_lpvt_691f6750c34420497f549bfe5a7835a9
Value: 1656846892
.www.mongolia-tours.com/ Name: Hm_lvt_4633546c9d006548072ef2822f2de999
Value: 1656846892
.www.mongolia-tours.com/ Name: Hm_lpvt_4633546c9d006548072ef2822f2de999
Value: 1656846892