ksbofang.com Open in urlscan Pro
27.102.127.158 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mongolia-tours.com/js/ajax/face.php
Effective URL:
http://ksbofang.com/ksbofang.html?ok
Submission: On June 25 via api (June 25th 2022, 1:02:08 am UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 11 HTTP transactions. The main IP is 27.102.127.158, located in Korea, Republic Of and belongs to DAOU-AS-KR DAOU TECHNOLOGY, KR. The main domain is ksbofang.com.

This is the only time ksbofang.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	156.234.6.150 156.234.6.150	136800 (SUNHK-DAT...) (SUNHK-DATA-AS-AP Sun Network Hong Kong Limited - HongKong Backbone)
5	27.102.127.158 27.102.127.158	45996 (DAOU-AS-K...) (DAOU-AS-KR DAOU TECHNOLOGY)
1	14.17.102.110 14.17.102.110	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
1	183.131.207.66 183.131.207.66	136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA)
11	5

4 156.234.6.150 (Central, Hong Kong) 1 redirects

ASN136800 (SUNHK-DATA-AS-AP Sun Network Hong Kong Limited - HongKong Backbone, HK)

mongolia-tours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mongolia-tours.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 27.102.127.158 (Korea, Republic Of)

ASN45996 (DAOU-AS-KR DAOU TECHNOLOGY, KR)

ksbofang.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 14.17.102.110 (China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

js.users.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.131.207.66 (China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)

ia.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	ksbofang.com ksbofang.com	555 KB
4	mongolia-tours.com 1 redirects mongolia-tours.com www.mongolia-tours.com	1 KB
2	51.la js.users.51.la — Cisco Umbrella Rank: 60541 ia.51.la — Cisco Umbrella Rank: 53210	3 KB
0	baidu.com Failed hm.baidu.com Failed
11	4

	Domain	Requested by
5	ksbofang.com	www.mongolia-tours.com ksbofang.com
3	www.mongolia-tours.com	www.mongolia-tours.com
1	ia.51.la	ksbofang.com
1	js.users.51.la	ksbofang.com
1	mongolia-tours.com	1 redirects
0	hm.baidu.com Failed	www.mongolia-tours.com
11	6

This site contains no links.

Subject Issuer	Validity	Valid
*.users.51.la GlobalSign GCC R3 DV TLS CA 2020	`2022-03-29` - `2023-04-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://ksbofang.com/ksbofang.html?ok
Frame ID: 356A552CFCB1058EAA40107FB0F7C32D
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://mongolia-tours.com/js/ajax/face.php HTTP 301
http://www.mongolia-tours.com/js/ajax/face.php Page URL
http://ksbofang.com/ksbofang.html?ok Page URL

Page Statistics

11
Requests

9 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

5
IPs

3
Countries

559 kB
Transfer

559 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mongolia-tours.com/js/ajax/face.php HTTP 301
http://www.mongolia-tours.com/js/ajax/face.php Page URL
http://ksbofang.com/ksbofang.html?ok Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://mongolia-tours.com/js/ajax/face.php HTTP 301
http://www.mongolia-tours.com/js/ajax/face.php

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	face.php Show response www.mongolia-tours.com/js/ajax/ Redirect Chain http://mongolia-tours.com/js/ajax/face.php http://www.mongolia-tours.com/js/ajax/face.php	636 B 777 B	906ms 229ms	Document text/html	156.234.6.150 HongKong Backbone
General Check archive.org Show headers Download Go to Full URL http://www.mongolia-tours.com/js/ajax/face.php Protocol HTTP/1.1 Server 156.234.6.150 Central, Hong Kong, ASN136800 (SUNHK-DATA-AS-AP Sun Network Hong Kong Limited - HongKong Backbone, HK), Reverse DNS Software nginx / Resource Hash `fe50715bfb9f9e8460246ee053069180db9ec5bd9686fcfde87f68d74f6b7044` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Length 636 Content-Type text/html Date Sat, 25 Jun 2022 01:02:04 GMT Server nginx Redirect headers Connection keep-alive Content-Length 0 Content-Type text/html Date Sat, 25 Jun 2022 01:02:03 GMT Location http://www.mongolia-tours.com/js/ajax/face.php Server nginx
GET H/1.1	200 OK	common.js www.mongolia-tours.com/	65 B 220 B	247ms 247ms	Script application/x-javascript	156.234.6.150 HongKong Backbone
General Check archive.org Show headers Download Go to Full URL http://www.mongolia-tours.com/common.js Requested by Host: www.mongolia-tours.com URL: http://www.mongolia-tours.com/js/ajax/face.php Protocol HTTP/1.1 Server 156.234.6.150 Central, Hong Kong, ASN136800 (SUNHK-DATA-AS-AP Sun Network Hong Kong Limited - HongKong Backbone, HK), Reverse DNS Software nginx / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://www.mongolia-tours.com/js/ajax/face.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Sat, 25 Jun 2022 01:02:05 GMT Server nginx Connection keep-alive Content-Length 65 Content-Type application/x-javascript
GET H/1.1	200 OK	tj.js Show response www.mongolia-tours.com/	0 154 B	237ms 237ms	Script application/x-javascript	156.234.6.150 HongKong Backbone
General Check archive.org Show headers Download Go to Full URL http://www.mongolia-tours.com/tj.js Requested by Host: www.mongolia-tours.com URL: http://www.mongolia-tours.com/js/ajax/face.php Protocol HTTP/1.1 Server 156.234.6.150 Central, Hong Kong, ASN136800 (SUNHK-DATA-AS-AP Sun Network Hong Kong Limited - HongKong Backbone, HK), Reverse DNS Software nginx / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer http://www.mongolia-tours.com/js/ajax/face.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Sat, 25 Jun 2022 01:02:05 GMT Server nginx Connection keep-alive Content-Length 0 Content-Type application/x-javascript
GET		hm.js hm.baidu.com/	0 0

GET H/1.1	200 OK	Primary Request ksbofang.html Show response ksbofang.com/	1 KB 983 B	595ms 280ms	Document text/html	27.102.127.158 DAOU-AS-KR DAOU T...
General Check archive.org Show headers Download Go to Full URL http://ksbofang.com/ksbofang.html?ok Requested by Host: www.mongolia-tours.com URL: http://www.mongolia-tours.com/common.js Protocol HTTP/1.1 Server 27.102.127.158 , Korea, Republic Of, ASN45996 (DAOU-AS-KR DAOU TECHNOLOGY, KR), Reverse DNS Software nginx / Resource Hash `b29e2b0c7cf71bcf15f8349ad418490b1b890fe1ecb24af920bda2458ca4a980` Request headers Referer http://www.mongolia-tours.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sat, 25 Jun 2022 00:59:54 GMT ETag W/"62b5ea1d-480" Last-Modified Fri, 24 Jun 2022 16:45:17 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	21277729.js Show response js.users.51.la/	5 KB 3 KB	814ms 282ms	Script application/javascript	14.17.102.110 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL https://js.users.51.la/21277729.js Requested by Host: ksbofang.com URL: http://ksbofang.com/ksbofang.html?ok Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 14.17.102.110 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software openresty / Resource Hash `5f838d8ecbd92948736ae770d0e0d0b77be3865636fe8859ae6616bed0e70ccc` Request headers accept-language de-DE,de;q=0.9 Referer http://ksbofang.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Sat, 25 Jun 2022 01:02:02 GMT Content-Encoding gzip Server openresty Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=360000 Access-Control-Allow-Credentials true Connection keep-alive
GET H/1.1	200 OK	753.png ksbofang.com/	964 B 1 KB	280ms 279ms	Image image/png	27.102.127.158 DAOU-AS-KR DAOU T...
General Check archive.org Show headers Download Go to Show image Full URL http://ksbofang.com/753.png Requested by Host: ksbofang.com URL: http://ksbofang.com/ksbofang.html?ok Protocol HTTP/1.1 Server 27.102.127.158 , Korea, Republic Of, ASN45996 (DAOU-AS-KR DAOU TECHNOLOGY, KR), Reverse DNS Software nginx / Resource Hash `169c6975c459a37a2c085b55b93e27104ec0297261d8a9377b3783acb1e3b3c5` Request headers accept-language de-DE,de;q=0.9 Referer http://ksbofang.com/ksbofang.html?ok User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Sat, 25 Jun 2022 00:59:54 GMT Last-Modified Fri, 24 Jun 2022 16:45:17 GMT Server nginx ETag "62b5ea1d-3c4" Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 964 Expires Mon, 25 Jul 2022 00:59:54 GMT
GET H/1.1	200 OK	4.png ksbofang.com/	186 KB 186 KB	281ms 279ms	Image image/png	27.102.127.158 DAOU-AS-KR DAOU T...
General Check archive.org Show headers Download Go to Show image Full URL http://ksbofang.com/4.png Requested by Host: ksbofang.com URL: http://ksbofang.com/ksbofang.html?ok Protocol HTTP/1.1 Server 27.102.127.158 , Korea, Republic Of, ASN45996 (DAOU-AS-KR DAOU TECHNOLOGY, KR), Reverse DNS Software nginx / Resource Hash `4ed2ca0ffbb62abf8afc307c93751aaf8b7bf5083a18439fc23326af5162351a` Request headers accept-language de-DE,de;q=0.9 Referer http://ksbofang.com/ksbofang.html?ok User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Sat, 25 Jun 2022 00:59:54 GMT Last-Modified Tue, 14 Jun 2022 17:04:38 GMT Server nginx ETag "62a8bfa6-2e7f6" Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 190454 Expires Mon, 25 Jul 2022 00:59:54 GMT
GET H/1.1	200 OK	3.png ksbofang.com/	180 KB 181 KB	293ms 292ms	Image image/png	27.102.127.158 DAOU-AS-KR DAOU T...
General Check archive.org Show headers Download Go to Show image Full URL http://ksbofang.com/3.png Requested by Host: ksbofang.com URL: http://ksbofang.com/ksbofang.html?ok Protocol HTTP/1.1 Server 27.102.127.158 , Korea, Republic Of, ASN45996 (DAOU-AS-KR DAOU TECHNOLOGY, KR), Reverse DNS Software nginx / Resource Hash `030755f6c02f91f12ace0e89abe80c8dec74d698d2efebefbda43c40d9e51d4a` Request headers accept-language de-DE,de;q=0.9 Referer http://ksbofang.com/ksbofang.html?ok User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Sat, 25 Jun 2022 00:59:55 GMT Last-Modified Tue, 14 Jun 2022 17:04:42 GMT Server nginx ETag "62a8bfaa-2d154" Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 184660 Expires Mon, 25 Jul 2022 00:59:55 GMT
GET H/1.1	200 OK	1.png ksbofang.com/	185 KB 186 KB	559ms 279ms	Image image/png	27.102.127.158 DAOU-AS-KR DAOU T...
General Check archive.org Show headers Download Go to Show image Full URL http://ksbofang.com/1.png Requested by Host: ksbofang.com URL: http://ksbofang.com/ksbofang.html?ok Protocol HTTP/1.1 Server 27.102.127.158 , Korea, Republic Of, ASN45996 (DAOU-AS-KR DAOU TECHNOLOGY, KR), Reverse DNS Software nginx / Resource Hash `f4f21488d0d06cb346b08763516fb175525d0180fcd509d1c2f663cd732f7d93` Request headers accept-language de-DE,de;q=0.9 Referer http://ksbofang.com/ksbofang.html?ok User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Sat, 25 Jun 2022 00:59:55 GMT Last-Modified Tue, 14 Jun 2022 17:04:40 GMT Server nginx ETag "62a8bfa8-2e4ee" Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Accept-Ranges bytes Content-Length 189678 Expires Mon, 25 Jul 2022 00:59:55 GMT
GET H/1.1	200	go1 ia.51.la/	0 215 B	908ms 310ms	Image text/plain	183.131.207.66 CHINATELECOM-ZHEJ...
General Check archive.org Show headers Download Go to Show image Full URL http://ia.51.la/go1?id=21277729&rt=1656118923173&rl=16001200&lang=en-US&ct=unknow&pf=1&ins=1&vd=1&ce=1&cd=24&ds=&ing=1&ekc=&sid=1656118923173&tt=&kw=&cu=http%253A%252F%252Fksbofang.com%252Fksbofang.html%253Fok&pu=http%253A%252F%252Fwww.mongolia-tours.com%252F Requested by* Host: ksbofang.com URL: http://ksbofang.com/ksbofang.html?ok Protocol HTTP/1.1 Server 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN), Reverse DNS Software CloudWAF / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer http://ksbofang.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Sat, 25 Jun 2022 01:02:04 GMT Server CloudWAF Connection keep-alive Content-Length 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hm.baidu.com
URL: https://hm.baidu.com/hm.js?691f6750c34420497f549bfe5a7835a9

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ksbofang.com/	1969-12-31 23:59:59	Name: __tins__21277729 Value: %7B%22sid%22%3A%201656118923173%2C%20%22vd%22%3A%201%2C%20%22expires%22%3A%201656120723173%7D
ksbofang.com/	1969-12-31 23:59:59	Name: __51cke__ Value:
ksbofang.com/	1969-12-31 23:59:59	Name: __51laig__ Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hm.baidu.com
ia.51.la
js.users.51.la
ksbofang.com
mongolia-tours.com
www.mongolia-tours.com
hm.baidu.com
14.17.102.110
156.234.6.150
183.131.207.66
27.102.127.158
030755f6c02f91f12ace0e89abe80c8dec74d698d2efebefbda43c40d9e51d4a
169c6975c459a37a2c085b55b93e27104ec0297261d8a9377b3783acb1e3b3c5
4ed2ca0ffbb62abf8afc307c93751aaf8b7bf5083a18439fc23326af5162351a
5f838d8ecbd92948736ae770d0e0d0b77be3865636fe8859ae6616bed0e70ccc
b29e2b0c7cf71bcf15f8349ad418490b1b890fe1ecb24af920bda2458ca4a980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4f21488d0d06cb346b08763516fb175525d0180fcd509d1c2f663cd732f7d93
fe50715bfb9f9e8460246ee053069180db9ec5bd9686fcfde87f68d74f6b7044

ksbofang.com Open in urlscan Pro 27.102.127.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

11 Requests

9 %HTTPS

0 %IPv6

4 Domains

6 Subdomains

5 IPs

3 Countries

559 kBTransfer

559 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

3 Cookies

Indicators

ksbofang.com Open in urlscan Pro
27.102.127.158 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

9 %
HTTPS

0 %
IPv6

4
Domains

6
Subdomains

5
IPs

3
Countries

559 kB
Transfer

559 kB
Size

3
Cookies

11 HTTP transactions
0 data transactions