www.keangdom.com Open in urlscan Pro
107.148.100.140 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://keangdom.com/
Effective URL:
http://www.keangdom.com/index.php
Submission: On February 20 via manual (February 20th 2023, 9:03:16 am UTC) from SG — Scanned from SG

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 6 domains to perform 12 HTTP transactions. The main IP is 107.148.100.140, located in United States and belongs to PEGTECHINC-AP-03, US. The main domain is www.keangdom.com.

This is the only time www.keangdom.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 4	107.148.100.140 107.148.100.140	398993 (PEGTECHIN...) (PEGTECHINC-AP-03)
2	121.54.163.59 121.54.163.59	132839 (POWERLINE...) (POWERLINE-AS-AP POWER LINE DATACENTER)
1	202.95.22.39 202.95.22.39	64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN)
12	4

4 107.148.100.140 (United States) 1 redirects

ASN398993 (PEGTECHINC-AP-03, US)

keangdom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.keangdom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 121.54.163.59 (Hong Kong)

ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK)

www.2022smtjs-01.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.95.22.39 (Shatin, Hong Kong)

ASN64050 (BCPL-SG BGPNET Global ASN, SG)

202.95.22.39	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	keangdom.com 1 redirects keangdom.com www.keangdom.com	2 KB
2	2022smtjs-01.com www.2022smtjs-01.com	2 KB
0	mm7ddwexc.com Failed ihtest.mm7ddwexc.com Failed
0	openinstall.io Failed web.cdn.openinstall.io Failed
0	Failed function sub() { [native code] }. Failed
0	baidu.com Failed hm.baidu.com Failed
12	6

	Domain	Requested by
3	www.keangdom.com	www.keangdom.com
2	www.2022smtjs-01.com	www.keangdom.com www.2022smtjs-01.com
1	keangdom.com	1 redirects
0	ihtest.mm7ddwexc.com Failed	202.95.22.39
0	web.cdn.openinstall.io Failed	202.95.22.39
0	202.95.22.39 Failed	202.95.22.39
0	hm.baidu.com Failed	www.keangdom.com
12	7

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 2 frames:

Primary Page: http://www.keangdom.com/index.php
Frame ID: 3D063CBA2AC22E61FCA8295272D17FB6
Requests: 6 HTTP requests in this frame

Frame: http://202.95.22.39:26539/sebo.html
Frame ID: 8350D5B41E1B8753766211905C4C7FD4
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://keangdom.com/ HTTP 301
http://www.keangdom.com/index.php Page URL

Page Statistics

12
Requests

0 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

4
IPs

2
Countries

4 kB
Transfer

31 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://keangdom.com/ HTTP 301
http://www.keangdom.com/index.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index.php Show response www.keangdom.com/ Redirect Chain http://keangdom.com/ http://www.keangdom.com/index.php	1 KB 714 B	723ms 86ms	Document text/html	107.148.100.140 PEGTECHINC-AP-03
General Check archive.org Show headers Download Go to Full URL http://www.keangdom.com/index.php Protocol HTTP/1.1 Server 107.148.100.140 , United States, ASN398993 (PEGTECHINC-AP-03, US), Reverse DNS Software nginx / Resource Hash `857924d97ecbc1d2700a71682c8d8060f8b4cdc2b55cd69b4eee56e5d47f2729` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Mon, 20 Feb 2023 09:02:35 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding Redirect headers Connection keep-alive Content-Length 0 Content-Type text/html Date Mon, 20 Feb 2023 09:02:34 GMT Location http://www.keangdom.com/index.php Server nginx
GET H/1.1	200 OK	common.js Show response www.keangdom.com/	112 B 268 B	100ms 100ms	Script application/x-javascript	107.148.100.140 PEGTECHINC-AP-03
General Check archive.org Show headers Download Go to Full URL http://www.keangdom.com/common.js Requested by Host: www.keangdom.com URL: http://www.keangdom.com/index.php Protocol HTTP/1.1 Server 107.148.100.140 , United States, ASN398993 (PEGTECHINC-AP-03, US), Reverse DNS Software nginx / Resource Hash `eb60ef5539eabd97835d587d51913fa2058c3050f21447a4219be9c7c52e1c9f` Request headers accept-language zh-SG,zh;q=0.9 Referer http://www.keangdom.com/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Mon, 20 Feb 2023 09:02:35 GMT Server nginx Connection keep-alive Content-Length 112 Content-Type application/x-javascript
GET H/1.1	200 OK	tj.js Show response www.keangdom.com/	258 B 414 B	179ms 90ms	Script application/x-javascript	107.148.100.140 PEGTECHINC-AP-03
General Check archive.org Show headers Download Go to Full URL http://www.keangdom.com/tj.js Requested by Host: www.keangdom.com URL: http://www.keangdom.com/index.php Protocol HTTP/1.1 Server 107.148.100.140 , United States, ASN398993 (PEGTECHINC-AP-03, US), Reverse DNS Software nginx / Resource Hash `ff3f43fab6c92f779618dd0ef4757b9de5754f25cedba149f6f26beb37506437` Request headers accept-language zh-SG,zh;q=0.9 Referer http://www.keangdom.com/index.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Date Mon, 20 Feb 2023 09:02:35 GMT Server nginx Connection keep-alive Content-Length 258 Content-Type application/x-javascript
GET H/1.1	200 OK	01smt.js Show response www.2022smtjs-01.com/js/	4 KB 2 KB	805ms 37ms	Script application/javascript	121.54.163.59 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Full URL http://www.2022smtjs-01.com/js/01smt.js Requested by Host: www.keangdom.com URL: http://www.keangdom.com/common.js Protocol HTTP/1.1 Server 121.54.163.59 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software nginx / Resource Hash `60fd222564232da0ac6fc034eba6e512ada7eb6f7e1852a9d6784ff3c6a82805` Request headers Referer http://www.keangdom.com/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Mon, 20 Feb 2023 09:02:37 GMT Content-Encoding gzip Last-Modified Sun, 15 May 2022 13:25:43 GMT Server nginx ETag W/"6280ff57-f2f" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43200 Connection keep-alive Expires Mon, 20 Feb 2023 21:02:37 GMT
GET H/1.1	200 OK	smt_data.php Show response www.2022smtjs-01.com/lb/	74 B 287 B	73ms 37ms	XHR application/json	121.54.163.59 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Full URL http://www.2022smtjs-01.com/lb/smt_data.php?zq=smt&val=smplink&t=0.8649251121458028?v=0985552650287097 Requested by Host: www.2022smtjs-01.com URL: http://www.2022smtjs-01.com/js/01smt.js Protocol HTTP/1.1 Server 121.54.163.59 , Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software nginx / Resource Hash `36b62aac5ae71e3c5390127d33f27b8e5b8cebb16cd2bf0a5790cb3ce459848f` Request headers accept-language zh-SG,zh;q=0.9 Referer http://www.keangdom.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Mon, 20 Feb 2023 09:02:37 GMT Server nginx Connection keep-alive Transfer-Encoding chunked Content-Type application/json; charset=utf-8
GET		hm.js hm.baidu.com/	0 0

GET H/1.1	200 OK	sebo.html 202.95.22.39/ Frame 8350	25 KB 0	87ms 46ms	Document text/html	202.95.22.39 BCPL-SG BGPNET Gl...
General Check archive.org Show headers Download Go to Full URL http://202.95.22.39:26539/sebo.html Requested by Host: www.keangdom.com URL: http://www.keangdom.com/index.php Protocol HTTP/1.1 Server 202.95.22.39 Shatin, Hong Kong, ASN64050 (BCPL-SG BGPNET Global ASN, SG), Reverse DNS Software nginx / Resource Hash Request headers Referer http://www.keangdom.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Mon, 20 Feb 2023 09:02:37 GMT ETag W/"63f208ce-3efca" Last-Modified Sun, 19 Feb 2023 11:32:30 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET		jquery.js 202.95.22.39/static/js/ Frame 8350	0 0

GET		js.js 202.95.22.39/static/js/ Frame 8350	0 0

GET		openinstall.js web.cdn.openinstall.io/ Frame 8350	0 0

POST		instatll ihtest.mm7ddwexc.com/ Frame 8350	0 0

OPTIONS		instatll ihtest.mm7ddwexc.com/ Frame	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hm.baidu.com
URL: https://hm.baidu.com/hm.js?d62f5d2fc8fdf583c0b4cc7178ab4258

Domain: 202.95.22.39
URL: http://202.95.22.39:26539/static/js/jquery.js

Domain: 202.95.22.39
URL: http://202.95.22.39:26539/static/js/js.js

Domain: web.cdn.openinstall.io
URL: https://web.cdn.openinstall.io/openinstall.js

Domain: ihtest.mm7ddwexc.com
URL: https://ihtest.mm7ddwexc.com/instatll?tag=Yumeng

Domain: ihtest.mm7ddwexc.com
URL: https://ihtest.mm7ddwexc.com/instatll?tag=Yumeng

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.www.keangdom.com/	1970-01-20 09:48:33	Name: frmcookie Value: 1
			.hm.baidu.com/	1970-01-20 19:24:03	Name: HMACCOUNT_BFESS Value: 8C378D1FB7102D6E

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://www.keangdom.com/common.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.2022smtjs-01.com/js/01smt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://www.keangdom.com/common.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://www.2022smtjs-01.com/js/01smt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

202.95.22.39
hm.baidu.com
ihtest.mm7ddwexc.com
keangdom.com
web.cdn.openinstall.io
www.2022smtjs-01.com
www.keangdom.com
202.95.22.39
hm.baidu.com
ihtest.mm7ddwexc.com
web.cdn.openinstall.io
107.148.100.140
121.54.163.59
202.95.22.39
36b62aac5ae71e3c5390127d33f27b8e5b8cebb16cd2bf0a5790cb3ce459848f
60fd222564232da0ac6fc034eba6e512ada7eb6f7e1852a9d6784ff3c6a82805
857924d97ecbc1d2700a71682c8d8060f8b4cdc2b55cd69b4eee56e5d47f2729
eb60ef5539eabd97835d587d51913fa2058c3050f21447a4219be9c7c52e1c9f
ff3f43fab6c92f779618dd0ef4757b9de5754f25cedba149f6f26beb37506437

www.keangdom.com Open in urlscan Pro 107.148.100.140 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

12 Requests

0 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

4 IPs

2 Countries

4 kBTransfer

31 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

2 Cookies

2 Console Messages

Indicators

www.keangdom.com Open in urlscan Pro
107.148.100.140 Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

0 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

4
IPs

2
Countries

4 kB
Transfer

31 kB
Size

2
Cookies

12 HTTP transactions
0 data transactions