www.agoda.com - urlscan.io

Summary

This website contacted 6 IPs in 4 countries across 7 domains to perform 7 HTTP transactions. The main IP is 104.111.237.62, located in Amsterdam, Netherlands and belongs to AKAMAI-AS - Akamai Technologies, Inc., US. The main domain is www.agoda.com.

This is the only time www.agoda.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	116.203.98.80 116.203.98.80	24940 (HETZNER-AS) (HETZNER-AS)
2	95.213.199.15 95.213.199.15	49505 (SELECTEL) (SELECTEL)
1	208.43.18.228 208.43.18.228	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1	174.36.45.250 174.36.45.250	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1	174.37.19.124 174.37.19.124	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
1	104.111.237.62 104.111.237.62	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
7	6

1 116.203.98.80 (Ahmedabad, India)

ASN24940 (HETZNER-AS, DE)
PTR: static.80.98.203.116.clients.your-server.de

creativehobby.store	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.213.199.15 (Russian Federation)

ASN49505 (SELECTEL, RU)
PTR: mail3.hrabr.com

vivelavidablog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesourcebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.43.18.228 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: e4.12.2bd0.ip4.static.sl-reverse.com

trkur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.36.45.250 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: fa.2d.24ae.ip4.static.sl-reverse.com

pfpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.37.19.124 (Dallas, United States)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: 7c.13.25ae.ip4.static.sl-reverse.com

pftrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.237.62 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-237-62.deploy.static.akamaitechnologies.com

www.agoda.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	agoda.com www.agoda.com	613 B
1	pftrk.com pftrk.com	281 B
1	pfpixel.com pfpixel.com	280 B
1	trkur.com trkur.com	673 B
1	onesourcebook.com onesourcebook.com	98 KB
1	vivelavidablog.com vivelavidablog.com	695 B
1	creativehobby.store creativehobby.store	527 B
7	7

	Domain	Requested by
1	www.agoda.com
1	pftrk.com	trkur.com
1	pfpixel.com	trkur.com
1	trkur.com
1	onesourcebook.com	vivelavidablog.com
1	vivelavidablog.com
1	creativehobby.store
7	7

This site contains no links.

Subject Issuer	Validity	Valid
www.pfpixel.com RapidSSL RSA CA 2018	`2019-02-04` - `2020-03-05`	a year	crt.sh
pftrk.com RapidSSL RSA CA 2018	`2018-12-17` - `2020-01-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://www.agoda.com/%LANG%?cid=1648785&tag=183669
Frame ID: 6FF18FCDC1BF0DB471B8D8E2D97317D6
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://creativehobby.store/roorkee_india_map.php Page URL
http://vivelavidablog.com/booking.php?title=roorkee%20india%20map Page URL
http://trkur.com/183669/15951?s1=wphotel Page URL
http://www.agoda.com/%LANG%?cid=1648785&tag=183669 Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

7
Requests

29 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

101 kB
Transfer

99 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://creativehobby.store/roorkee_india_map.php Page URL
http://vivelavidablog.com/booking.php?title=roorkee%20india%20map Page URL
http://trkur.com/183669/15951?s1=wphotel Page URL
http://www.agoda.com/%LANG%?cid=1648785&tag=183669 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	roorkee_india_map.php Show response creativehobby.store/	105 B 527 B	107ms 76ms	Document text/html	116.203.98.80 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL http://creativehobby.store/roorkee_india_map.php Protocol HTTP/1.1 Server 116.203.98.80 Ahmedabad, India, ASN24940 (HETZNER-AS, DE), Reverse DNS static.80.98.203.116.clients.your-server.de Software Apache/2.4.29 (Ubuntu) / Resource Hash `b3867b2541c2a7b3e00d6db6604b4dfdc6058b893ee74885a75bdb70c498cd7d` Request headers Host creativehobby.store Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 18 Mar 2019 10:04:43 GMT Server Apache/2.4.29 (Ubuntu) Expires Wed, 11 Jan 1984 05:00:00 GMT Cache-Control no-cache, must-revalidate, max-age=0 Link <http://creativehobby.store/wp-json/>; rel="https://api.w.org/" Vary Accept-Encoding Content-Encoding gzip Content-Length 111 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	booking.php Show response vivelavidablog.com/	633 B 695 B	108ms 37ms	Document text/html	95.213.199.15 SELECTEL
General Check archive.org Show headers Download Go to Full URL http://vivelavidablog.com/booking.php?title=roorkee%20india%20map Protocol HTTP/1.1 Server 95.213.199.15 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS mail3.hrabr.com Software Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.27 Resource Hash `677afbad84d95d6786b28046eb56f5a68751a27ced7a5101deb24ec06037faf3` Request headers Host vivelavidablog.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://creativehobby.store/roorkee_india_map.php Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://creativehobby.store/roorkee_india_map.php Response headers Date Mon, 18 Mar 2019 10:03:57 GMT Server Apache/2.4.7 (Ubuntu) X-Powered-By PHP/5.5.9-1ubuntu4.27 Vary Accept-Encoding Content-Encoding gzip Content-Length 422 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html
GET H/1.1	200 OK	load.gif onesourcebook.com/	98 KB 98 KB	264ms 38ms	Image image/gif	95.213.199.15 SELECTEL
General Check archive.org Show headers Download Go to Show image Full URL http://onesourcebook.com/load.gif Requested by Host: vivelavidablog.com URL: http://vivelavidablog.com/booking.php?title=roorkee%20india%20map Protocol HTTP/1.1 Server 95.213.199.15 , Russian Federation, ASN49505 (SELECTEL, RU), Reverse DNS mail3.hrabr.com Software Apache/2.4.7 (Ubuntu) / Resource Hash `840dcf916209b812061665131c080b5e2c8e80328e2441e13dc71396a354783d` Request headers Referer http://vivelavidablog.com/booking.php?title=roorkee%20india%20map User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Mon, 18 Mar 2019 10:03:58 GMT Last-Modified Mon, 11 Mar 2019 14:47:37 GMT Server Apache/2.4.7 (Ubuntu) ETag "186f2-583d2a7509440" Content-Type image/gif Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 100082
GET H/1.1	200 OK	15951 Show response trkur.com/183669/	708 B 673 B	317ms 153ms	Document text/html	208.43.18.228 SoftLayer Technol...
General Check archive.org Show headers Download Go to Full URL http://trkur.com/183669/15951?s1=wphotel Protocol HTTP/1.1 Server 208.43.18.228 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US), Reverse DNS e4.12.2bd0.ip4.static.sl-reverse.com Software LiteSpeed / PHP/5.3.27 Resource Hash `877ce780a274d2c7b201edd3aface45eb11341ffa2d3baaa475c1715402f06cc` Request headers Host trkur.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://vivelavidablog.com/booking.php?title=roorkee%20india%20map Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://vivelavidablog.com/booking.php?title=roorkee%20india%20map Response headers X-Powered-By PHP/5.3.27 Cache-Control no-cache Pragma no-cache Content-Type text/html; charset=utf-8 Content-Length 380 Content-Encoding gzip Vary Accept-Encoding Date Mon, 18 Mar 2019 10:04:47 GMT Accept-Ranges bytes Server LiteSpeed Connection close
GET H2	200	2547202283.js Show response pfpixel.com/t/15951/	0 280 B	1420ms 131ms	Script text/html	174.36.45.250 SoftLayer Technol...
General Check archive.org Show headers Download Go to Full URL https://pfpixel.com/t/15951/2547202283.js Requested by Host: trkur.com URL: http://trkur.com/183669/15951?s1=wphotel Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 174.36.45.250 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US), Reverse DNS fa.2d.24ae.ip4.static.sl-reverse.com Software LiteSpeed / PHP/5.3.27 Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://trkur.com/183669/15951?s1=wphotel User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2019 10:04:49 GMT server LiteSpeed x-powered-by PHP/5.3.27 content-type text/html status 200 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,37,38,39" content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	2547202283.js pftrk.com/t/15951/	0 281 B	3525ms 231ms	Script text/html	174.37.19.124 SoftLayer Technol...
General Check archive.org Show headers Download Go to Full URL https://pftrk.com/t/15951/2547202283.js Requested by Host: trkur.com URL: http://trkur.com/183669/15951?s1=wphotel Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 174.37.19.124 Dallas, United States, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US), Reverse DNS 7c.13.25ae.ip4.static.sl-reverse.com Software LiteSpeed / PHP/5.3.27 Resource Hash Request headers Referer http://trkur.com/183669/15951?s1=wphotel User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Mon, 18 Mar 2019 10:04:51 GMT server LiteSpeed x-powered-by PHP/5.3.27 content-type text/html status 200 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="35,37,38,39" content-length 0 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	400 Bad Request	Primary Request Cookie set %LANG% Show response www.agoda.com/	324 B 613 B	104ms 41ms	Document text/html	104.111.237.62 Akamai Technologies
General Check archive.org Show headers Download Go to Full URL http://www.agoda.com/%LANG%?cid=1648785&tag=183669 Protocol HTTP/1.1 Server 104.111.237.62 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US), Reverse DNS a104-111-237-62.deploy.static.akamaitechnologies.com Software Microsoft-HTTPAPI/2.0 / Resource Hash `14c08afc15e276b96c48de6598e86fcc933f3b105a2a18667d395d82c1ea97d5` Request headers Host www.agoda.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Referer http://trkur.com/183669/15951?s1=wphotel Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://trkur.com/183669/15951?s1=wphotel Response headers Content-Type text/html; charset=us-ascii Server Microsoft-HTTPAPI/2.0 X-Cnection close Content-Length 324 Vary User-Agent, Accept-Encoding Date Mon, 18 Mar 2019 10:04:51 GMT Connection keep-alive Set-Cookie amsnew=www.agoda.com_cluster_g;Path=/

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.agoda.com/	1969-12-31 23:59:59	Name: amsnew Value: www.agoda.com_cluster_g

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

creativehobby.store
onesourcebook.com
pfpixel.com
pftrk.com
trkur.com
vivelavidablog.com
www.agoda.com
104.111.237.62
116.203.98.80
174.36.45.250
174.37.19.124
208.43.18.228
95.213.199.15
14c08afc15e276b96c48de6598e86fcc933f3b105a2a18667d395d82c1ea97d5
677afbad84d95d6786b28046eb56f5a68751a27ced7a5101deb24ec06037faf3
840dcf916209b812061665131c080b5e2c8e80328e2441e13dc71396a354783d
877ce780a274d2c7b201edd3aface45eb11341ffa2d3baaa475c1715402f06cc
b3867b2541c2a7b3e00d6db6604b4dfdc6058b893ee74885a75bdb70c498cd7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

www.agoda.com Open in urlscan Pro 104.111.237.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

29 %HTTPS

0 %IPv6

7 Domains

7 Subdomains

6 IPs

4 Countries

101 kBTransfer

99 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

1 Cookies

Indicators

www.agoda.com Open in urlscan Pro
104.111.237.62 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

29 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

6
IPs

4
Countries

101 kB
Transfer

99 kB
Size

1
Cookies

7 HTTP transactions
0 data transactions