www.53agree.com Open in urlscan Pro
154.198.52.189 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://53agree.com/
Effective URL:
http://www.53agree.com/
Submission: On August 07 via manual (August 7th 2020, 6:50:48 pm UTC) from US

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 154.198.52.189, located in Johannesburg, South Africa and belongs to IKGUL-26484, US. The main domain is www.53agree.com.

This is the only time www.53agree.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	154.198.52.189 154.198.52.189	26484 (IKGUL-26484) (IKGUL-26484)
4	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
1	2606:4700:e0:... 2606:4700:e0::ac40:6227	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::681b:9b1d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	4

5 154.198.52.189 (Johannesburg, South Africa) 1 redirects

ASN26484 (IKGUL-26484, US)

53agree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.53agree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:6227 (United States)

ASN13335 (CLOUDFLARENET, US)

www.456api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::681b:9b1d (United States)

ASN13335 (CLOUDFLARENET, US)

papaxxb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	53agree.com 1 redirects 53agree.com www.53agree.com	6 KB
4	baidu.com hm.baidu.com	29 KB
1	papaxxb.com papaxxb.com
1	456api.com www.456api.com	594 B
10	4

	Domain	Requested by
4	hm.baidu.com	www.53agree.com
4	www.53agree.com	www.53agree.com
1	papaxxb.com	www.53agree.com
1	www.456api.com	www.53agree.com
1	53agree.com	1 redirects
10	5

This site contains no links.

Subject Issuer	Validity	Valid
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2020-04-02` - `2021-07-26`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-15` - `2021-07-15`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://www.53agree.com/
Frame ID: 7B89E59E933C338EACBE2B3C3C2C311E
Requests: 9 HTTP requests in this frame

Frame: https://papaxxb.com/index.html
Frame ID: 012FCD40A9A2082EF17902F5C626CF49
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://53agree.com/ HTTP 301
http://www.53agree.com/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

10
Requests

50 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

35 kB
Transfer

87 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://53agree.com/ HTTP 301
http://www.53agree.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.53agree.com/
Redirect Chain

http://53agree.com/
http://www.53agree.com/

3 KB
1 KB

1372ms
377ms

Document
text/html

154.198.52.189
IKGUL-26484

General

Check archive.org

Show headers Download Go to

Full URL: http://www.53agree.com/
Protocol: HTTP/1.1
Server: 154.198.52.189 Johannesburg, South Africa, ASN26484 (IKGUL-26484, US),
Reverse DNS
Software: nginx /
Resource Hash: 57e132dba9b4a12ebaf70c9255de09d847450e4259fc2dccb4fb665434cec90d

Request headers

Host: www.53agree.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Fri, 07 Aug 2020 10:56:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Fri, 07 Aug 2020 10:56:57 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.53agree.com/

GET
H/1.1 200
OK tj.js Show response
www.53agree.com/ 520 B
676 B 198ms
197ms Script
application/x-javascript 154.198.52.189
IKGUL-26484

General

Check archive.org

Show headers Download Go to

Full URL: http://www.53agree.com/tj.js
Requested by: Host: www.53agree.com
URL: http://www.53agree.com/
Protocol: HTTP/1.1
Server: 154.198.52.189 Johannesburg, South Africa, ASN26484 (IKGUL-26484, US),
Reverse DNS
Software: nginx /
Resource Hash: 1af0097401480eed773c8c2ea3d886bf2cad7a90b7bc9726933631a3aed0d5a0

Request headers

Referer: http://www.53agree.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 10:56:59 GMT
Server: nginx
Connection: keep-alive
Content-Length: 520
Content-Type: application/x-javascript

GET
H/1.1 200
OK common.js Show response
www.53agree.com/ 4 KB
2 KB 397ms
377ms Script
application/x-javascript 154.198.52.189
IKGUL-26484

General

Check archive.org

Show headers Download Go to

Full URL: http://www.53agree.com/common.js
Requested by: Host: www.53agree.com
URL: http://www.53agree.com/
Protocol: HTTP/1.1
Server: 154.198.52.189 Johannesburg, South Africa, ASN26484 (IKGUL-26484, US),
Reverse DNS
Software: nginx /
Resource Hash: 409d1c8fa86562934f94b8461dcaedc796fcd83471da6628bcdf7896f609f797

Request headers

Referer: http://www.53agree.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 10:56:59 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/x-javascript

GET
H/1.1 200
OK / Show response
www.53agree.com/ 3 KB
1 KB 390ms
371ms Script
text/html 154.198.52.189
IKGUL-26484

General

Check archive.org

Show headers Download Go to

Full URL: http://www.53agree.com/
Requested by: Host: www.53agree.com
URL: http://www.53agree.com/
Protocol: HTTP/1.1
Server: 154.198.52.189 Johannesburg, South Africa, ASN26484 (IKGUL-26484, US),
Reverse DNS
Software: nginx /
Resource Hash: 57e132dba9b4a12ebaf70c9255de09d847450e4259fc2dccb4fb665434cec90d

Request headers

Referer: http://www.53agree.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 10:56:59 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: text/html

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 38 KB
14 KB 1128ms
592ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?05d1ac2f76cd2c1686e53adaaa743973

Requested by

Host: www.53agree.com
URL: http://www.53agree.com/tj.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

90934105fd55e8c61ca16606542d2ff60ea83e52fa9ab160786d066c21bed9e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: http://www.53agree.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 18:50:15 GMT
Content-Encoding: gzip
Server: apache
Etag: acb7d1181d2ea9d4f07c0b5706ea1281
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 13862

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 38 KB
14 KB 1137ms
606ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?5363c2a04845d04662a12554b780385e

Requested by

Host: www.53agree.com
URL: http://www.53agree.com/tj.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

a6dc397f02fffc97dd27efbb235d40649c3388e2e6bc0ecffe8f81190e860c24

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

Referer: http://www.53agree.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 18:50:15 GMT
Content-Encoding: gzip
Server: apache
Etag: f35d6d0bcc1c6e51ee4ff83f83b15ae6
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 13857

GET
H/1.1 200
OK eddata Show response
www.456api.com/index.php/Article/ 67 B
594 B 226ms
169ms XHR
application/json 2606:4700:e0::ac40:6227
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://www.456api.com/index.php/Article/eddata?zq=zq_lok&val=smplink&t=0.9266074465150911?v=01960666234809605
Requested by: Host: www.53agree.com
URL: http://www.53agree.com/common.js
Protocol: HTTP/1.1
Server: 2606:4700:e0::ac40:6227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e458d83466bd996bf63622ac9d7b7d45f272a12411fe0c6f97154ba910fd8ec

Request headers

Referer: http://www.53agree.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 18:50:14 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
CF-RAY: 5bf32e9ffc45d6e1-FRA
cf-request-id: 046bdb77fd0000d6e1ab0c6200000001

GET
H2 200 index.html
papaxxb.com/ Frame 012F 0
0 370ms
327ms Document
text/html 2606:4700:3030::681b:9b1d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://papaxxb.com/index.html
Requested by: Host: www.53agree.com
URL: http://www.53agree.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::681b:9b1d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: papaxxb.com
:scheme: https
:path: /index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://www.53agree.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.53agree.com/

Response headers

status: 200
date: Fri, 07 Aug 2020 18:50:14 GMT
content-type: text/html
set-cookie: __cfduid=d70a4f957e9d767981e279b98998f73ca1596826214; expires=Sun, 06-Sep-20 18:50:14 GMT; path=/; domain=.papaxxb.com; HttpOnly; SameSite=Lax; Secure
last-modified: Fri, 07 Feb 2020 15:26:43 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 046bdb78d80000145a4a0ff200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5bf32ea15c12145a-FRA
content-encoding: br

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 368ms
367ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1071559328&si=5363c2a04845d04662a12554b780385e&v=1.2.75&lv=1&sn=406&r=0&ww=1600&ct=!!&tt=%E5%BA%86%E9%98%B3%E7%AB%A0%E5%A3%B9%E4%BC%81%E4%B8%9A%E7%AE%A1%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

Requested by

Host: www.53agree.com
URL: http://www.53agree.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.53agree.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 18:50:15 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 355ms
354ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=2050108010&si=05d1ac2f76cd2c1686e53adaaa743973&v=1.2.75&lv=1&sn=406&r=0&ww=1600&ct=!!&tt=%E5%BA%86%E9%98%B3%E7%AB%A0%E5%A3%B9%E4%BC%81%E4%B8%9A%E7%AE%A1%E7%90%86%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8

Requested by

Host: www.53agree.com
URL: http://www.53agree.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.53agree.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 18:50:16 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://www.53agree.com/common.js(Line 12) Message: 1
console-api	log	URL: http://www.53agree.com/common.js(Line 42) Message: 2
console-api	log	URL: http://www.53agree.com/common.js(Line 47) Message: 0*DIVshowcloneshengxiaon
console-api	log	URL: http://www.53agree.com/common.js(Line 47) Message: 1*STYLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

53agree.com
hm.baidu.com
papaxxb.com
www.456api.com
www.53agree.com
103.235.46.191
154.198.52.189
2606:4700:3030::681b:9b1d
2606:4700:e0::ac40:6227
0e458d83466bd996bf63622ac9d7b7d45f272a12411fe0c6f97154ba910fd8ec
1af0097401480eed773c8c2ea3d886bf2cad7a90b7bc9726933631a3aed0d5a0
409d1c8fa86562934f94b8461dcaedc796fcd83471da6628bcdf7896f609f797
57e132dba9b4a12ebaf70c9255de09d847450e4259fc2dccb4fb665434cec90d
90934105fd55e8c61ca16606542d2ff60ea83e52fa9ab160786d066c21bed9e5
a6dc397f02fffc97dd27efbb235d40649c3388e2e6bc0ecffe8f81190e860c24
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

www.53agree.com Open in urlscan Pro 154.198.52.189 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

10 Requests

50 %HTTPS

50 %IPv6

4 Domains

5 Subdomains

4 IPs

3 Countries

35 kBTransfer

87 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

www.53agree.com Open in urlscan Pro
154.198.52.189 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

50 %
HTTPS

50 %
IPv6

4
Domains

5
Subdomains

4
IPs

3
Countries

35 kB
Transfer

87 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions