t.spl4cn.com - urlscan.io

Summary

This website contacted 2 IPs in 3 countries across 3 domains to perform 5 HTTP transactions. The main IP is 118.31.158.62, located in Hangzhou, China and belongs to CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN. The main domain is t.spl4cn.com.

This is the only time t.spl4cn.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2620:101:2005... 2620:101:2005:11f0::1001	16417 (IRONPORT-...) (IRONPORT-SYSTEMS-INC - Cisco Systems Ironport Division)
2	118.31.158.62 118.31.158.62	37963 (CNNIC-ALI...) (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.)
3	91.190.170.48 91.190.170.48	31688 (SPLIO-AS) (SPLIO-AS)
5	2

1 2620:101:2005:11f0::1001 (United States) 1 redirects

ASN16417 (IRONPORT-SYSTEMS-INC - Cisco Systems Ironport Division, US)

secure-web.cisco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 118.31.158.62 (Hangzhou, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)

t.spl4cn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.190.170.48 (France)

ASN31688 (SPLIO-AS, FR)
PTR: www.splio4.com

splio4.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	splio4.com splio4.com	61 KB
2	spl4cn.com t.spl4cn.com	2 KB
1	cisco.com 1 redirects secure-web.cisco.com	302 B
5	3

	Domain	Requested by
3	splio4.com	t.spl4cn.com
2	t.spl4cn.com
1	secure-web.cisco.com	1 redirects
5	3

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://t.spl4cn.com/abo4/7DAHJ0Ony/mail.unitec.mx/d%27ojedanu/48949699/754964031.html?lang=mx
Frame ID: F3A320C6F0D6A5CF928E02B970AC8806
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://secure-web.cisco.com/1vyi-okAI5AiV01fvE8AYO41l8nqUDacZTd7mUxghd6Kx8uxWs4dM4YbuEYDyylEM2ma9BHumd73... HTTP 302
http://t.spl4cn.com/l2/7DAHJ0Ony25/48949699/754964031.html Page URL
http://t.spl4cn.com/abo4/7DAHJ0Ony/mail.unitec.mx/d%27ojedanu/48949699/754964031.html?lang=mx Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

5
Requests

0 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

63 kB
Transfer

63 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://secure-web.cisco.com/1vyi-okAI5AiV01fvE8AYO41l8nqUDacZTd7mUxghd6Kx8uxWs4dM4YbuEYDyylEM2ma9BHumd73GmiMD7aDVU2a7X5sVqMfaLfOqKnqUYpNHoVqAJSOh-fwPmyUxNGkj5rrB16Ir_vr7fw2vYAxTdp_caMrKiOl3lJLnZIz6WRShRFv1GEg9MV0uBlLBrDI_zCn1rQg0y2hJlCbP2DbXgzxDADwpyV2TlAL0wxKz1Y02vYHWUHdckefGt_KIhRTnyt1tziN01JFJIYkyPV7vh3SDy2vrTJ8bmM_LdwaDFNI-zo6pcWqFgrh-HDGTy6vPivVBeW8QVst4aggyAFxe7Q/http%3A%2F%2Ft.spl4cn.com%2Fl2%2F7DAHJ0Ony25%2F48949699%2F754964031.html HTTP 302
http://t.spl4cn.com/l2/7DAHJ0Ony25/48949699/754964031.html Page URL
http://t.spl4cn.com/abo4/7DAHJ0Ony/mail.unitec.mx/d%27ojedanu/48949699/754964031.html?lang=mx Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://secure-web.cisco.com/1vyi-okAI5AiV01fvE8AYO41l8nqUDacZTd7mUxghd6Kx8uxWs4dM4YbuEYDyylEM2ma9BHumd73GmiMD7aDVU2a7X5sVqMfaLfOqKnqUYpNHoVqAJSOh-fwPmyUxNGkj5rrB16Ir_vr7fw2vYAxTdp_caMrKiOl3lJLnZIz6WRShRFv1GEg9MV0uBlLBrDI_zCn1rQg0y2hJlCbP2DbXgzxDADwpyV2TlAL0wxKz1Y02vYHWUHdckefGt_KIhRTnyt1tziN01JFJIYkyPV7vh3SDy2vrTJ8bmM_LdwaDFNI-zo6pcWqFgrh-HDGTy6vPivVBeW8QVst4aggyAFxe7Q/http%3A%2F%2Ft.spl4cn.com%2Fl2%2F7DAHJ0Ony25%2F48949699%2F754964031.html HTTP 302
http://t.spl4cn.com/l2/7DAHJ0Ony25/48949699/754964031.html

5 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Cookie set 754964031.html Show response t.spl4cn.com/l2/7DAHJ0Ony25/48949699/ Redirect Chain http://secure-web.cisco.com/1vyi-okAI5AiV01fvE8AYO41l8nqUDacZTd7mUxghd6Kx8uxWs4dM4YbuEYDyylEM2ma9BHumd73GmiMD7aDVU2a7X5sVqMfaLfOqKnqUYpNHoVqAJSOh-fwPmyUxNGkj5rrB16Ir_vr7fw2vYAxTdp_caMrKiOl3lJLnZIz6... http://t.spl4cn.com/l2/7DAHJ0Ony25/48949699/754964031.html	179 B 863 B	423ms 232ms	Document text/html	118.31.158.62 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL http://t.spl4cn.com/l2/7DAHJ0Ony25/48949699/754964031.html Protocol HTTP/1.1 Server 118.31.158.62 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software Apache / Resource Hash `aff21ab30b6671296339265e287e24c2a4892ccffdfb5af93719f6e4ea943d05` Request headers Host t.spl4cn.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 29 Nov 2019 03:13:35 GMT Server Apache Set-Cookie dotfashion_cn_email=dojedanu%40mail.unitec.mx; expires=Sun, 29-Dec-2019 03:13:35 GMT; Max-Age=2592000; path=/; domain=.t.spl4cn.com dotfashion_cn_envoi=7DAHJ0Ony; expires=Sun, 29-Dec-2019 03:13:35 GMT; Max-Age=2592000; path=/; domain=.t.spl4cn.com dotfashion_cn_lien=25; expires=Sun, 29-Dec-2019 03:13:35 GMT; Max-Age=2592000; path=/; domain=.t.spl4cn.com Vary Accept-Encoding Content-Encoding gzip Pragma no-cache Cache-Control no-cache Expires Mon, 01 Jan 1990 00:00:00 GMT X-Robots-Tag noindex,nofollow Content-Length 173 Content-Type text/html; charset=UTF-8 Redirect headers Server nginx/1.16.1 Date Fri, 29 Nov 2019 03:13:34 GMT Content-Type text/html; charset=utf-8 Transfer-Encoding chunked Connection keep-alive X-Harpe-Token Location http://t.spl4cn.com/l2/7DAHJ0Ony25/48949699/754964031.html X-Harpe-Verdict harpe_allow
GET H/1.1	200 OK	Primary Request 754964031.html Show response t.spl4cn.com/abo4/7DAHJ0Ony/mail.unitec.mx/d%27ojedanu/48949699/	3 KB 1 KB	220ms 219ms	Document text/html	118.31.158.62 CNNIC-ALIBABA-CN-...
General Check archive.org Show headers Download Go to Full URL http://t.spl4cn.com/abo4/7DAHJ0Ony/mail.unitec.mx/d%27ojedanu/48949699/754964031.html?lang=mx Protocol HTTP/1.1 Server 118.31.158.62 Hangzhou, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software Apache / Resource Hash `bc144e9166e644e99deef295470074216b07423ece1842ec91ad0307608fdc95` Request headers Host t.spl4cn.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Referer http://t.spl4cn.com/l2/7DAHJ0Ony25/48949699/754964031.html Accept-Encoding gzip, deflate Cookie dotfashion_cn_email=dojedanu%40mail.unitec.mx; dotfashion_cn_envoi=7DAHJ0Ony; dotfashion_cn_lien=25 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://t.spl4cn.com/l2/7DAHJ0Ony25/48949699/754964031.html Response headers Date Fri, 29 Nov 2019 03:13:35 GMT Server Apache Vary Accept-Encoding Content-Encoding gzip Pragma no-cache Cache-Control no-cache Expires Mon, 01 Jan 1990 00:00:00 GMT X-Robots-Tag noindex,nofollow Content-Length 923 Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	2fa.css splio4.com/static/	4 KB 5 KB	45ms 15ms	Stylesheet text/css	91.190.170.48 SPLIO-AS
General Check archive.org Show headers Download Go to Full URL http://splio4.com/static/2fa.css Requested by Host: t.spl4cn.com URL: http://t.spl4cn.com/abo4/7DAHJ0Ony/mail.unitec.mx/d%27ojedanu/48949699/754964031.html?lang=mx Protocol HTTP/1.1 Server 91.190.170.48 , France, ASN31688 (SPLIO-AS, FR), Reverse DNS www.splio4.com Software Apache / Resource Hash `e4ac3c5ebe842822534bb5c510590f69f9fd6d023049c3ca26c230cd9f14d1bd` Request headers Referer http://t.spl4cn.com/abo4/7DAHJ0Ony/mail.unitec.mx/d%27ojedanu/48949699/754964031.html?lang=mx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 29 Nov 2019 03:13:35 GMT Last-Modified Thu, 02 Oct 2014 08:48:59 GMT Server Apache ETag "840a76-1137-5046caffb14c0" Content-Type text/css Connection close Accept-Ranges bytes Content-Length 4407
GET H/1.1	200 OK	fonts.css splio4.com/static/	52 KB 53 KB	30ms 15ms	Stylesheet text/css	91.190.170.48 SPLIO-AS
General Check archive.org Show headers Download Go to Full URL http://splio4.com/static/fonts.css Requested by Host: t.spl4cn.com URL: http://t.spl4cn.com/abo4/7DAHJ0Ony/mail.unitec.mx/d%27ojedanu/48949699/754964031.html?lang=mx Protocol HTTP/1.1 Server 91.190.170.48 , France, ASN31688 (SPLIO-AS, FR), Reverse DNS www.splio4.com Software Apache / Resource Hash `4c97444a1b38c552878000c4bfa75dbc59986e31d96de8ae7841cb59e73052fb` Request headers Referer http://t.spl4cn.com/abo4/7DAHJ0Ony/mail.unitec.mx/d%27ojedanu/48949699/754964031.html?lang=mx User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 29 Nov 2019 03:13:35 GMT Last-Modified Wed, 04 Feb 2015 12:57:16 GMT Server Apache ETag "840a8c-d110-50e42ba132300" Content-Type text/css Connection close Accept-Ranges bytes Content-Length 53520
GET H/1.1	200 OK	bg_grey.jpg splio4.com/static/images/	4 KB 4 KB	29ms 15ms	Image image/jpeg	91.190.170.48 SPLIO-AS
General Check archive.org Show headers Download Go to Show image Full URL http://splio4.com/static/images/bg_grey.jpg Protocol HTTP/1.1 Server 91.190.170.48 , France, ASN31688 (SPLIO-AS, FR), Reverse DNS www.splio4.com Software Apache / Resource Hash `c5ae65115e6132d6429d90efb3766d8e5eac2862b3f0acd62ad0ec5a2640b8bd` Request headers Referer http://splio4.com/static/2fa.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Fri, 29 Nov 2019 03:13:35 GMT Last-Modified Tue, 17 Jun 2014 09:52:17 GMT Server Apache ETag "840bd3-ff2-4fc051956d640" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 4082

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.spl4cn.com/	1970-01-19 06:13:09	Name: dotfashion_cn_lien Value: 25
.t.spl4cn.com/	1970-01-19 06:13:09	Name: dotfashion_cn_envoi Value: 7DAHJ0Ony
.t.spl4cn.com/	1970-01-19 06:13:09	Name: dotfashion_cn_email Value: dojedanu%40mail.unitec.mx

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

secure-web.cisco.com
splio4.com
t.spl4cn.com
118.31.158.62
2620:101:2005:11f0::1001
91.190.170.48
4c97444a1b38c552878000c4bfa75dbc59986e31d96de8ae7841cb59e73052fb
aff21ab30b6671296339265e287e24c2a4892ccffdfb5af93719f6e4ea943d05
bc144e9166e644e99deef295470074216b07423ece1842ec91ad0307608fdc95
c5ae65115e6132d6429d90efb3766d8e5eac2862b3f0acd62ad0ec5a2640b8bd
e4ac3c5ebe842822534bb5c510590f69f9fd6d023049c3ca26c230cd9f14d1bd

t.spl4cn.com Open in urlscan Pro 118.31.158.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

0 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

2 IPs

3 Countries

63 kBTransfer

63 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

3 Cookies

Indicators

t.spl4cn.com Open in urlscan Pro
118.31.158.62 Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

0 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

2
IPs

3
Countries

63 kB
Transfer

63 kB
Size

3
Cookies

5 HTTP transactions
0 data transactions