urlscan.io logo urlscan.io
SecurityTrails logo

sos.splashtop.com Open in urlscan Pro
18.239.94.104  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://support.halfpricegeeks.com/
Effective URL: https://sos.splashtop.com/
Submission Tags: @ecarlesi possiblethreat Search All
Submission: On September 11 via api from FR — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 12 HTTP transactions. The main IP is 18.239.94.104, located in and belongs to . The main domain is sos.splashtop.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 21st 2023. Valid for: a year.
This is the only time sos.splashtop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 162.240.109.5 46606 (UNIFIEDLA...)
1 1 192.124.249.59 30148 (SUCURI-SEC)
1 1 151.101.2.133 ()
6 18.239.94.104 ()
12 3
Domain Requested by
6 sos.splashtop.com sos.splashtop.com
3 halfpricegeeks.com 1 redirects halfpricegeeks.com
1 www.splashtop.com 1 redirects
1 support.halfpricegeeks.com 1 redirects
0 download.splashtop.com Failed sos.splashtop.com
0 www.google-analytics.com Failed sos.splashtop.com
12 6

This site contains no links.

Subject Issuer Validity Valid
www.phoenix.halfpricegeeks.com
R3		 2023-08-25 -
2023-11-23		 3 months crt.sh
*.splashtop.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-01-18		 a year crt.sh

This page contains 2 frames:

Primary Page: https://sos.splashtop.com/
Frame ID: ADB02DC886AC7A6EFD91EF90CA94CC4C
Requests: 11 HTTP requests in this frame

Frame: https://download.splashtop.com/sos/SplashtopSOS.exe
Frame ID: E25E70BDE7649A0727C8D3FF540E0330
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://support.halfpricegeeks.com/ HTTP 301
    http://halfpricegeeks.com/help/ HTTP 301
    https://halfpricegeeks.com/help/ Page URL
  2. https://www.splashtop.com/sos-download HTTP 301
    https://sos.splashtop.com/ Page URL

Page Statistics

12
Requests

67 %
HTTPS

0 %
IPv6

3
Domains

6
Subdomains

3
IPs

1
Countries

447 kB
Transfer

443 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://support.halfpricegeeks.com/ HTTP 301
    http://halfpricegeeks.com/help/ HTTP 301
    https://halfpricegeeks.com/help/ Page URL
  2. https://www.splashtop.com/sos-download HTTP 301
    https://sos.splashtop.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://support.halfpricegeeks.com/ HTTP 301
  • http://halfpricegeeks.com/help/ HTTP 301
  • https://halfpricegeeks.com/help/

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
halfpricegeeks.com/help/
Redirect Chain
  • http://support.halfpricegeeks.com/
  • http://halfpricegeeks.com/help/
  • https://halfpricegeeks.com/help/
396 B
582 B 		Document
General
Check archive.org
Download Go to
Full URL
https://halfpricegeeks.com/help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.240.109.5 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
7015807.halfpricegeeks.com
Software
Apache /
Resource Hash
7e2282293672b9485303448017f170782de4bba53c946dec6d97b8f6c0206e20
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
max-age=7200
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 08:08:49 GMT
expires
Mon, 11 Sep 2023 10:08:49 GMT
server
Apache
x-endurance-cache-level
2
x-nginx-cache
WordPress

Redirect headers

Cache-Control
max-age=7200
Connection
keep-alive
Content-Length
240
Content-Type
text/html; charset=iso-8859-1
Date
Mon, 11 Sep 2023 08:08:52 GMT
Expires
Mon, 11 Sep 2023 10:08:49 GMT
Location
https://halfpricegeeks.com/help/
Server
Sucuri/Cloudproxy
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-Sucuri-Cache
MISS
X-Sucuri-ID
13009
X-XSS-Protection
1; mode=block
hpglargeclr.jpg
halfpricegeeks.com/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://halfpricegeeks.com/images/hpglargeclr.jpg
Requested by
Host: halfpricegeeks.com
URL: https://halfpricegeeks.com/help/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.240.109.5 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
7015807.halfpricegeeks.com
Software
Apache /
Resource Hash
b3649ddef71cac3cfa5c48feb860bd92df1215d0497c6204b0b9fd38ed29716a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://halfpricegeeks.com/help/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
date
Mon, 11 Sep 2023 08:08:49 GMT
x-nginx-cache
WordPress
last-modified
Sat, 06 Jan 2018 04:57:31 GMT
server
Apache
x-endurance-cache-level
2
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4508
expires
Tue, 10 Sep 2024 08:08:49 GMT
Primary Request /
sos.splashtop.com/
Redirect Chain
  • https://www.splashtop.com/sos-download
  • https://sos.splashtop.com/
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sos.splashtop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.104 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d98076c7d207910dd739439bd7c6af78d346b3007656fcb668774f8740cc4f5b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://halfpricegeeks.com/help/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
24656
content-length
1871
content-type
text/html
date
Mon, 11 Sep 2023 01:43:40 GMT
etag
"afa83d66a2779c02c085cb31edcd21d4"
last-modified
Thu, 03 Aug 2023 08:36:06 GMT
referrer-policy
same-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 47168233f5be3757636a095d7386d7d8.cloudfront.net (CloudFront)
x-amz-cf-id
R5vg2s5uQ6nH3JzOFYph3GZDoSV9SDAyykyaq2_w8vnM_lSBoJ6DNg==
x-amz-cf-pop
AMS1-P3
x-amz-server-side-encryption
AES256
x-amz-version-id
ZfBwYOq7Fp.7RG8V4E5FIazHnQ73.m7i
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

accept-ranges
bytes
age
396652
cache-control
no-store
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 11 Sep 2023 08:08:58 GMT
location
https://sos.splashtop.com/
server
nginx
strict-transport-security
max-age=300
vary
Origin, X-Language-Locale, Cookie, Cookie
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
HIT, HIT, MISS
x-cache-hits
5, 4, 0
x-content-type-options
nosniff
x-debug-cookies-sent
x-debug-english
/sos-download
x-debug-normalized
/sos-download
x-debug-pass
1
x-debug-path
/sos-download
x-debug-qs
x-debug-slashfix
/sos-download
x-debug-url
/sos-download
x-frame-options
SAMEORIGIN
x-pantheon-styx-hostname
styx-fe2-a-75f45bdf4d-cdpk8
x-redirect-by
WordPress splash301
x-request-qs
x-served-by
cache-chi-kigq8000150-CHI, cache-lcy-eglc8600023-LCY, cache-lcy-eglc8600023-LCY
x-styx-req-id
ee7da5b8-4cde-11ee-ae77-aee58b288ed2
x-timer
S1694419739.739085,VS0,VE5
x-xss-protection
1; mode=block
plugins.css
sos.splashtop.com/ 		46 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sos.splashtop.com/plugins.css
Requested by
Host: sos.splashtop.com
URL: https://sos.splashtop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.104 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
075f85e3e7bf3428f650e33b57000238b2202028d40e24f43f92bbed224d18c1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sos.splashtop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
WW_GQC68_ofDvmfrcrZSiLpvTta2cZ5A
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
date
Sun, 10 Sep 2023 08:27:15 GMT
via
1.1 47168233f5be3757636a095d7386d7d8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P3
age
85304
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
47040
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 03 Aug 2023 08:36:06 GMT
server
AmazonS3
etag
"865b913acea977738d01c672a6d7edf7"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
l6U50nCGhAnrjlMD2TTwZ-J9W9nYnrvFKQv-6lhgmOmo-hlU_PmVgw==
plugins.js
sos.splashtop.com/ 		154 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sos.splashtop.com/plugins.js
Requested by
Host: sos.splashtop.com
URL: https://sos.splashtop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.104 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7e85a9dc425d7c6c5e2313e75067a02eff52736f8af3216f8423f9ac5b6d510
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sos.splashtop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
tX0ieO3Zq8HHhyAz9Iq5baMkTDEQmZIT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 05:02:24 GMT
via
1.1 47168233f5be3757636a095d7386d7d8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P3
age
11195
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
157730
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 03 Aug 2023 08:36:06 GMT
server
AmazonS3
etag
"1d5ea1bb1b9d0c3e44cceabf07944214"
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
90K46hyGG_QLUx2BMKxnEj15Vjodl8cDY0_opL3Rfd22ltzfk5lVIg==
app.45d43b2f.css
sos.splashtop.com/css/ 		5 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sos.splashtop.com/css/app.45d43b2f.css
Requested by
Host: sos.splashtop.com
URL: https://sos.splashtop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.104 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2ba91c4aa04fc4a265fad07c428f7ec48ff594f1eae445209106346f4a2b2e09
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sos.splashtop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
bqmOjKPyEPumUkRU5l.f2.oGPGM07FbC
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
date
Sun, 10 Sep 2023 08:50:13 GMT
via
1.1 47168233f5be3757636a095d7386d7d8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P3
age
83926
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4730
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 03 Aug 2023 08:36:06 GMT
server
AmazonS3
etag
"8d9a71392796fc1aa6cbcecaf8cca77d"
x-frame-options
SAMEORIGIN
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
5CXpv1fPo96f6eVcrr-PEe9tqcLKAjxjbVazmn3hTHDGjepJAqeLvg==
app.55eef246.js
sos.splashtop.com/js/ 		50 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sos.splashtop.com/js/app.55eef246.js
Requested by
Host: sos.splashtop.com
URL: https://sos.splashtop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.104 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sos.splashtop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
UC4j.B9D1We7SNcazQJqjEE6kGAz2N0p
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 05:02:22 GMT
via
1.1 47168233f5be3757636a095d7386d7d8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P3
age
19691
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
50815
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 03 Aug 2023 08:36:06 GMT
server
AmazonS3
etag
"79ae6910ae386718edc5a0b4ea6ac795"
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
6m4NQzqR_aGkYEzsoM70QCfhR0eg9Led_kFTQbAer_YWrjtWcFWAIg==
chunk-vendors.047b18dd.js
sos.splashtop.com/js/ 		182 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sos.splashtop.com/js/chunk-vendors.047b18dd.js
Requested by
Host: sos.splashtop.com
URL: https://sos.splashtop.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.239.94.104 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
13140cd363623365285b22af75bfb3afac46f6bc3533d90381f6f24cf569f9fc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://sos.splashtop.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36

Response headers

x-amz-version-id
p0rMBuBbLdudySUd7dF3Ee3fS3cCcSD.
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
date
Mon, 11 Sep 2023 05:02:24 GMT
via
1.1 47168233f5be3757636a095d7386d7d8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-P3
age
11195
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
186472
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 03 Aug 2023 08:36:06 GMT
server
AmazonS3
etag
"6611de7db77b938b3d476b658f46ef04"
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
kdUuePc_H3vJtYJ0KWspZcdoZAqhOiU6BqwkVMElBHAYXnud6PpbHQ==
analytics.js
www.google-analytics.com/ 		0
0
SplashtopSOS.exe
download.splashtop.com/sos/ Frame E25E 		0
0
splashtop-logo.4869f537.svg
sos.splashtop.com/img/ 		0
0
sos-logo.1cd52fe4.png
sos.splashtop.com/img/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/analytics.js
Domain
download.splashtop.com
URL
https://download.splashtop.com/sos/SplashtopSOS.exe
Domain
sos.splashtop.com
URL
https://sos.splashtop.com/img/splashtop-logo.4869f537.svg
Domain
sos.splashtop.com
URL
https://sos.splashtop.com/img/sos-logo.1cd52fe4.png

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests