www.sf-international.com
Open in
urlscan Pro
119.28.164.32
Malicious Activity!
Public Scan
Submission: On May 16 via manual from AU — Scanned from AU
Summary
TLS certificate: Issued by DigiCert CN RSA CA G1 on September 28th 2023. Valid for: a year.
This is the only time www.sf-international.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: SF Express (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 119.28.164.32 119.28.164.32 | 132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building) | |
1 | 211.152.154.238 211.152.154.238 | 132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building) | |
1 | 123.56.12.94 123.56.12.94 | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
21 | 4 |
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
www.sf-international.com |
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
sfimcdnupdate.sf-tech.com.cn |
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
webcert.cnmstl.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
sf-international.com
www.sf-international.com — Cisco Umbrella Rank: 797555 |
5 MB |
1 |
cnmstl.net
webcert.cnmstl.net — Cisco Umbrella Rank: 314415 |
3 KB |
1 |
sf-tech.com.cn
sfimcdnupdate.sf-tech.com.cn |
183 KB |
0 |
ebs.org.cn
Failed
szcert.ebs.org.cn Failed |
|
21 | 4 |
Domain | Requested by | |
---|---|---|
18 | www.sf-international.com |
www.sf-international.com
|
1 | webcert.cnmstl.net |
www.sf-international.com
|
1 | sfimcdnupdate.sf-tech.com.cn |
www.sf-international.com
|
0 | szcert.ebs.org.cn Failed |
www.sf-international.com
|
21 | 4 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.sf-international.com DigiCert CN RSA CA G1 |
2023-09-28 - 2024-10-24 |
a year | crt.sh |
*.sf-tech.com.cn DigiCert CN RSA CA G1 |
2024-01-12 - 2025-02-07 |
a year | crt.sh |
webcert.cnmstl.net Secure Site Extended Validation CA G2 |
2023-10-19 - 2024-11-15 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.sf-international.com/us/en/services_network/index.html
Frame ID: F443C895C9C7459FDAB00E6AA45E159B
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
Service networkDetected technologies
RequireJS (JavaScript Frameworks) ExpandDetected patterns
- require.*\.js
Modernizr (JavaScript Libraries) Expand
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
20 Outgoing links
These are links going to different origins than the main page.
Title: International Oversize and Overweight Shipping
Search URL Search Domain Scan URL
Title: Online Service
Search URL Search Domain Scan URL
Title: Cooperation Inquiry
Search URL Search Domain Scan URL
Title: Login
Search URL Search Domain Scan URL
Title: Register
Search URL Search Domain Scan URL
Title: 顺丰速运 SF Express
Search URL Search Domain Scan URL
Title: EN
Search URL Search Domain Scan URL
Title: 中国香港/中国澳門 HongKong China /Macau China
Search URL Search Domain Scan URL
Title: 简
Search URL Search Domain Scan URL
Title: EN
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: SF International Online Order Website (United States)
Search URL Search Domain Scan URL
Title: SF International Online Order Website (Canada)
Search URL Search Domain Scan URL
Title: SF International Business System
Search URL Search Domain Scan URL
Title: Company License: ICP-2020077802
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index.html
www.sf-international.com/us/en/services_network/ |
90 KB 19 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
www.sf-international.com/resource/styles/ |
705 KB 106 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.11.3.js
www.sf-international.com/resource/scripts/old/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scp-jssdk-v1.8.js
sfimcdnupdate.sf-tech.com.cn/SCP/JSSDK/ |
183 KB 183 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
express-logo.png
www.sf-international.com/resource/images/index/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sfapp_international.png
www.sf-international.com/resource/images/index/ |
388 KB 388 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
officialbrand_small_h_img.jpg
webcert.cnmstl.net/images/cert/code/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
security_site_1.png
www.sf-international.com/.gallery/other/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
security_site_2.png
www.sf-international.com/.gallery/other/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
govIcon.gif
szcert.ebs.org.cn/Images/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr.js
www.sf-international.com/resource/scripts/vendor/ |
50 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
configs.js
www.sf-international.com/resource/scripts/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
require.js
www.sf-international.com/resource/scripts/vendor/ |
86 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frame.js
www.sf-international.com/resource/scripts/ |
314 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
www.sf-international.com/resource/scripts/ |
4 MB 4 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header-phoneicon.png
www.sf-international.com/resource/images/index/ |
12 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
to-top-red.png
www.sf-international.com/resource/images/index/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
label-top-r-kr.png
www.sf-international.com/resource/images/index/ |
463 KB 464 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i18n_universal.json
www.sf-international.com/resource/i18n/ |
66 KB 66 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i18n_us.json
www.sf-international.com/resource/i18n/ |
607 B 901 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
www.sf-international.com/.gallery/ |
1 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- szcert.ebs.org.cn
- URL
- https://szcert.ebs.org.cn/Images/govIcon.gif
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: SF Express (Transportation)75 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| _cmsConfig function| $ function| jQuery object| __core-js_shared__ object| core object| regeneratorRuntime function| JsBarcode function| SCPJSSDK object| _ejsLabel object| html5 object| Modernizr object| _webConfig function| requirejs function| require function| define function| _ object| Backbone function| Swiper object| jQuery19105377778574200285 function| Gather object| common object| otherDynamic object| gis object| login object| userCenter object| order object| waybill object| addressBook object| region object| accept object| invoiceVN object| cloudPrint object| complain object| onlineService object| QRMode object| QRErrorCorrectLevel object| QRMaskPattern object| QRUtil object| QRMath function| QR8bitByte function| QRCode function| QRPolynomial function| QRRSBlock function| QRBitBuffer function| loadModule object| TiffTag function| Tiff object| ParsleyConfig function| log object| SfGather object| urlConfigs object| layer object| _ibuCountry function| P function| html2canvas object| cookieType object| _hmt object| Const function| moment object| ParsleyUI object| ParsleyExtend function| psly function| Parsley object| ParsleyUtils object| ParsleyValidator object| sfgather object| sfAjax function| _l function| jumpOrder object| JST function| reportScriptLoadError string| ORDER_SYMBOLS object| cache function| _p object| Helper0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
sfimcdnupdate.sf-tech.com.cn
szcert.ebs.org.cn
webcert.cnmstl.net
www.sf-international.com
szcert.ebs.org.cn
119.28.164.32
123.56.12.94
211.152.154.238
006ac205426fd7b3e79f3d6d414889d52f87daa2731a8264469984850714c18d
04d7d022f9ac73b9649748eb81374799f6e56eae2fc02cd51a30b6e763c6ddf2
084d4baaf25e531fc8557d00019f984a937dfbba30afe8b7ff8fe6c418c26f0f
0ae65cfe3650ce6ea65dcfa47b2b95642485b2afe667e863ea4de832ea7196ad
0ccebd96ae2d393c6ebcf8baaf249076736e57742d0d272ad4b4c654afed1992
17f95b065648d48c21d4bdafe2f76d0832294a5ae21f39477f283b06a61e3276
21684cf6cfc45d17dbf6c10aecad024bfa813a004b04cc739aaf5e81783a2ce6
22098889a3d150df9706ff90386764f183274d40903f5eee2ec97fef24e2c5b4
2996c1db8cb39cb84acbe6e03a1a9ee685ef209b171c4d49d2816c260ebbbb94
510013be4182fc19e066418198d3a0239677fc09f997c85d33857e42a6e174e7
51227899986140fb72aed65d35e19bd3a8c8db4f8c3afa07f29451360e723e6c
63dbec27bfd3dd053dc841b1239b5e6847f8a6806b7f679861a0ed5523d22c53
75fab0d1416ba599a70fae571a4dd33f2f81b99fc84269c99b8710049ffe6caf
817e3216e36e573289a222357a51165312d1ba5e7a5d0f98e63bb3821da849ce
8399e9d5086c52b1c4da045ffb0dec771493363976e275064ec4cc7aa240d1e2
89068d6c2e78361b5f06305a46298e1c913bfc5f8cb0107efdcc8c284a6e0062
b0bd13cbc87a3ad2d40b398a0702350aa5d2937c38e58649db0dbb35fd2357df
e6fed7b32526f337c99fc7eb7e4674acfdcded92c6f80bb92ba33581036c0b97
ec3c1154d95327d79118d2ea0320ead3e3ab4e29431c21c34012a1f896c36dc4
fdf07543929392ef396c8bef289833271b85654992b8947282f60d0c33891df0