www.sf-international.com Open in urlscan Pro
211.152.148.72 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.sf-international.com/th/th/
Submission: On November 14 via api (November 14th 2022, 3:08:18 pm UTC) from US — Scanned from US

Summary HTTP 27 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 27 HTTP transactions. The main IP is 211.152.148.72, located in Atlanta, United States and belongs to TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN. The main domain is www.sf-international.com. The Cisco Umbrella rank of the primary domain is 570267.
TLS certificate: Issued by DigiCert CN RSA CA G1 on September 29th 2022. Valid for: a year.

This is the only time www.sf-international.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: SF Express (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
24	211.152.148.72 211.152.148.72	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	101.33.21.32 101.33.21.32	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	123.56.12.94 123.56.12.94	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
1	36.27.223.47 36.27.223.47	136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA)
27	4

24 211.152.148.72 (Atlanta, United States)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

www.sf-international.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 101.33.21.32 (United States)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

sfimcdnupdate.sf-tech.com.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 123.56.12.94 (Beijing, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

webcert.cnmstl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 36.27.223.47 (Yiwu, China)

ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)

szcert.ebs.org.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	sf-international.com www.sf-international.com — Cisco Umbrella Rank: 570267	2 MB
1	ebs.org.cn szcert.ebs.org.cn — Cisco Umbrella Rank: 269603	10 KB
1	cnmstl.net webcert.cnmstl.net — Cisco Umbrella Rank: 172301	3 KB
1	sf-tech.com.cn sfimcdnupdate.sf-tech.com.cn — Cisco Umbrella Rank: 369642	52 KB
27	4

	Domain	Requested by
24	www.sf-international.com	www.sf-international.com
1	szcert.ebs.org.cn	www.sf-international.com
1	webcert.cnmstl.net	www.sf-international.com
1	sfimcdnupdate.sf-tech.com.cn	www.sf-international.com
27	4

This site contains links to these domains. Also see Links.

Domain
iuop.sf.global
www.sf-express.com
weibo.com
www.facebook.com
instagram.com
www.linkedin.com
beian.miit.gov.cn
webcert.cnmstl.net
www.sznet110.gov.cn
szcert.ebs.org.cn

Subject Issuer	Validity	Valid
*.sf-international.com DigiCert CN RSA CA G1	`2022-09-29` - `2023-10-19`	a year	crt.sh
*.sf-tech.com.cn DigiCert CN RSA CA G1	`2022-02-23` - `2023-02-23`	a year	crt.sh
webcert.cnmstl.net Secure Site Extended Validation CA G2	`2022-10-27` - `2023-11-13`	a year	crt.sh
*.ebs.org.cn XinChaCha Trust SSL Organization Validated	`2022-08-01` - `2023-08-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.sf-international.com/th/th/
Frame ID: 6A4839222A136E7C9B783523104D6A98
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SF International

Detected technologies

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

2256 kB
Transfer

7100 kB
Size

0
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://iuop.sf.global/?lang=en#/
Title: การขนส่ง

Search URL Search Domain Scan URL

URL: https://iuop.sf.global/?lang=en#/customer-online
Title: ติดต่อสอบถาม

Search URL Search Domain Scan URL

URL: https://iuop.sf.global/#/?lang=en
Title: เข้าสู่ระบบ

Search URL Search Domain Scan URL

URL: https://iuop.sf.global/#/register?lang=en
Title: ลงทะเบียน

Search URL Search Domain Scan URL

URL: https://www.sf-express.com/cn/sc/
Title: 顺丰速运 SF Express

Search URL Search Domain Scan URL

URL: https://www.sf-express.com/cn/en/
Title: EN

Search URL Search Domain Scan URL

URL: https://www.sf-express.com/hk/tc/
Title: 中国香港/中国澳門 HongKong China /Macau China

Search URL Search Domain Scan URL

URL: https://www.sf-express.com/hk/sc/
Title: 简

Search URL Search Domain Scan URL

URL: https://www.sf-express.com/hk/en/
Title: EN

Search URL Search Domain Scan URL

URL: https://weibo.com/p/1006067507964367/home

Search URL Search Domain Scan URL

URL: https://www.facebook.com/SF-Express-1575716475820824/

Search URL Search Domain Scan URL

URL: http://instagram.com/s.f.express

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/953921/

Search URL Search Domain Scan URL

URL: http://beian.miit.gov.cn/
Title: Company License: ICP-2020077802

Search URL Search Domain Scan URL

URL: http://webcert.cnmstl.net/cert/code?sn=c6cc6af3fac440c28901c15a104582fe

Search URL Search Domain Scan URL

URL: https://www.sznet110.gov.cn/webrecord/innernet/Welcome.jsp?bano=4403101900826

Search URL Search Domain Scan URL

URL: https://www.sznet110.gov.cn/index.jsp

Search URL Search Domain Scan URL

URL: https://szcert.ebs.org.cn/B943BEFD-EF5E-4747-AD73-B875A1FC5CC7

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.sf-international.com/th/th/	115 KB 23 KB	1225ms 432ms	Document text/html	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software openresty / Resource Hash `860f26094b85dc2800a83664ba73fe32a286f2adc224ff9e88ada51b63f8f06b` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 accept-language en-US,en;q=0.9 Response headers access-control-allow-credentials true access-control-allow-origin * cache-control no-cache content-encoding gzip content-type text/html date Mon, 14 Nov 2022 15:08:03 GMT etag W/"635127c2-1cdb8" last-modified Thu, 20 Oct 2022 10:49:38 GMT server openresty vary Accept-Encoding x-cache-lookup Cache Miss Cache Miss x-daa-tunnel hop_count=1 x-nws-log-uuid dc0de3bb-4512-4c32-b99f-d56bbd6a3366
GET H2	200	main.css www.sf-international.com/resource/styles/	700 KB 108 KB	41ms 39ms	Stylesheet text/css	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_Oversea_AP / Resource Hash `515a29a2fa44c94bada73335163d9a558d92eb99666d02c78334e2954efce976` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:03 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Tue, 28 Jun 2022 09:57:36 GMT server NWS_Oversea_AP etag W/"62bad090-aefed" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid f1d9b50b-c17f-4501-a993-452c2afff25c accept-ranges bytes content-length 109914 expires Mon, 14 Nov 2022 15:18:03 GMT
GET H2	200	jquery-1.11.3.js Show response www.sf-international.com/resource/scripts/old/	87 KB 31 KB	112ms 111ms	Script application/javascript	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/scripts/old/jquery-1.11.3.js?v=2022-10-20_6 Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_Oversea_AP / Resource Hash `22098889a3d150df9706ff90386764f183274d40903f5eee2ec97fef24e2c5b4` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:03 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Tue, 09 Aug 2022 07:22:25 GMT server NWS_Oversea_AP etag W/"62f20b31-15d43" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 5eea1837-21ca-474e-866f-b78c4c6e5646 accept-ranges bytes content-length 31077 expires Mon, 14 Nov 2022 15:18:03 GMT
GET H/1.1	200 OK	scp-jssdk-v1.8.js Show response sfimcdnupdate.sf-tech.com.cn/SCP/JSSDK/	183 KB 52 KB	904ms 85ms	Script application/javascript	101.33.21.32 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://sfimcdnupdate.sf-tech.com.cn/SCP/JSSDK/scp-jssdk-v1.8.js Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 101.33.21.32 , United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software Lego Server / Resource Hash `b0bd13cbc87a3ad2d40b398a0702350aa5d2937c38e58649db0dbb35fd2357df` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Date Mon, 14 Nov 2022 15:08:04 GMT Content-Encoding gzip X-Cache-Lookup Cache Hit, Hit From Inner Cluster Last-Modified Mon, 11 Jul 2022 05:51:44 GMT Server Lego Server Etag "62cbba70-2da29" Content-Type application/javascript X-NWS-LOG-UUID 269547355931656241 Connection keep-alive Accept-Ranges bytes Content-Length 52612
GET H2	200	intl_logo.png www.sf-international.com/resource/images/index/	6 KB 7 KB	42ms 38ms	Image image/png	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/intl_logo.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_Oversea_AP / Resource Hash `9b45db7c406797d773c59e2e0df1bf0bff722643bad169839fb730cf131caa8f` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:03 GMT x-cache-lookup Hit From Disktank3 last-modified Wed, 16 Dec 2020 08:36:02 GMT server NWS_Oversea_AP etag "5fd9c6f2-18d9" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 36aaa026-5c47-4707-b3e9-0c057a530722 accept-ranges bytes content-length 6361 expires Mon, 14 Nov 2022 15:18:03 GMT
GET H2	200	homepage-website-banner-th.jpg www.sf-international.com/.gallery/th/index/	289 KB 289 KB	358ms 351ms	Image image/jpeg	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/.gallery/th/index/homepage-website-banner-th.jpg Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_Oversea_AP / Resource Hash `246b5b36e0b8ecd53041f1129de0aea5c10065d5bbcf7d8427f468b555bf7065` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:04 GMT content-encoding gzip x-cache-lookup Hit From Upstream, Hit From Disktank3 Gz content-length 294927 last-modified Wed, 24 Jan 2018 13:07:00 GMT server NWS_Oversea_AP etag W/"5a6884f4-48302" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-daa-tunnel hop_count=1 x-nws-log-uuid 0b221786-e831-4433-8c07-473a2428cee7 accept-ranges bytes expires Mon, 14 Nov 2022 15:18:04 GMT
GET H2	200	News-banner-web.jpg www.sf-international.com/.gallery/th/news/	46 KB 46 KB	297ms 296ms	Image image/jpeg	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/.gallery/th/news/News-banner-web.jpg Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_Oversea_AP / Resource Hash `4fdc23fac07329a5d13f0fc899170a61808e079ae7cf70571df54325cb61648a` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:04 GMT content-encoding gzip x-cache-lookup Hit From Upstream, Hit From Disktank3 Gz content-length 46803 last-modified Wed, 24 Jan 2018 13:07:00 GMT server NWS_Oversea_AP etag W/"5a6884f4-b7f9" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-daa-tunnel hop_count=1 x-nws-log-uuid 9f3ccc98-3392-46f0-9614-36f871935134 accept-ranges bytes expires Mon, 14 Nov 2022 15:18:04 GMT
GET H2	200	jwplayer.js Show response www.sf-international.com/resource/scripts/old/jwplayer-7.9.1/	235 KB 66 KB	50ms 40ms	Script application/javascript	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/scripts/old/jwplayer-7.9.1/jwplayer.js Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_Oversea_AP / Resource Hash `3b10f832c4dc813c90a0ebd33aaf593a096fb9e0b30d023999dd684d489166cb` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:03 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Sun, 04 Jul 2021 07:18:27 GMT server NWS_Oversea_AP etag W/"60e160c3-3ace7" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid c0b2a6ee-8425-4f4e-8ee3-0ee7a0c93c0c accept-ranges bytes content-length 66794 expires Mon, 14 Nov 2022 15:18:03 GMT
GET H2	200	sfapp_international.png www.sf-international.com/resource/images/index/	388 KB 202 KB	44ms 42ms	Image image/png	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/sfapp_international.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_Oversea_AP / Resource Hash `0ae65cfe3650ce6ea65dcfa47b2b95642485b2afe667e863ea4de832ea7196ad` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:04 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Mon, 22 Jul 2019 06:17:23 GMT server NWS_Oversea_AP etag W/"5d3554f3-60e25" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid e4a4e271-977d-40c5-9f85-abf31d348608 accept-ranges bytes content-length 206153 expires Mon, 14 Nov 2022 15:18:04 GMT
GET H/1.1	200 OK	officialbrand_small_h_img.jpg webcert.cnmstl.net/images/cert/code/	3 KB 3 KB	2018ms 265ms	Image image/png	123.56.12.94 ALIBABA-CN-NET Ha...
General Check archive.org Show headers Download Go to Show image Full URL https://webcert.cnmstl.net/images/cert/code/officialbrand_small_h_img.jpg?sn=c6cc6af3fac440c28901c15a104582fe&t=1476167429157 Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 123.56.12.94 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN), Reverse DNS Software / Resource Hash `75fab0d1416ba599a70fae571a4dd33f2f81b99fc84269c99b8710049ffe6caf` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Mon, 14 Nov 2022 15:08:06 GMT Content-Encoding gzip Connection keep-alive Transfer-Encoding chunked Vary Accept-Encoding Content-Type image/png; charset=utf-8
GET H2	200	security_site_1.png www.sf-international.com/.gallery/other/	3 KB 4 KB	43ms 42ms	Image image/png	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/.gallery/other/security_site_1.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_Oversea_AP / Resource Hash `ec3c1154d95327d79118d2ea0320ead3e3ab4e29431c21c34012a1f896c36dc4` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:04 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Fri, 09 Jun 2017 08:44:12 GMT server NWS_Oversea_AP etag W/"593a5fdc-cc6" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid df2ebd8c-0919-433f-a8fb-a0e701f66b1d accept-ranges bytes content-length 3298 expires Mon, 14 Nov 2022 15:18:04 GMT
GET H2	200	security_site_2.png www.sf-international.com/.gallery/other/	3 KB 3 KB	42ms 41ms	Image image/png	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/.gallery/other/security_site_2.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_Oversea_AP / Resource Hash `006ac205426fd7b3e79f3d6d414889d52f87daa2731a8264469984850714c18d` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:04 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Fri, 09 Jun 2017 08:44:12 GMT server NWS_Oversea_AP etag W/"593a5fdc-a93" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 77fd10b1-324a-4fe0-8a78-eb9459aa370c accept-ranges bytes content-length 2735 expires Mon, 14 Nov 2022 15:18:04 GMT
GET H2	200	govIcon.gif szcert.ebs.org.cn/Images/	9 KB 10 KB	1498ms 625ms	Image image/gif	36.27.223.47 CHINATELECOM-ZHEJ...
General Check archive.org Show headers Download Go to Show image Full URL https://szcert.ebs.org.cn/Images/govIcon.gif Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 36.27.223.47 Yiwu, China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN), Reverse DNS Software Waf / Resource Hash `6879f6200421154baabd4682320d1a1ff600830520ff73697f61c1c8759a6a3f` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:05 GMT last-modified Fri, 30 Oct 2020 03:26:52 GMT server Waf etag "a4aec9826caed61:0" access-control-allow-methods GET,POST,PUT,DELETE,OPTIONS content-type image/gif access-control-allow-origin * accept-ranges bytes access-control-allow-headers content-type,api_key,Authorization content-length 9481
GET H2	200	modernizr.js Show response www.sf-international.com/resource/scripts/vendor/	50 KB 16 KB	43ms 42ms	Script application/javascript	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/scripts/vendor/modernizr.js Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_Oversea_AP / Resource Hash `e6fed7b32526f337c99fc7eb7e4674acfdcded92c6f80bb92ba33581036c0b97` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:03 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Sun, 04 Jul 2021 07:18:27 GMT server NWS_Oversea_AP etag W/"60e160c3-c951" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid f71be7bf-a79e-47b3-8044-62b6cbdfd2a0 accept-ranges bytes content-length 15881 expires Mon, 14 Nov 2022 15:18:03 GMT
GET H2	200	configs.js Show response www.sf-international.com/resource/scripts/	5 KB 2 KB	40ms 38ms	Script application/javascript	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/scripts/configs.js?v=2022-10-20_6 Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_Oversea_AP / Resource Hash `f42368ca2b4c73e934f7d417ea218d3d816f3410ccce6f7487b48d71248ba999` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:03 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Tue, 28 Jun 2022 09:57:14 GMT server NWS_Oversea_AP etag "62bad07a-1445" content-type application/javascript access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid c30529d1-1e82-41c6-ae36-7857866728f5 content-length 1622 expires Mon, 14 Nov 2022 15:18:03 GMT
GET H2	200	require.js Show response www.sf-international.com/resource/scripts/vendor/	86 KB 21 KB	43ms 43ms	Script application/javascript	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/scripts/vendor/require.js Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_Oversea_AP / Resource Hash `17f95b065648d48c21d4bdafe2f76d0832294a5ae21f39477f283b06a61e3276` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:03 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Sun, 04 Jul 2021 07:18:27 GMT server NWS_Oversea_AP etag W/"60e160c3-157f2" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 6984148d-e6f6-4f3f-8422-d665ddd4ce0a accept-ranges bytes content-length 21457 expires Mon, 14 Nov 2022 15:18:03 GMT
GET H2	200	frame.js Show response www.sf-international.com/resource/scripts/	314 KB 92 KB	39ms 39ms	Script application/javascript	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/scripts/frame.js?v=1.0 Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_Oversea_AP / Resource Hash `510013be4182fc19e066418198d3a0239677fc09f997c85d33857e42a6e174e7` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:03 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Tue, 28 Jun 2022 09:57:14 GMT server NWS_Oversea_AP etag W/"62bad07a-4e870" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid ad29f47d-9ea0-4fea-94dd-2c910c122f1c accept-ranges bytes content-length 93515 expires Mon, 14 Nov 2022 15:18:03 GMT
GET H2	200	main.js Show response www.sf-international.com/resource/scripts/	4 MB 1 MB	47ms 47ms	Script application/javascript	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/scripts/main.js?v=2022-10-20_6 Requested by Host: www.sf-international.com URL: https://www.sf-international.com/th/th/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_Oversea_AP / Resource Hash `291d8ceff871e6408034083c3dcee07c5fb153b8d19b5b9097f57f97ecb07457` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/th/th/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:03 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Mon, 26 Sep 2022 10:12:43 GMT server NWS_Oversea_AP etag "63317b1b-3eb7f4" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 00ccf555-ab66-4f1d-8ea2-b0d83e867da1 content-length 1074521 expires Mon, 14 Nov 2022 15:18:03 GMT
GET H2	200	header-phoneicon.png www.sf-international.com/resource/images/index/	12 KB 13 KB	39ms 37ms	Image image/png	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/header-phoneicon.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_Oversea_AP / Resource Hash `0ccebd96ae2d393c6ebcf8baaf249076736e57742d0d272ad4b4c654afed1992` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:04 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Tue, 28 Jun 2022 09:56:41 GMT server NWS_Oversea_AP etag W/"62bad059-310a" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid e44e1bbb-c320-460f-9765-e9cfe4c352f6 accept-ranges bytes content-length 12582 expires Mon, 14 Nov 2022 15:18:04 GMT
GET H2	200	warning_prompt_icon1.png www.sf-international.com/resource/images/index/	5 KB 3 KB	46ms 45ms	Image image/png	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/warning_prompt_icon1.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_Oversea_AP / Resource Hash `60ffbdf73741c4f186b2d15707701d9809527288bc94bee8e34d5889c5139835` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:04 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Fri, 28 Jun 2019 06:07:19 GMT server NWS_Oversea_AP etag W/"5d15ae97-1588" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 9f52f872-e0da-418c-8dd9-4df66ef2ee08 accept-ranges bytes content-length 3135 expires Mon, 14 Nov 2022 15:18:04 GMT
GET H2	200	pb-wrapper-line.png www.sf-international.com/resource/images/index/	928 B 1 KB	51ms 49ms	Image image/png	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/pb-wrapper-line.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_Oversea_AP / Resource Hash `a7a1e0f6508e3dcfa85855fb8787916259e1d3fbd60f95b59aa4282c132efb80` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:04 GMT x-cache-lookup Hit From Disktank3 last-modified Fri, 28 Jun 2019 06:07:18 GMT server NWS_Oversea_AP etag "5d15ae96-3a0" content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 0218e174-0213-429b-8f0b-cfa9ffbe415f accept-ranges bytes content-length 928 expires Mon, 14 Nov 2022 15:18:04 GMT
GET H2	200	smallBanner-icon.png www.sf-international.com/resource/images/index/	6 KB 6 KB	47ms 46ms	Image image/png	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/smallBanner-icon.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_Oversea_AP / Resource Hash `34c3501386e849c21bfd981f8b7e0973090fe3341f364f2798b9560bd180b36c` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:04 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Fri, 28 Jun 2019 06:07:19 GMT server NWS_Oversea_AP etag W/"5d15ae97-1852" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 03b4c919-de71-4991-9a6a-03722db45ccc accept-ranges bytes content-length 6254 expires Mon, 14 Nov 2022 15:18:04 GMT
GET H2	200	smallHeader-searchIcon.png www.sf-international.com/resource/images/index/	1 KB 1 KB	49ms 49ms	Image image/png	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/smallHeader-searchIcon.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_Oversea_AP / Resource Hash `3611a84781e70db572fa5f1562a314fb3d0dc5c5217ecb2008d32a8a9c69c488` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:04 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Fri, 28 Jun 2019 06:07:19 GMT server NWS_Oversea_AP etag W/"5d15ae97-5b9" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 11654c2d-f18b-42ea-af84-04c12655347e accept-ranges bytes content-length 1183 expires Mon, 14 Nov 2022 15:18:04 GMT
GET H2	200	to-top-red.png www.sf-international.com/resource/images/index/	2 KB 3 KB	44ms 42ms	Image image/png	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/to-top-red.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_Oversea_AP / Resource Hash `084d4baaf25e531fc8557d00019f984a937dfbba30afe8b7ff8fe6c418c26f0f` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:04 GMT x-cache-lookup Hit From Disktank3 last-modified Fri, 28 Jun 2019 06:07:19 GMT server NWS_Oversea_AP etag "5d15ae97-9a2" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid 4308df20-3c21-48bf-958d-bc267952639a accept-ranges bytes content-length 2466 expires Mon, 14 Nov 2022 15:18:04 GMT
GET H2	200	label-top-r-kr.png www.sf-international.com/resource/images/index/	463 KB 133 KB	44ms 43ms	Image image/png	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/label-top-r-kr.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_Oversea_AP / Resource Hash `817e3216e36e573289a222357a51165312d1ba5e7a5d0f98e63bb3821da849ce` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:04 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Fri, 28 Jun 2019 06:07:17 GMT server NWS_Oversea_AP etag W/"5d15ae95-73dc4" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid a76a6636-1f2a-4ab8-8124-59869d67d9ad accept-ranges bytes content-length 135372 expires Mon, 14 Nov 2022 15:18:04 GMT
GET H2	200	th-sf.png www.sf-international.com/resource/images/index/	6 KB 6 KB	44ms 43ms	Image image/png	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Show image Full URL https://www.sf-international.com/resource/images/index/th-sf.png Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software NWS_Oversea_AP / Resource Hash `3e53f5da010112b52d915774bab7b44fc3bf77d1f3c64fd212d9de0c2998e366` Request headers accept-language en-US,en;q=0.9 Referer https://www.sf-international.com/resource/styles/main.css?v=2022-10-20_6 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:04 GMT content-encoding gzip x-cache-lookup Hit From Disktank3 Gz last-modified Wed, 14 Apr 2021 11:47:40 GMT server NWS_Oversea_AP etag W/"6076d65c-1820" vary Accept-Encoding content-type image/png access-control-allow-origin * cache-control max-age=600 access-control-allow-credentials true x-nws-log-uuid f2b826bb-e6eb-4a64-acbd-a6178a987ec6 accept-ranges bytes content-length 5813 expires Mon, 14 Nov 2022 15:18:04 GMT
GET H2	200	i18n_universal.json Show response www.sf-international.com/resource/i18n/	66 KB 66 KB	463ms 463ms	XHR application/json	211.152.148.72 TENCENT-NET-AP-CN...
General Check archive.org Show headers Download Go to Full URL https://www.sf-international.com/resource/i18n/i18n_universal.json?lang=en&region=th&translate= Requested by Host: www.sf-international.com URL: https://www.sf-international.com/resource/scripts/frame.js?v=1.0 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 211.152.148.72 Atlanta, United States, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN), Reverse DNS Software openresty / Resource Hash `fdf07543929392ef396c8bef289833271b85654992b8947282f60d0c33891df0` Request headers Accept application/json, text/javascript, /; q=0.01 Referer https://www.sf-international.com/th/th/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36 Response headers date Mon, 14 Nov 2022 15:08:04 GMT x-cache-lookup Cache Miss, Cache Miss last-modified Mon, 14 Dec 2020 10:00:55 GMT server openresty etag "5fd737d7-106da" content-type application/json access-control-allow-origin * cache-control no-cache access-control-allow-credentials true x-daa-tunnel hop_count=1 x-nws-log-uuid 005f9668-374f-4133-b90b-6a2e0549b7a3 accept-ranges bytes content-length 67290

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SF Express (Transportation)

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.sf-international.com/th/th/ Message: Mixed Content: The page at 'https://www.sf-international.com/th/th/' was loaded over HTTPS, but requested an insecure element 'http://webcert.cnmstl.net/images/cert/code/officialbrand_small_h_img.jpg?sn=c6cc6af3fac440c28901c15a104582fe&t=1476167429157'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.sf-international.com/th/th/ Message: Mixed Content: The page at 'https://www.sf-international.com/th/th/' was loaded over HTTPS, but requested an insecure element 'http://szcert.ebs.org.cn/Images/govIcon.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.sf-international.com/th/th/(Line 3792) Message: Mixed Content: The page at 'https://www.sf-international.com/th/th/' was loaded over HTTPS, but requested an insecure element 'http://webcert.cnmstl.net/images/cert/code/officialbrand_small_h_img.jpg?sn=c6cc6af3fac440c28901c15a104582fe&t=1476167429157'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://www.sf-international.com/th/th/(Line 3792) Message: Mixed Content: The page at 'https://www.sf-international.com/th/th/' was loaded over HTTPS, but requested an insecure element 'http://szcert.ebs.org.cn/Images/govIcon.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

sfimcdnupdate.sf-tech.com.cn
szcert.ebs.org.cn
webcert.cnmstl.net
www.sf-international.com
101.33.21.32
123.56.12.94
211.152.148.72
36.27.223.47
006ac205426fd7b3e79f3d6d414889d52f87daa2731a8264469984850714c18d
084d4baaf25e531fc8557d00019f984a937dfbba30afe8b7ff8fe6c418c26f0f
0ae65cfe3650ce6ea65dcfa47b2b95642485b2afe667e863ea4de832ea7196ad
0ccebd96ae2d393c6ebcf8baaf249076736e57742d0d272ad4b4c654afed1992
17f95b065648d48c21d4bdafe2f76d0832294a5ae21f39477f283b06a61e3276
22098889a3d150df9706ff90386764f183274d40903f5eee2ec97fef24e2c5b4
246b5b36e0b8ecd53041f1129de0aea5c10065d5bbcf7d8427f468b555bf7065
291d8ceff871e6408034083c3dcee07c5fb153b8d19b5b9097f57f97ecb07457
34c3501386e849c21bfd981f8b7e0973090fe3341f364f2798b9560bd180b36c
3611a84781e70db572fa5f1562a314fb3d0dc5c5217ecb2008d32a8a9c69c488
3b10f832c4dc813c90a0ebd33aaf593a096fb9e0b30d023999dd684d489166cb
3e53f5da010112b52d915774bab7b44fc3bf77d1f3c64fd212d9de0c2998e366
4fdc23fac07329a5d13f0fc899170a61808e079ae7cf70571df54325cb61648a
510013be4182fc19e066418198d3a0239677fc09f997c85d33857e42a6e174e7
515a29a2fa44c94bada73335163d9a558d92eb99666d02c78334e2954efce976
60ffbdf73741c4f186b2d15707701d9809527288bc94bee8e34d5889c5139835
6879f6200421154baabd4682320d1a1ff600830520ff73697f61c1c8759a6a3f
75fab0d1416ba599a70fae571a4dd33f2f81b99fc84269c99b8710049ffe6caf
817e3216e36e573289a222357a51165312d1ba5e7a5d0f98e63bb3821da849ce
860f26094b85dc2800a83664ba73fe32a286f2adc224ff9e88ada51b63f8f06b
9b45db7c406797d773c59e2e0df1bf0bff722643bad169839fb730cf131caa8f
a7a1e0f6508e3dcfa85855fb8787916259e1d3fbd60f95b59aa4282c132efb80
b0bd13cbc87a3ad2d40b398a0702350aa5d2937c38e58649db0dbb35fd2357df
e6fed7b32526f337c99fc7eb7e4674acfdcded92c6f80bb92ba33581036c0b97
ec3c1154d95327d79118d2ea0320ead3e3ab4e29431c21c34012a1f896c36dc4
f42368ca2b4c73e934f7d417ea218d3d816f3410ccce6f7487b48d71248ba999
fdf07543929392ef396c8bef289833271b85654992b8947282f60d0c33891df0

www.sf-international.com Open in urlscan Pro 211.152.148.72 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

2256 kBTransfer

7100 kBSize

0 Cookies

18 Outgoing links

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

79 JavaScript Global Variables

0 Cookies

www.sf-international.com Open in urlscan Pro
211.152.148.72 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

2256 kB
Transfer

7100 kB
Size

0
Cookies

27 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!