![](/screenshots/bc2b55fb-8f88-456a-9dfe-60da1efd9116.png)
www.sf-international.com
Open in
urlscan Pro
211.152.148.72
Malicious Activity!
Public Scan
Submission: On November 14 via api from US — Scanned from US
Summary
TLS certificate: Issued by DigiCert CN RSA CA G1 on September 29th 2022. Valid for: a year.
This is the only time www.sf-international.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: SF Express (Transportation)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
24 | 211.152.148.72 211.152.148.72 | 132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building) | |
1 | 101.33.21.32 101.33.21.32 | 132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building) | |
1 | 123.56.12.94 123.56.12.94 | 37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.) | |
1 | 36.27.223.47 36.27.223.47 | 136190 (CHINATELE...) (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA) | |
27 | 4 |
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
www.sf-international.com |
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
sfimcdnupdate.sf-tech.com.cn |
ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
webcert.cnmstl.net |
ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN)
szcert.ebs.org.cn |
Apex Domain Subdomains |
Transfer | |
---|---|---|
24 |
sf-international.com
www.sf-international.com — Cisco Umbrella Rank: 570267 |
2 MB |
1 |
ebs.org.cn
szcert.ebs.org.cn — Cisco Umbrella Rank: 269603 |
10 KB |
1 |
cnmstl.net
webcert.cnmstl.net — Cisco Umbrella Rank: 172301 |
3 KB |
1 |
sf-tech.com.cn
sfimcdnupdate.sf-tech.com.cn — Cisco Umbrella Rank: 369642 |
52 KB |
27 | 4 |
Domain | Requested by | |
---|---|---|
24 | www.sf-international.com |
www.sf-international.com
|
1 | szcert.ebs.org.cn |
www.sf-international.com
|
1 | webcert.cnmstl.net |
www.sf-international.com
|
1 | sfimcdnupdate.sf-tech.com.cn |
www.sf-international.com
|
27 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
iuop.sf.global |
www.sf-express.com |
weibo.com |
www.facebook.com |
instagram.com |
www.linkedin.com |
beian.miit.gov.cn |
webcert.cnmstl.net |
www.sznet110.gov.cn |
szcert.ebs.org.cn |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.sf-international.com DigiCert CN RSA CA G1 |
2022-09-29 - 2023-10-19 |
a year | crt.sh |
*.sf-tech.com.cn DigiCert CN RSA CA G1 |
2022-02-23 - 2023-02-23 |
a year | crt.sh |
webcert.cnmstl.net Secure Site Extended Validation CA G2 |
2022-10-27 - 2023-11-13 |
a year | crt.sh |
*.ebs.org.cn XinChaCha Trust SSL Organization Validated |
2022-08-01 - 2023-08-31 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.sf-international.com/th/th/
Frame ID: 6A4839222A136E7C9B783523104D6A98
Requests: 27 HTTP requests in this frame
Screenshot
![](/screenshots/bc2b55fb-8f88-456a-9dfe-60da1efd9116.png)
Page Title
SF InternationalDetected technologies
![](/vendor/wappa/icons/RequireJS.png)
Detected patterns
- require.*\.js
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
18 Outgoing links
These are links going to different origins than the main page.
Title: การขนส่ง
Search URL Search Domain Scan URL
Title: ติดต่อสอบถาม
Search URL Search Domain Scan URL
Title: เข้าสู่ระบบ
Search URL Search Domain Scan URL
Title: ลงทะเบียน
Search URL Search Domain Scan URL
Title: 顺丰速运 SF Express
Search URL Search Domain Scan URL
Title: EN
Search URL Search Domain Scan URL
Title: 中国香港/中国澳門 HongKong China /Macau China
Search URL Search Domain Scan URL
Title: 简
Search URL Search Domain Scan URL
Title: EN
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Company License: ICP-2020077802
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.sf-international.com/th/th/ |
115 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
www.sf-international.com/resource/styles/ |
700 KB 108 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.11.3.js
www.sf-international.com/resource/scripts/old/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scp-jssdk-v1.8.js
sfimcdnupdate.sf-tech.com.cn/SCP/JSSDK/ |
183 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
intl_logo.png
www.sf-international.com/resource/images/index/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
homepage-website-banner-th.jpg
www.sf-international.com/.gallery/th/index/ |
289 KB 289 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
News-banner-web.jpg
www.sf-international.com/.gallery/th/news/ |
46 KB 46 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jwplayer.js
www.sf-international.com/resource/scripts/old/jwplayer-7.9.1/ |
235 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sfapp_international.png
www.sf-international.com/resource/images/index/ |
388 KB 202 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
officialbrand_small_h_img.jpg
webcert.cnmstl.net/images/cert/code/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
security_site_1.png
www.sf-international.com/.gallery/other/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
security_site_2.png
www.sf-international.com/.gallery/other/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
govIcon.gif
szcert.ebs.org.cn/Images/ |
9 KB 10 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr.js
www.sf-international.com/resource/scripts/vendor/ |
50 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
configs.js
www.sf-international.com/resource/scripts/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
require.js
www.sf-international.com/resource/scripts/vendor/ |
86 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
frame.js
www.sf-international.com/resource/scripts/ |
314 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
www.sf-international.com/resource/scripts/ |
4 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
header-phoneicon.png
www.sf-international.com/resource/images/index/ |
12 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
warning_prompt_icon1.png
www.sf-international.com/resource/images/index/ |
5 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pb-wrapper-line.png
www.sf-international.com/resource/images/index/ |
928 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smallBanner-icon.png
www.sf-international.com/resource/images/index/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
smallHeader-searchIcon.png
www.sf-international.com/resource/images/index/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
to-top-red.png
www.sf-international.com/resource/images/index/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
label-top-r-kr.png
www.sf-international.com/resource/images/index/ |
463 KB 133 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
th-sf.png
www.sf-international.com/resource/images/index/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i18n_universal.json
www.sf-international.com/resource/i18n/ |
66 KB 66 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: SF Express (Transportation)79 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| _cmsConfig function| $ function| jQuery object| __core-js_shared__ object| core object| regeneratorRuntime function| JsBarcode function| SCPJSSDK string| filename string| href function| changeJwplayerRoute function| webpackJsonpjwplayer function| jwplayer object| _ejsLabel object| html5 object| Modernizr object| _webConfig function| requirejs function| require function| define function| _ object| Backbone function| Swiper object| jQuery19107519670600682302 function| Gather object| common object| otherDynamic object| gis object| login object| userCenter object| order object| waybill object| addressBook object| region object| accept object| invoiceVN object| cloudPrint object| complain object| onlineService object| QRMode object| QRErrorCorrectLevel object| QRMaskPattern object| QRUtil object| QRMath function| QR8bitByte function| QRCode function| QRPolynomial function| QRRSBlock function| QRBitBuffer function| loadModule object| TiffTag function| Tiff object| ParsleyConfig function| log object| SfGather object| urlConfigs object| layer object| _ibuCountry function| P function| html2canvas object| cookieType object| _hmt object| Const function| moment object| ParsleyUI object| ParsleyExtend function| psly function| Parsley object| ParsleyUtils object| ParsleyValidator object| sfgather object| sfAjax function| _l function| jumpOrder string| ORDER_SYMBOLS object| cache function| _p object| Helper object| JST0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
sfimcdnupdate.sf-tech.com.cn
szcert.ebs.org.cn
webcert.cnmstl.net
www.sf-international.com
101.33.21.32
123.56.12.94
211.152.148.72
36.27.223.47
006ac205426fd7b3e79f3d6d414889d52f87daa2731a8264469984850714c18d
084d4baaf25e531fc8557d00019f984a937dfbba30afe8b7ff8fe6c418c26f0f
0ae65cfe3650ce6ea65dcfa47b2b95642485b2afe667e863ea4de832ea7196ad
0ccebd96ae2d393c6ebcf8baaf249076736e57742d0d272ad4b4c654afed1992
17f95b065648d48c21d4bdafe2f76d0832294a5ae21f39477f283b06a61e3276
22098889a3d150df9706ff90386764f183274d40903f5eee2ec97fef24e2c5b4
246b5b36e0b8ecd53041f1129de0aea5c10065d5bbcf7d8427f468b555bf7065
291d8ceff871e6408034083c3dcee07c5fb153b8d19b5b9097f57f97ecb07457
34c3501386e849c21bfd981f8b7e0973090fe3341f364f2798b9560bd180b36c
3611a84781e70db572fa5f1562a314fb3d0dc5c5217ecb2008d32a8a9c69c488
3b10f832c4dc813c90a0ebd33aaf593a096fb9e0b30d023999dd684d489166cb
3e53f5da010112b52d915774bab7b44fc3bf77d1f3c64fd212d9de0c2998e366
4fdc23fac07329a5d13f0fc899170a61808e079ae7cf70571df54325cb61648a
510013be4182fc19e066418198d3a0239677fc09f997c85d33857e42a6e174e7
515a29a2fa44c94bada73335163d9a558d92eb99666d02c78334e2954efce976
60ffbdf73741c4f186b2d15707701d9809527288bc94bee8e34d5889c5139835
6879f6200421154baabd4682320d1a1ff600830520ff73697f61c1c8759a6a3f
75fab0d1416ba599a70fae571a4dd33f2f81b99fc84269c99b8710049ffe6caf
817e3216e36e573289a222357a51165312d1ba5e7a5d0f98e63bb3821da849ce
860f26094b85dc2800a83664ba73fe32a286f2adc224ff9e88ada51b63f8f06b
9b45db7c406797d773c59e2e0df1bf0bff722643bad169839fb730cf131caa8f
a7a1e0f6508e3dcfa85855fb8787916259e1d3fbd60f95b59aa4282c132efb80
b0bd13cbc87a3ad2d40b398a0702350aa5d2937c38e58649db0dbb35fd2357df
e6fed7b32526f337c99fc7eb7e4674acfdcded92c6f80bb92ba33581036c0b97
ec3c1154d95327d79118d2ea0320ead3e3ab4e29431c21c34012a1f896c36dc4
f42368ca2b4c73e934f7d417ea218d3d816f3410ccce6f7487b48d71248ba999
fdf07543929392ef396c8bef289833271b85654992b8947282f60d0c33891df0