sfexpress.s-walet.pro Open in urlscan Pro
2a06:98c1:3120::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://xn--genlink-wxa.com/HiC
Effective URL:
https://sfexpress.s-walet.pro/179243121?refer=3
Submission: On June 02 via manual (June 2nd 2024, 6:56:18 am UTC) from HK — Scanned from DE

Summary HTTP 27 Redirects Links 96 Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 27 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is sfexpress.s-walet.pro.
TLS certificate: Issued by E1 on May 25th 2024. Valid for: 3 months.

This is the only time sfexpress.s-walet.pro was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: SF Express (Transportation)

Domain & IP information

	IP Address	AS Autonomous System
1 1	213.238.191.23 213.238.191.23	210388 (HAYALHOST) (HAYALHOST)
17	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.232.196.193 199.232.196.193	54113 (FASTLY) (FASTLY)
1	58.250.0.54 58.250.0.54	17623 (CNCGROUP-...) (CNCGROUP-SZ China Unicom Shenzen network)
1	43.152.26.58 43.152.26.58	() ()
27	5

1 213.238.191.23 (Turkey) 1 redirects

ASN210388 (HAYALHOST, TR)
PTR: static.23.191.238.213.client.hayalhost.net

xn--genlink-wxa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

sfexpress.s-walet.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.196.193 (United States)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 58.250.0.54 (China)

ASN17623 (CNCGROUP-SZ China Unicom Shenzen network, CN)

szcert.ebs.org.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 43.152.26.58 (None, )

ASN- ()

htm.sf-express.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	s-walet.pro sfexpress.s-walet.pro	210 KB
1	sf-express.com htm.sf-express.com	2 KB
1	ebs.org.cn szcert.ebs.org.cn — Cisco Umbrella Rank: 355315	16 KB
1	imgur.com i.imgur.com — Cisco Umbrella Rank: 7840	85 KB
1	xn--genlink-wxa.com 1 redirects xn--genlink-wxa.com	360 B
0	s-wallet.ai Failed s-wallet.ai Failed
27	6

	Domain	Requested by
17	sfexpress.s-walet.pro	sfexpress.s-walet.pro
1	htm.sf-express.com
1	szcert.ebs.org.cn	sfexpress.s-walet.pro
1	i.imgur.com	sfexpress.s-walet.pro
1	xn--genlink-wxa.com	1 redirects
0	s-wallet.ai Failed	sfexpress.s-walet.pro
27	6

This site contains links to these domains. Also see Links.

Domain
htm.sf-express.com
baggageservice.sf-express.com
v.sf-express.com
www.sf-tech.com.cn
www.sf-airlines.com
intl.sf-express.com
www.sfbuy.com
www.sfgy.org
www.miitbeian.gov.cn
webcert.cnmstl.net
www.sznet110.gov.cn
szcert.ebs.org.cn

Subject Issuer	Validity	Valid
s-walet.pro E1	`2024-05-25` - `2024-08-23`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-15` - `2025-02-14`	a year	crt.sh
*.ebs.org.cn Xcc Trust OV SSL CA	`2023-08-14` - `2024-08-13`	a year	crt.sh
*.sf-express.com DigiCert CN RSA CA G1	`2023-09-27` - `2024-10-27`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://sfexpress.s-walet.pro/179243121?refer=3
Frame ID: 1BA410B98465D7BF2A5729A2BF08776A
Requests: 20 HTTP requests in this frame

Frame: https://sfexpress.s-walet.pro/supportChatFrame/179243121
Frame ID: CACE48C022B95C3517DC668C1543B4C8
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Track & Trace

Page URL History Show full URLs

https://xn--genlink-wxa.com/HiC HTTP 301
https://sfexpress.s-walet.pro/179243121?refer=3 Page URL

Page Statistics

27
Requests

74 %
HTTPS

20 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

312 kB
Transfer

1102 kB
Size

3
Cookies

96 Outgoing links

These are links going to different origins than the main page.

URL: https://htm.sf-express.com/hk/en/index.html

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Hong_Kong_Domestic/Standard_Express/
Title: SF Speedy Express

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Hong_Kong_Domestic/SF_Drop_and_Pick/
Title: SF Drop & Pick

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Hong_Kong_Domestic/E-comm_Box/
Title: E-comm Box

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Hong_Kong_Domestic/SF_Locker_Mailing_Service/
Title: SF Locker Mailing Service

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Hong_Kong_Domestic/SF_Return/
Title: SF Return

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Hong_Kong_Domestic/Alcohol_Delivery/
Title: Alcohol Delivery

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Hong_Kong_Domestic/Economy_Express/
Title: Economy Express

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Hong_Kong_Domestic/Heavy_Freight_FTL/
Title: FTL Direct Delivery

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Mainland_China/Standard_Express/
Title: SF Speedy Express

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Mainland_China/Economy_Express/
Title: Economy Express

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Mainland_China/SF-eship_C2C_Personal_Postal/
Title: SF-eship

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Mainland_China/Heavy_Freight_FTL/
Title: FTL Direct Delivery

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Mainland_China/Ground_Parcel_BBX_Model/
Title: Ground Parcel (BBX Model)

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Mainland_China/E-commerce_Standard_Express/
Title: E-commerce Standard Express

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/International/Standard_Express/
Title: Standard Express

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/International/SF_Economy_Express/
Title: SF Economy Express

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/International/SF_E-Parcel/
Title: SF E-Parcel

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/International/SF_E-Commerce_Express/
Title: SF E-Commerce Express

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/Shipment_Protection_Plus_SPP/
Title: Shipment Protection Plus (SPP)

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/Cash_on_Delivery_HK/
Title: Cash on Delivery (Hong Kong and Macau)

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/Pickup_Authorization/
Title: Pickup Authorization

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/Change_Payment_Mode/
Title: Change Payment Mode

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/Address_Correction/
Title: Address Correction

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/Return_Proof_of_Delivery/
Title: Return Proof of Delivery

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/Special_Warehousing/
Title: Special Warehousing

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/Hong_Kong_Import_and_Export_Declaration/
Title: Hong Kong Import and Export Declaration

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/SF_Packing_Materials/
Title: SF Packing Materials

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/SF_Cold_Chain_Insulated_Materials/
Title: SF Cold Chain Insulated Materials

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/SF_Retention_Service/
Title: SF Retention Service

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Value_added_Services/Secret_Key_Authentication_Service/
Title: Secret Key Authentication Service

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Surcharges/Resource_Allocation_Fee/
Title: Resource Allocation Fee

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Surcharges/Fuel_Surcharge/
Title: Fuel Surcharge

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Express_Services/Surcharges/Remote_Surcharge/
Title: Remote Surcharge

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Warehousing_and_Distribution_Services/Warehousing_and_Distribution_Services/Standard_Warehouse_Distribution_Center/
Title: Standard Warehouse Distribution Center

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Warehousing_and_Distribution_Services/Warehousing_and_Distribution_Services/Warehouse_Management/
Title: Warehouse Management

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Warehousing_and_Distribution_Services/Warehousing_and_Distribution_Services/Powerful_Distribution_Support/
Title: Distribution Support

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Cold_Chain_Services/Cold_Chain_Delivery_Services/Temperature_Controlled_Delivery/
Title: Temperature Controlled Delivery

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/Cold_Chain_Services/Cold_Chain_Delivery_Services/Temperature_Controlled_Delivery_Alcohol/
Title: Temperature Controlled Delivery (Alcohol)

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/download/Packaging-Guidelines-for-Cold-Chain-Shipments_EN.pdf
Title: Packaging Principles for Cold Chain Shipments

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/sf-buy/sf-buy/Mainland-HK/index.html
Title: Mainland China to Hong Kong China/Macau China

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/products_services/sf-buy/sf-buy/USA-HK/index.html
Title: USA to Hong Kong China/Macau China

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/order/Order_Now/
Title: Shipping

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/price/
Title: Rates & Transit Time

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/range/
Title: Service Coverage

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/store/
Title: Service Point

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/cooperative_consulting/index.html
Title: Cooperation Inquiry

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/other_services/intelligent_cabinet/marketing_services/
Title: About SF Locker

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/other_services/intelligent_cabinet/grid_sizes/
Title: Grid Sizes

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/other_services/intelligent_cabinet/user_guide/
Title: User Guide

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/other_services/airportdeliveryservice/airportcourierservice/
Title: Airport Courier Service

Search URL Search Domain Scan URL

URL: https://baggageservice.sf-express.com/aabaggage/en
Title: Airport Baggage Check-in and Delivery Service

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/other_services/premiumlogisticssolution/e-grow/
Title: One-stop e-Commerce Logistics Solution E-Grow

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/other_services/premiumlogisticssolution/gift-redemption/
Title: Gift Redemption Service

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/other_services/Exhibition_Logistics_Services/Exhibitor_Exclusive_Offer_for_Move_In_and_Out_and_Replenishment-/
Title: Exhibitor Exclusive Offer for Move In & Out and Replenishment

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/other_services/Exhibition_Logistics_Services/Exclusive_Delivery_Offers_for_Visitors/
Title: Exclusive Delivery Offers for Visitors

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/order/quick/#normalCargo
Title: Shipping

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/waybill/
Title: Track & Trace

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/accept/
Title: Pickup/Delivery Standards

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/more/exchange/
Title: Currency Exchange Rates

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/order/airport_express/
Title: Airport Express Service

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/clearance/clearance_pictureUpload/
Title: Customs Clearance Service

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/Customer_Zone/Scheme/
Title: Customer Area

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/more/packaging_principles/
Title: Packaging Principles

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/more/Types_of_Vulnerable_Fragile_Valuable_Item/
Title: Types of Vulnerable, Fragile and Valuable Item

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/more/CcrnSearch/
Title: Customs Cargo Reference Number

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/send_introduced/Weight-and-Size-Restrictions/
Title: Weight and Size Restrictions

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/formdownload/
Title: Useful Forms

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/S.F.Network/SF_business_station_address/
Title: SF Business Station Locations

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/S.F.Network/SF_store_address/
Title: SF Store Locations

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/S.F.Network/SF_service_partner_address/
Title: SF Service Partner Locations

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/S.F.Network/SF_Locker/
Title: SF Locker Locations

Search URL Search Domain Scan URL

URL: https://v.sf-express.com/web/portal/
Title: Business Clients

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/about_us/
Title: About Us

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/about_us/about_sf/company_introduction/
Title: About SF

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/news/
Title: Announcement

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/information/
Title: News Information

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/talent_recruitment/
Title: Careers

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/contact_us/
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/we/ow/#/hkmo/en/cooperative-consultation
Title: Cooperation Inquiry

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/promotions/
Title: Promotions and Events

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/order/quick/
Title: Shipping

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/dynamic_function/sf_care/
Title: Service & Support

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/opencms/system/modules/com.sf.portal/elements/hk/footerNavigation/footer_help_center.jsp

Search URL Search Domain Scan URL

URL: http://www.sf-tech.com.cn/
Title: SF TECH

Search URL Search Domain Scan URL

URL: http://www.sf-airlines.com/sfa/zh/index.html
Title: SF AIRLINES

Search URL Search Domain Scan URL

URL: http://intl.sf-express.com/
Title: SF INTERNATIONAL

Search URL Search Domain Scan URL

URL: http://www.sfbuy.com/index
Title: SFBuy

Search URL Search Domain Scan URL

URL: http://www.sfgy.org/
Title: SF Foundation

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/use_clause/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://htm.sf-express.com/hk/en/Privacy_Policy/index.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.miitbeian.gov.cn/
Title: 粤 ICP 备08034243号

Search URL Search Domain Scan URL

URL: http://webcert.cnmstl.net/cert/code?sn=c6cc6af3fac440c28901c15a104582fe

Search URL Search Domain Scan URL

URL: http://www.sznet110.gov.cn/webrecord/innernet/Welcome.jsp?bano=4403101900826

Search URL Search Domain Scan URL

URL: http://www.sznet110.gov.cn/index.jsp

Search URL Search Domain Scan URL

URL: https://szcert.ebs.org.cn/B943BEFD-EF5E-4747-AD73-B875A1FC5CC7

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://xn--genlink-wxa.com/HiC HTTP 301
https://sfexpress.s-walet.pro/179243121?refer=3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://sfexpress.s-walet.pro/assets/images/index/header-phoneicon.png HTTP 302
https://s-wallet.ai/

Request Chain 15

https://sfexpress.s-walet.pro/assets/images/index/order-button-background.png HTTP 302
https://s-wallet.ai/

Request Chain 16

https://sfexpress.s-walet.pro/assets/images/index/order-button-arrow.png HTTP 302
https://s-wallet.ai/

Request Chain 17

https://sfexpress.s-walet.pro/assets/images/index/whatsapp-gray.png HTTP 302
https://s-wallet.ai/

Request Chain 18

https://sfexpress.s-walet.pro/assets/images/index/label-top-r-btn.png HTTP 302
https://s-wallet.ai/

Request Chain 20

https://sfexpress.s-walet.pro/assets/fonts/sf-express-icon.woff?hash=1478076975980 HTTP 302
https://s-wallet.ai/

Request Chain 22

https://sfexpress.s-walet.pro/assets/fonts/sf-express-icon.ttf?hash=1478076975980 HTTP 302
https://s-wallet.ai/

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request 179243121 Show response
sfexpress.s-walet.pro/
Redirect Chain

https://xn--genlink-wxa.com/HiC
https://sfexpress.s-walet.pro/179243121?refer=3

66 KB
9 KB

237ms
207ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sfexpress.s-walet.pro/179243121?refer=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: bdddc3f5d8ed302fc009b1f244cf1d1131043dcc75a947b54b7a51281e9ca5c1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88d58ad62fab71b3-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 02 Jun 2024 06:56:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XmDFXIikgISHXWpUWWdEqtzQTy%2FZO4uwvRjI35Vb6AzoQAby3iRyPkr9hNCtpqBO%2FPF%2Bb4IDu3AyPoG7p8ofE%2BX08QXCxuCXSy9vi8fCDhpjgHpBQ%2B10HKovHz086CSrg4lX%2Bs5CvYW3z%2FmUYkuPzFyvniY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Sun, 02 Jun 2024 06:56:13 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://sfexpress.s-walet.pro/179243121?refer=3
pragma: no-cache
server: nginx
x-cache-status: MISS
x-powered-by: PHP/7.4.33 PleskLin

GET
H3 200 main.css
sfexpress.s-walet.pro/assets/sfexpress/ 735 KB
111 KB 60ms
59ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sfexpress.s-walet.pro/assets/sfexpress/main.css
Requested by: Host: sfexpress.s-walet.pro
URL: https://sfexpress.s-walet.pro/179243121?refer=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0065f72f9d0f2421a4c54c9f411e645c2fb8e6d66d279df5d4c72975a2bf24be

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sfexpress.s-walet.pro/179243121?refer=3
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 06:56:14 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Feb 2024 10:03:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"b7cd6-18dc0d1e4ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1gGTo5REsGnaYw87nwOqww3oS5Fk8N1FYSgiEE1550eg9N%2FVR5kpIUlsFrBnVQNbtgfUf0urAmUwLWYSz8Mq6%2BD9TAE8q2zQBb4qzKiqHQdhtadioHtMU6Wi3Nuuvpb3aULCybOWFkLOJwEYEUc5U0rL8As%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 88d58ad7892771b3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 support_parent.css
sfexpress.s-walet.pro/css/ 4 KB
1 KB 41ms
40ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sfexpress.s-walet.pro/css/support_parent.css
Requested by: Host: sfexpress.s-walet.pro
URL: https://sfexpress.s-walet.pro/179243121?refer=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0d9e97528d972063f9f9a22accaf21284ea8216008bddea7ab16428e098d47b2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sfexpress.s-walet.pro/179243121?refer=3
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 06:56:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 04 Mar 2024 00:56:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"104f-18e06f620a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RgHRxPWRalbfZwRGCIwtNk3KhP3iBXh7tXuDyvlAII%2FWiqK7xRU84GIELi5Y%2Bs%2BRSd9XCuSqAZrFpSkBljZcRtfmwxwTY%2FHfZ5F%2BXk7XLSKg%2FbjuBF%2FI6KpBCaUtkUUIlaq7O5SCg%2Fe5Np2g4nTIczlZvqo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 88d58ad7892971b3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 logotc.png
sfexpress.s-walet.pro/assets/sfexpress/ 4 KB
5 KB 43ms
42ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sfexpress.s-walet.pro/assets/sfexpress/logotc.png
Requested by: Host: sfexpress.s-walet.pro
URL: https://sfexpress.s-walet.pro/179243121?refer=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 246fac7dcc264259f436808fc3321842a95c91b3f32ed7a5882f9a817b82858a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sfexpress.s-walet.pro/179243121?refer=3
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 06:56:14 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Feb 2024 10:03:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"11a0-18dc0d1e722"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MxFA9glxKdaVfwDz2bJZM3y5%2F6hOMVk%2BTXR76IFWYoqc25FFi%2BZ3NNy8J6Tgoq%2BdfWgNhScLozGYea5ruse3TMrnoaEx2qGZ4HNgayxuxD0D%2Bu0JC8ovcne4JQP0lwMxIRjK%2Ba8Z9YSBU1WusW%2BPoE3ssok%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88d58ad7892b71b3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 4512

GET
H3 200 179243121 Show response
sfexpress.s-walet.pro/supportChatFrame/ Frame CACE 23 KB
7 KB 65ms
64ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sfexpress.s-walet.pro/supportChatFrame/179243121
Requested by: Host: sfexpress.s-walet.pro
URL: https://sfexpress.s-walet.pro/179243121?refer=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: de9120a1c026b6af5948fa461ec3fe82ce238670bd9cbaecfd65fc4326b4151d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://sfexpress.s-walet.pro/179243121?refer=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88d58ad7a95871b3-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 02 Jun 2024 06:56:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cH7XNYgUCThB84M0etldjLe9MtB6ZkOa0QukLtwvtBwvSj8KhVuQq4w9VfKhFmDrLqosEgzj6ZqogBhiqHvgh2p6woI7Vk%2FSStTmi4A447I7gB5NNvt31vY5qTm7%2FfCORg4wQWFvZDxa9hrzou%2Fk2bFWryo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express

GET
H2 200 gASXxES.jpeg
i.imgur.com/ 84 KB
85 KB 176ms
153ms Image
image/jpeg 199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/gASXxES.jpeg

Requested by

Host: sfexpress.s-walet.pro
URL: https://sfexpress.s-walet.pro/179243121?refer=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

3c0d4d9254e4d025fc4ad2838fff6cd896b5c93a1a601c46afa097e1821d779d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sfexpress.s-walet.pro/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 06:56:14 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 0
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, MISS, MISS
content-length: 86196
x-served-by: cache-iad-kcgs7200111-IAD, cache-fra-eddf8230062-FRA
last-modified: Sun, 02 Jun 2024 06:45:18 GMT
server: cat factory 1.0
x-timer: S1717311374.046240,VS0,VE147
etag: "45a9e6a321278bdaf2c3c6e21822a157"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: uOTMQCjTk_-s9kbUdanz4PInLNsXgG6uTK_AFqq9fja675L2Yb9ifQ==
x-cache-hits: 0, 0

GET
H3 200 order-button-icon.gif
sfexpress.s-walet.pro/assets/sfexpress/ 895 B
1 KB 60ms
58ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sfexpress.s-walet.pro/assets/sfexpress/order-button-icon.gif
Requested by: Host: sfexpress.s-walet.pro
URL: https://sfexpress.s-walet.pro/179243121?refer=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 73d4e2bc1d520806978d442cc192c7856b88449cd109d1a6551a18879bb81e19

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sfexpress.s-walet.pro/179243121?refer=3
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 06:56:14 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Feb 2024 10:03:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"37f-18dc0d1e829"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5a7Jt7aSosWnJpO2SevHGArIH3GgfKQm0gCFcLdzlJbWX6JGwFWT8GUrrlPliqT68fX6UvHC8k5tNtexiNaQaryppI30KCiYvVCFn4lZbdyT60651%2FK%2B4Up9suvz1IJ%2BEblEgZDEbls96CXbk3a0Q5mwuFY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88d58ad7a95571b3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 895

GET
H3 200 hk_suyuntong.jpg
sfexpress.s-walet.pro/assets/sfexpress/ 38 KB
39 KB 62ms
61ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sfexpress.s-walet.pro/assets/sfexpress/hk_suyuntong.jpg
Requested by: Host: sfexpress.s-walet.pro
URL: https://sfexpress.s-walet.pro/179243121?refer=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: be0f09e385ed5b8745751b3fefe56db002a55118ab5fd80111c89255aa485f5d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sfexpress.s-walet.pro/179243121?refer=3
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 06:56:14 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Feb 2024 10:03:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"981b-18dc0d1e8b5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tl0b3l1ptqtZOkA%2F%2Bgy2PfjtU%2BoFxAhcuHM8eNejXMC1YJ1pFSEHpdoaCCt29%2BdmMQLmF5biXAZvW59QEWt%2BhDxihQY3DsRbmfjQKKM%2BcA2AlTsqxUb8MlEi4egUYos2D5Ffw1T91nF8T0jIM%2BheZ9xFDoA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88d58ad7a95671b3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 38939

GET
H3 200 officialbrand_small_h_img.jpg
sfexpress.s-walet.pro/assets/sfexpress/ 3 KB
3 KB 66ms
65ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sfexpress.s-walet.pro/assets/sfexpress/officialbrand_small_h_img.jpg
Requested by: Host: sfexpress.s-walet.pro
URL: https://sfexpress.s-walet.pro/179243121?refer=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 75fab0d1416ba599a70fae571a4dd33f2f81b99fc84269c99b8710049ffe6caf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sfexpress.s-walet.pro/179243121?refer=3
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 06:56:14 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Feb 2024 10:03:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"a3c-18dc0d1eb14"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ki%2B1SoWA4DqKUsb0HqwW0BofVXuYfSgYgV36nhP9KLI5aAw6iUFJG2YSWQokm89ujx1eoHWMYy9Ld6PzKEVFiD%2BgFRUnxpWW84luqLrxjZ%2FZIHu1mLc6lmoy%2F3p9Y6QPBwgVnseOjH26oVMNfHPASBz5yU0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88d58ad7a95971b3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2620

GET
H3 200 security_site_1.png
sfexpress.s-walet.pro/assets/sfexpress/ 3 KB
4 KB 67ms
66ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sfexpress.s-walet.pro/assets/sfexpress/security_site_1.png
Requested by: Host: sfexpress.s-walet.pro
URL: https://sfexpress.s-walet.pro/179243121?refer=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ec3c1154d95327d79118d2ea0320ead3e3ab4e29431c21c34012a1f896c36dc4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sfexpress.s-walet.pro/179243121?refer=3
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 06:56:14 GMT
cf-cache-status: MISS
last-modified: Mon, 19 Feb 2024 10:03:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"cc6-18dc0d1eba0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O%2FP3y%2Bv2bera6E3j3qZ93pMeTHfQQkztQ8vcXVQxCGkzGU5AiBRnMT7XPoF9ni%2Fa41ChTclIUvYY0L1gW32jTw5s55QmyceDkNgnOBWxx2AjIicYh8R2pNA6vAHJqJ84XfMMpGvwpAE6rtg2MN1MDDKt5Ok%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88d58ad7a95a71b3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3270

GET
H3 200 security_site_2.png
sfexpress.s-walet.pro/assets/sfexpress/ 3 KB
3 KB 68ms
67ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sfexpress.s-walet.pro/assets/sfexpress/security_site_2.png
Requested by: Host: sfexpress.s-walet.pro
URL: https://sfexpress.s-walet.pro/179243121?refer=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 006ac205426fd7b3e79f3d6d414889d52f87daa2731a8264469984850714c18d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sfexpress.s-walet.pro/179243121?refer=3
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 06:56:14 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 19 Feb 2024 10:03:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"a93-18dc0d1ec29"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DwUO3pA0oA6iseHGX0seDj8tS08mYqRk1YtNpMXqYRsEhAl1AvhjI4Sfix%2Fm%2FxZ6%2BTSH7MqCGoPPPLDdFN6NGPf%2F0CC3jDE%2BBThfbau%2BtDSHGJS3dWUgxAyvGDASO8M3K4GIdc3O8lwgjDzWDnzHHRJJm3s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 88d58ad7a95c71b3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2707

GET
H/1.1 200
OK govIcon.gif
szcert.ebs.org.cn/Images/ 15 KB
16 KB 3652ms
2262ms Image
image/gif 58.250.0.54
CNCGROUP-SZ China...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://szcert.ebs.org.cn/Images/govIcon.gif
Requested by: Host: sfexpress.s-walet.pro
URL: https://sfexpress.s-walet.pro/179243121?refer=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 58.250.0.54 , China, ASN17623 (CNCGROUP-SZ China Unicom Shenzen network, CN),
Reverse DNS
Software: /
Resource Hash: 74f553ec7aa4457024310378fd3eac8573d86f767579ad371bbf64d32ed96df8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sfexpress.s-walet.pro/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 02 Jun 2024 06:56:16 GMT
Last-Modified: Fri, 01 Mar 2024 07:13:31 GMT
ETag: "805f16f7a76bda1:0"
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: content-type,api_key,Authorization
Content-Length: 15504

GET
H3 200 support_chat.css
sfexpress.s-walet.pro/css/ Frame CACE 101 KB
17 KB 69ms
68ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sfexpress.s-walet.pro/css/support_chat.css
Requested by: Host: sfexpress.s-walet.pro
URL: https://sfexpress.s-walet.pro/supportChatFrame/179243121
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d40c636c6f5df8e97ce5d56c336a9c1379bfa2b963053386d670b6865be2913f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sfexpress.s-walet.pro/supportChatFrame/179243121
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 06:56:14 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 26 Jul 2021 10:21:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"195ce-17ae2556772"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8kz26o5ZWzJuHRGjIFd3fy8xNUrPCIzAKt%2FEkzt1L1A6CU0mM5okefca4XDR4xx7MFWT6FTIcwGzqdtXdvMXqw2UxVJu3RDf6NCHWlSs%2F6ceqvRrVSBoZ%2F89ODUOzsGv%2FeBXdNIeDovRA5JTtDTetZiw620%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 88d58ad829fb71b3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 axios.min.js Show response
sfexpress.s-walet.pro/js/ Frame CACE 14 KB
5 KB 42ms
41ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sfexpress.s-walet.pro/js/axios.min.js
Requested by: Host: sfexpress.s-walet.pro
URL: https://sfexpress.s-walet.pro/supportChatFrame/179243121
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: ea52c2604519304144d7267cf90f912ee6b092b2c5505576948568fe653dcac0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sfexpress.s-walet.pro/supportChatFrame/179243121
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 06:56:14 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 26 Jul 2021 10:21:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"3815-17ae255677d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0H4V7QhopiAWfcQAKmHcqQhBhQM44HOmOfblj96Jlo3zHfAwZunAzYf15Y%2FZuNwG2odtE6ZxpTddW3ZwTa%2BndJDlPsliEbobh9xZT6bX5kl223BjZ5VPUlygbjlGOj6M1YJR6N9Vcj1YvIYiKaAQNZrZkvs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 88d58ad829fe71b3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 support.js Show response
sfexpress.s-walet.pro/js/ Frame CACE 5 KB
2 KB 48ms
47ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sfexpress.s-walet.pro/js/support.js
Requested by: Host: sfexpress.s-walet.pro
URL: https://sfexpress.s-walet.pro/supportChatFrame/179243121
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2ca32d461e4105aa8337ce1559b9f399527acb7be62124bae03a0106dc2d9a4b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sfexpress.s-walet.pro/supportChatFrame/179243121
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 06:56:14 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 13 Mar 2024 02:25:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"12d5-18e35a096e2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YxMEBrUQ4idWRgpUKz8hg%2BvX%2BYQZXBxY4lgv5FJE%2FjG4RA4J%2FHyGDBmqKr%2BJ0S18ycrPktUwsvMPyBKIZatKUi85LgIKR0DBOIIW2tQsOxGYwfpkVrkarz%2F9H6qpsFk9e17UnbzFGl3GMazMTvMAu7K%2F7P0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 88d58ad88a4d71b3-FRA
alt-svc: h3=":443"; ma=86400

GET

/
s-wallet.ai/
Redirect Chain

https://sfexpress.s-walet.pro/assets/images/index/header-phoneicon.png
https://s-wallet.ai/

0
0

GET

/
s-wallet.ai/
Redirect Chain

https://sfexpress.s-walet.pro/assets/images/index/order-button-background.png
https://s-wallet.ai/

0
0

GET

/
s-wallet.ai/
Redirect Chain

https://sfexpress.s-walet.pro/assets/images/index/order-button-arrow.png
https://s-wallet.ai/

0
0

GET

/
s-wallet.ai/
Redirect Chain

https://sfexpress.s-walet.pro/assets/images/index/whatsapp-gray.png
https://s-wallet.ai/

0
0

GET

/
s-wallet.ai/
Redirect Chain

https://sfexpress.s-walet.pro/assets/images/index/label-top-r-btn.png
https://s-wallet.ai/

0
0

GET
H3 200 supportIcon.svg
sfexpress.s-walet.pro/img/ 1 KB
1 KB 41ms
41ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sfexpress.s-walet.pro/img/supportIcon.svg
Requested by: Host: sfexpress.s-walet.pro
URL: https://sfexpress.s-walet.pro/css/support_parent.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d35e73edc030e667b728e2e626c782ec2b4d3b0a3044730c02b9a25dbf46be59

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sfexpress.s-walet.pro/css/support_parent.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 06:56:14 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 26 Jul 2021 10:21:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"4d3-17ae255677b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oP6gZmC%2Bb74Tod0rDuQp314A3pnOx5oxCr6nThArH6yhodB0RSEQh9GVR%2B5qtxjhGHdlrZIUKzhTymz9UjsrdEqBwovPNjxuvnHlukfT5e8d4EM8nqsBctH5F3OygWWKTZMOQUn8KnRFyrgBV9sV9OSzu8I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 88d58ad86a2d71b3-FRA
alt-svc: h3=":443"; ma=86400

GET

/
s-wallet.ai/
Redirect Chain

https://sfexpress.s-walet.pro/assets/fonts/sf-express-icon.woff?hash=1478076975980
https://s-wallet.ai/

0
0

POST
H3 200 getMessages Show response
sfexpress.s-walet.pro/api/support/ Frame CACE 15 B
493 B 36ms
36ms XHR
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sfexpress.s-walet.pro/api/support/getMessages
Requested by: Host: sfexpress.s-walet.pro
URL: https://sfexpress.s-walet.pro/js/axios.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://sfexpress.s-walet.pro/supportChatFrame/179243121
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 06:56:14 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"f-FAzzTdccAfl0E2Lu/wbvI/6Anvk"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=drTBjl%2FKJer7m%2BvXM5BM1UIL4AIn%2BEZr0CTn2p7o3%2FW6OOPrmibmXKUsrpvCIPEjMgMrl4HE6tyxdMzY6V5QgfUevGzQQUJysXs76Y1qxwYxQw%2FrNcNkhyd%2FikMJpOzZ%2BuQAAacuVOANdWQO6YdosDsQ0NM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 88d58ad8da9471b3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15

GET

/
s-wallet.ai/
Redirect Chain

https://sfexpress.s-walet.pro/assets/fonts/sf-express-icon.ttf?hash=1478076975980
https://s-wallet.ai/

0
0

POST
H3 200 getMessages Show response
sfexpress.s-walet.pro/api/support/ Frame CACE 15 B
487 B 35ms
35ms XHR
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sfexpress.s-walet.pro/api/support/getMessages
Requested by: Host: sfexpress.s-walet.pro
URL: https://sfexpress.s-walet.pro/js/axios.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://sfexpress.s-walet.pro/supportChatFrame/179243121
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 06:56:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"f-FAzzTdccAfl0E2Lu/wbvI/6Anvk"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5EAE8qY%2BvkfOciq0JTbeB1BOWzK75WoctuyZzY1ob%2BO0avoC8lT5XxEuEKE4LO1w9DMdUl6h%2BLtGZ96pWmalkUlzcj0KGf5J9ZZF9Lv2srtoEY4mloYAoDXGjOCWiSDlze4O2YrQLql4iER9yDT3VZkUOW4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 88d58ae27c0171b3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15

POST
H3 200 getMessages Show response
sfexpress.s-walet.pro/api/support/ Frame CACE 15 B
495 B 34ms
33ms XHR
application/json 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sfexpress.s-walet.pro/api/support/getMessages
Requested by: Host: sfexpress.s-walet.pro
URL: https://sfexpress.s-walet.pro/js/axios.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://sfexpress.s-walet.pro/supportChatFrame/179243121
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 02 Jun 2024 06:56:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"f-FAzzTdccAfl0E2Lu/wbvI/6Anvk"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F3aC1yEHx9f3mbi%2BHvNcpjzwWPqXfDB8Y%2FJC6JnIsLgZ1tREYSrLP%2BJhKqzc97VqQChDJlo0Z8fjY6Z0pB%2FVG0HwgYn0uAGWhWSsZa1bJ%2Ff9fgky%2BV%2FjdQohj%2Fjfvl3d0JVZAgRKvIV4ggB9b0tAb9wVGFw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
cf-ray: 88d58aec1e6171b3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15

GET
H2 200 favicon.ico
htm.sf-express.com/.gallery/ 1 KB
2 KB 845ms
17ms Other
image/x-icon 43.152.26.58

General

Check archive.org

Show headers Download Go to

Full URL: https://htm.sf-express.com/.gallery/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.58 -, , ASN (),
Reverse DNS
Software: openresty /
Resource Hash: 51227899986140fb72aed65d35e19bd3a8c8db4f8c3afa07f29451360e723e6c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://sfexpress.s-walet.pro/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 30 May 2024 04:58:27 GMT
x-cache-lookup: Cache Hit
last-modified: Thu, 30 May 2024 04:14:02 GMT
server: openresty
etag: "6657fd0a-549"
vary: Accept-Encoding, User-Agent, Accept-Encoding, User-Agent
content-type: image/x-icon
x-nws-log-uuid: 876132520799883581
accept-ranges: bytes
content-length: 1353

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s-wallet.ai
URL: https://s-wallet.ai/

Domain: s-wallet.ai
URL: https://s-wallet.ai/

Domain: s-wallet.ai
URL: https://s-wallet.ai/

Domain: s-wallet.ai
URL: https://s-wallet.ai/

Domain: s-wallet.ai
URL: https://s-wallet.ai/

Domain: s-wallet.ai
URL: https://s-wallet.ai/

Domain: s-wallet.ai
URL: https://s-wallet.ai/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SF Express (Transportation)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
xn--genlink-wxa.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: v7c0vjtus6lvvvdt6028jvb132
xn--genlink-wxa.com/	1970-01-20 21:01:52	Name: short_1668 Value: 1
sfexpress.s-walet.pro/	1969-12-31 23:59:59	Name: connect.sid Value: s%3ArkRLsc_Ia9F7JqgcoVmIvTKse-1vhz4M.E82xtPUDaCcZtd%2FAOoe%2BCTE5oqBAaUVFMEx3jTAMjJI

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://sfexpress.s-walet.pro/179243121?refer=3 Message: Mixed Content: The page at 'https://sfexpress.s-walet.pro/179243121?refer=3' was loaded over HTTPS, but requested an insecure element 'http://szcert.ebs.org.cn/Images/govIcon.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	error	URL: https://sfexpress.s-walet.pro/179243121?refer=3 Message: Access to font at 'https://s-wallet.ai/' (redirected from 'https://sfexpress.s-walet.pro/assets/fonts/sf-express-icon.woff?hash=1478076975980') from origin 'https://sfexpress.s-walet.pro' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://s-wallet.ai/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://sfexpress.s-walet.pro/179243121?refer=3 Message: Access to font at 'https://s-wallet.ai/' (redirected from 'https://sfexpress.s-walet.pro/assets/fonts/sf-express-icon.ttf?hash=1478076975980') from origin 'https://sfexpress.s-walet.pro' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://s-wallet.ai/ Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

htm.sf-express.com
i.imgur.com
s-wallet.ai
sfexpress.s-walet.pro
szcert.ebs.org.cn
xn--genlink-wxa.com
s-wallet.ai
199.232.196.193
213.238.191.23
2a06:98c1:3120::3
43.152.26.58
58.250.0.54
0065f72f9d0f2421a4c54c9f411e645c2fb8e6d66d279df5d4c72975a2bf24be
006ac205426fd7b3e79f3d6d414889d52f87daa2731a8264469984850714c18d
0d9e97528d972063f9f9a22accaf21284ea8216008bddea7ab16428e098d47b2
246fac7dcc264259f436808fc3321842a95c91b3f32ed7a5882f9a817b82858a
2ca32d461e4105aa8337ce1559b9f399527acb7be62124bae03a0106dc2d9a4b
3c0d4d9254e4d025fc4ad2838fff6cd896b5c93a1a601c46afa097e1821d779d
51227899986140fb72aed65d35e19bd3a8c8db4f8c3afa07f29451360e723e6c
5e4ce7b36ba37b78a5d5f9fd08e6b7b54ba6879d651aa46ec9e1d6fa24ebe30a
73d4e2bc1d520806978d442cc192c7856b88449cd109d1a6551a18879bb81e19
74f553ec7aa4457024310378fd3eac8573d86f767579ad371bbf64d32ed96df8
75fab0d1416ba599a70fae571a4dd33f2f81b99fc84269c99b8710049ffe6caf
bdddc3f5d8ed302fc009b1f244cf1d1131043dcc75a947b54b7a51281e9ca5c1
be0f09e385ed5b8745751b3fefe56db002a55118ab5fd80111c89255aa485f5d
d35e73edc030e667b728e2e626c782ec2b4d3b0a3044730c02b9a25dbf46be59
d40c636c6f5df8e97ce5d56c336a9c1379bfa2b963053386d670b6865be2913f
de9120a1c026b6af5948fa461ec3fe82ce238670bd9cbaecfd65fc4326b4151d
ea52c2604519304144d7267cf90f912ee6b092b2c5505576948568fe653dcac0
ec3c1154d95327d79118d2ea0320ead3e3ab4e29431c21c34012a1f896c36dc4

sfexpress.s-walet.pro Open in urlscan Pro 2a06:98c1:3120::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

27 Requests

74 %HTTPS

20 %IPv6

6 Domains

6 Subdomains

5 IPs

3 Countries

312 kBTransfer

1102 kBSize

3 Cookies

96 Outgoing links

Page URL History

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

3 Cookies

5 Console Messages

Indicators

sfexpress.s-walet.pro Open in urlscan Pro
2a06:98c1:3120::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

74 %
HTTPS

20 %
IPv6

6
Domains

6
Subdomains

5
IPs

3
Countries

312 kB
Transfer

1102 kB
Size

3
Cookies

27 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!